$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8fc7dac5-8246-401a-90b2-80ba037b852e.roa File: 8fc7dac5-8246-401a-90b2-80ba037b852e.roa (raw, json) Hash identifier: yBha7d2aLd/2O53O3599Iuq7P5mftrEOhTKUCLhYOVs= Subject key identifier: 24:90:AC:C5:66:A2:19:E5:43:90:77:55:AA:1E:61:32:C1:2C:71:A2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6C290ECA2976B18E871651A909BCF23547EEB4D6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8fc7dac5-8246-401a-90b2-80ba037b852e.roa Signing time: Fri 16 May 2025 15:40:19 +0000 ROA not before: Fri 16 May 2025 15:40:19 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1e:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:29:0e:ca:29:76:b1:8e:87:16:51:a9:09:bc:f2:35:47:ee:b4:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:40:19 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=ef1f66fa3ad95202d38bde2360592b076b0e69cc55a06f6fe8d921c526711e96, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:1d:a5:1b:af:76:bc:b8:99:46:bd:2e:c9:ae: a5:4a:9c:97:04:a4:cd:77:8c:d6:49:0e:85:44:77: d5:f1:29:ce:e9:b7:58:2c:1c:ce:42:5f:90:cb:b7: 71:1a:66:d1:2c:38:7f:6f:e3:ad:e1:e1:4a:72:af: 31:4b:c5:c0:0e:d2:ce:a0:7b:8b:b9:14:ae:41:7a: 5c:3e:4f:db:31:e6:eb:a0:a1:8d:ce:10:e2:a2:1a: 03:96:16:3d:10:15:67:b3:d0:57:4c:f4:1c:f8:03: 79:0a:d1:e6:17:20:10:7a:70:9f:e7:5d:ed:05:18: 2a:d6:b3:0e:9d:d2:c1:0b:09:1c:c8:1a:99:46:09: 9d:f3:02:44:7c:40:26:1a:53:30:8c:56:42:b6:63: 7e:ae:51:f9:9c:f3:e3:65:7e:b7:a3:70:d6:2c:82: af:03:67:92:45:cb:1d:7c:3b:fd:20:c2:20:63:cd: 31:34:3b:c3:e9:6c:ad:39:e7:37:95:d3:11:d1:7e: 38:bf:80:67:de:e6:00:b0:8b:dd:2b:69:f4:9e:dd: 56:5c:d9:f7:d5:a8:7e:1b:f2:06:89:12:36:68:20: b9:b4:39:6f:59:78:5b:e9:5b:98:69:4d:62:19:b2: ff:5a:3e:53:70:19:07:66:c4:b1:0c:a1:00:a3:0e: 38:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:90:AC:C5:66:A2:19:E5:43:90:77:55:AA:1E:61:32:C1:2C:71:A2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8fc7dac5-8246-401a-90b2-80ba037b852e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1e:800::/38 Signature Algorithm: sha256WithRSAEncryption 29:e1:63:ca:93:5f:dc:ab:c3:ee:f9:73:b6:e1:4e:c6:bc:f8: d5:49:35:bb:d7:37:66:16:66:d3:c3:b0:52:a4:d0:25:7e:1c: 76:56:3c:d8:77:c1:60:2c:8f:6e:e6:3a:07:f8:4b:24:57:f1: 89:f0:6d:50:1f:82:81:7b:92:a7:16:e9:4a:96:b9:d3:13:c0: e6:1d:80:a0:31:8b:42:69:e5:a7:57:d1:5d:df:e4:ed:2a:45: 81:ee:82:de:49:0b:e4:a0:51:54:e5:fc:9e:fd:c6:b5:4b:08: 82:e5:d5:4a:50:de:c6:ce:a8:79:bc:9b:ef:57:2f:95:b6:84: f8:4b:c8:b2:31:2b:f4:a1:cc:40:77:a5:5d:27:a6:0f:09:ab: cc:bc:49:48:b0:cf:01:8f:83:05:ab:cc:16:3f:41:ec:6f:3a: 20:91:9f:23:11:9f:e4:9c:c8:c1:69:9b:2c:c1:aa:fa:42:1f: ad:bf:fa:33:ca:17:58:66:d0:68:e7:1e:c1:9f:70:04:28:d8: 92:b2:3c:c4:9d:0e:1c:6b:8a:2e:0d:2a:23:ea:8d:96:c0:23: 1c:7b:56:be:69:99:49:3b:0f:e3:63:12:db:f2:13:8f:c1:9e: e2:cb:b9:e7:c0:4d:16:af:b8:f5:92:4f:75:cd:ef:8e:da:78: 7f:7d:52:15 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbCkOyil2sY6HFlGpCbzyNUfutNYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1NDAxOVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAZWYxZjY2ZmEzYWQ5NTIwMmQzOGJk ZTIzNjA1OTJiMDc2YjBlNjljYzU1YTA2ZjZmZThkOTIxYzUyNjcxMWU5NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzB2lG692vLiZRr0uya6lSpyXBKTN d4zWSQ6FRHfV8SnO6bdYLBzOQl+Qy7dxGmbRLDh/b+Ot4eFKcq8xS8XADtLOoHuL uRSuQXpcPk/bMebroKGNzhDiohoDlhY9EBVns9BXTPQc+AN5CtHmFyAQenCf513t BRgq1rMOndLBCwkcyBqZRgmd8wJEfEAmGlMwjFZCtmN+rlH5nPPjZX63o3DWLIKv A2eSRcsdfDv9IMIgY80xNDvD6WytOec3ldMR0X44v4Bn3uYAsIvdK2n0nt1WXNn3 1ah+G/IGiRI2aCC5tDlvWXhb6VuYaU1iGbL/Wj5TcBkHZsSxDKEAow445wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCSQrMVmohnlQ5B3VaoeYTLBLHGiMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhmYzdkYWM1LTgyNDYtNDAxYS05MGIyLTgwYmEwMzdiODUyZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaHggwDQYJKoZIhvcNAQELBQADggEBACnhY8qTX9yrw+75c7bh Tsa8+NVJNbvXN2YWZtPDsFKk0CV+HHZWPNh3wWAsj27mOgf4SyRX8YnwbVAfgoF7 kqcW6UqWudMTwOYdgKAxi0Jp5adX0V3f5O0qRYHugt5JC+SgUVTl/J79xrVLCILl 1UpQ3sbOqHm8m+9XL5W2hPhLyLIxK/ShzEB3pV0npg8Jq8y8SUiwzwGPgwWrzBY/ QexvOiCRnyMRn+ScyMFpmyzBqvpCH62/+jPKF1hm0GjnHsGfcAQo2JKyPMSdDhxr ii4NKiPqjZbAIxx7Vr5pmUk7D+NjEtvyE4/BnuLLuefATRavuPWST3XN747aeH99 UhU= -----END CERTIFICATE-----Generated at Tue Jun 3 23:38:51 2025 by rpki-client