$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/916f5499-39df-48af-bef9-4bde1ada3ef5.roa File: 916f5499-39df-48af-bef9-4bde1ada3ef5.roa (raw, json) Hash identifier: kxOyp9GjZCdaEfJfSfGqg/F5Fl0ouolx+HloR5k18QM= Subject key identifier: E0:EE:F2:97:8F:B3:4A:C9:6B:3F:9B:19:59:61:92:16:9E:19:8F:86 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5BE45986D8E0E82C34E04A3A69F3CE8AC3A33B39 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/916f5499-39df-48af-bef9-4bde1ada3ef5.roa Signing time: Sat 31 May 2025 00:00:21 +0000 ROA not before: Sat 31 May 2025 00:00:21 +0000 ROA not after: Sat 05 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:e4:59:86:d8:e0:e8:2c:34:e0:4a:3a:69:f3:ce:8a:c3:a3:3b:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 31 00:00:21 2025 GMT Not After : Jul 5 23:59:59 2025 GMT Subject: serialNumber=98f1909f3d66b372b37e9052ed59ad68db76621c980f889bf28cc63f0cc0b652, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:ef:1a:c3:e7:2e:6e:56:ac:af:52:a6:60:ab: 74:e7:a0:9c:66:a4:36:1a:20:b2:ab:60:84:04:c5: a3:71:f3:db:0f:a7:74:21:c3:4d:01:7e:0e:7b:e4: 7c:2a:e8:d9:32:ff:2f:e1:df:24:a4:72:7a:25:d7: 87:6c:75:55:91:53:8c:3a:c9:ab:06:47:87:a6:ce: b2:48:79:5a:25:4d:f3:8c:cb:67:51:e0:58:a2:28: 4c:9e:5d:4e:64:a1:30:50:ad:5f:d8:43:f8:a8:19: 01:23:10:75:99:ce:b0:0c:ec:d0:1d:85:86:e8:24: 52:6c:a7:81:de:d5:e7:00:6b:d4:bd:20:ae:0d:b9: b1:21:bf:5a:24:74:36:03:97:83:10:7e:db:27:de: 66:28:14:be:b6:19:9d:2f:3c:bd:87:48:78:30:65: e4:ba:c0:ac:66:c4:43:fb:9d:77:e1:69:b1:84:67: 05:70:87:09:86:51:20:4d:ea:64:d4:f8:ac:cc:a9: 1f:02:41:80:fd:46:1b:c0:74:19:b8:23:d7:8b:3a: c8:23:77:fb:19:a9:0a:32:70:bb:cf:f3:d0:c8:2a: c2:85:4a:6b:da:82:54:c2:84:1a:85:fd:80:cd:67: a8:f0:2d:19:b1:d2:79:a4:e5:11:a8:a5:31:7b:67: e5:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:EE:F2:97:8F:B3:4A:C9:6B:3F:9B:19:59:61:92:16:9E:19:8F:86 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/916f5499-39df-48af-bef9-4bde1ada3ef5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:8800::/40 Signature Algorithm: sha256WithRSAEncryption 5e:5c:0b:b6:d7:6b:5d:5f:53:e1:ff:50:f6:e7:45:18:98:4a: 43:e8:b1:91:5a:5b:74:84:fd:41:b6:5a:69:9f:75:fe:b1:b9: cb:7c:13:90:6a:71:81:c6:1e:8d:a9:56:88:ff:87:f5:1b:34: af:47:4a:d3:2b:fc:53:a8:34:39:45:cc:7d:62:60:c6:ff:e2: 62:c6:ca:be:ce:9b:69:05:2d:b3:a5:36:25:ca:d8:bf:51:3b: 0c:38:b8:19:8b:4f:4b:ec:be:e6:5d:96:a8:1f:fd:ab:01:da: 14:e0:9c:97:2c:35:ac:b8:9e:37:a2:ed:61:90:3e:af:a1:b5: fe:5c:51:23:08:e3:94:79:3a:42:da:81:77:7a:3d:46:a0:6d: a0:ad:cb:71:dc:f3:68:17:d4:b6:4a:57:24:a2:34:66:0c:05: aa:51:77:c3:db:96:d0:1e:f9:13:d2:be:bd:42:71:f0:7d:ca: 7a:10:fb:12:a1:f4:0c:31:59:ed:50:f4:4a:cc:70:19:fc:d2: be:6e:51:59:c1:ef:84:7e:f1:91:22:0e:65:2f:44:e8:a6:4f: 9d:1d:d7:8d:73:38:b7:2d:12:66:3a:9c:b2:75:1e:9d:97:46: 4a:1a:d1:c2:47:c5:71:d4:54:fd:1a:45:89:06:c2:22:9d:d5: 3c:4f:1c:79 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUW+RZhtjg6Cw04Eo6afPOisOjOzkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUzMTAwMDAyMVoX DTI1MDcwNTIzNTk1OVowejFJMEcGA1UEBRNAOThmMTkwOWYzZDY2YjM3MmIzN2U5 MDUyZWQ1OWFkNjhkYjc2NjIxYzk4MGY4ODliZjI4Y2M2M2YwY2MwYjY1MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6O8aw+cublasr1KmYKt056CcZqQ2 GiCyq2CEBMWjcfPbD6d0IcNNAX4Oe+R8KujZMv8v4d8kpHJ6JdeHbHVVkVOMOsmr BkeHps6ySHlaJU3zjMtnUeBYoihMnl1OZKEwUK1f2EP4qBkBIxB1mc6wDOzQHYWG 6CRSbKeB3tXnAGvUvSCuDbmxIb9aJHQ2A5eDEH7bJ95mKBS+thmdLzy9h0h4MGXk usCsZsRD+5134WmxhGcFcIcJhlEgTepk1PiszKkfAkGA/UYbwHQZuCPXizrII3f7 GakKMnC7z/PQyCrChUpr2oJUwoQahf2AzWeo8C0ZsdJ5pOURqKUxe2flSQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFODu8pePs0rJaz+bGVlhkhaeGY+GMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkxNmY1NDk5LTM5ZGYtNDhhZi1iZWY5LTRiZGUxYWRhM2VmNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoIgwDQYJKoZIhvcNAQELBQADggEBAF5cC7bXa11fU+H/UPbn RRiYSkPosZFaW3SE/UG2Wmmfdf6xuct8E5BqcYHGHo2pVoj/h/UbNK9HStMr/FOo NDlFzH1iYMb/4mLGyr7Om2kFLbOlNiXK2L9ROww4uBmLT0vsvuZdlqgf/asB2hTg nJcsNay4njei7WGQPq+htf5cUSMI45R5OkLagXd6PUagbaCty3Hc82gX1LZKVySi NGYMBapRd8PbltAe+RPSvr1CcfB9ynoQ+xKh9AwxWe1Q9ErMcBn80r5uUVnB74R+ 8ZEiDmUvROimT50d141zOLctEmY6nLJ1Hp2XRkoa0cJHxXHUVP0aRYkGwiKd1TxP HHk= -----END CERTIFICATE-----Generated at Tue Jun 3 23:20:27 2025 by rpki-client