$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa File: 996cc3b8-0df0-4f17-97f0-d59aa845427c.roa (raw, json) Hash identifier: 0dT6WubqQR8ei4u8CegxojM7EuwEFGfiHcAHVcHbDwc= Subject key identifier: 80:CB:FB:98:44:1C:DE:3D:A6:B6:B9:1B:3F:2A:9B:7D:75:1D:5D:12 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6103CC7779A9861121B12C21CC2CDECD8D511E16 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa Signing time: Mon 26 May 2025 15:00:01 +0000 ROA not before: Mon 26 May 2025 15:00:01 +0000 ROA not after: Mon 30 Jun 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da00:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:03:cc:77:79:a9:86:11:21:b1:2c:21:cc:2c:de:cd:8d:51:1e:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 26 15:00:01 2025 GMT Not After : Jun 30 23:59:59 2025 GMT Subject: serialNumber=a184b8af03d9242d62cf5d9d0b8954a5a2bb60dc2a80ca58bfe0c77b1a32e55f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:9d:9f:a7:d0:bc:65:ab:61:05:8a:a9:da:04: 31:67:9d:e8:61:e3:5f:08:3a:43:be:2e:22:ee:40: e4:d4:3b:10:f1:4a:2a:e3:10:e3:9d:1d:2a:46:94: 5c:7e:98:57:05:85:16:67:94:0a:b3:36:4a:eb:f9: da:c2:54:bc:49:36:eb:90:74:5a:ce:16:08:de:c8: 2c:b3:5e:62:21:55:e6:bd:ea:9c:1c:5d:c1:88:45: d2:fe:8c:b2:dc:d4:68:e8:fc:dd:8d:67:aa:ff:55: 5c:41:f7:5a:0c:77:6b:29:7e:15:bb:a7:13:19:8b: 97:2c:23:9d:7d:f2:9a:e9:af:9d:45:46:91:17:93: 8f:ef:b9:77:86:ac:f0:64:d7:31:c1:e4:fc:0a:20: b2:ec:ff:21:0e:b4:e4:0d:6f:2b:ed:f2:e3:15:80: 11:58:9f:68:91:e7:2c:3d:c6:e3:20:3b:c4:ad:d5: 92:76:1e:2e:b9:ce:22:a9:57:24:60:2c:cb:c2:fa: d0:f0:76:b8:ea:b1:f4:bc:33:ec:c1:4a:7e:0f:12: 94:f4:db:b0:3f:8c:9d:83:df:d2:53:d4:6c:51:5a: 87:61:eb:f4:ae:a9:00:99:df:8b:9c:fd:9d:48:70: 79:06:51:13:0c:17:54:dc:d6:13:87:0a:49:ce:29: af:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:CB:FB:98:44:1C:DE:3D:A6:B6:B9:1B:3F:2A:9B:7D:75:1D:5D:12 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 7d:72:f3:93:99:49:0b:64:ba:3d:51:16:5f:e5:18:30:0c:18: fa:91:b6:e7:c2:98:32:80:6b:ac:6d:d5:a6:00:11:a7:27:cd: 88:09:66:13:4b:e5:72:be:49:53:11:78:2b:37:23:f4:c3:f1: cd:b9:ee:b0:9e:d0:58:16:dd:80:46:5c:5e:83:5c:ad:62:95: d8:c6:b2:a1:25:f1:06:e8:12:af:3d:bf:71:c2:61:0b:46:23: d8:d7:38:a2:f6:61:76:48:93:37:64:34:55:bc:0e:71:83:90: f7:7f:f9:b6:f2:c1:d1:3d:4c:32:9b:e7:8a:be:a0:60:7c:d6: 1c:86:78:73:6a:38:68:9b:f7:cd:c5:e6:f3:6c:00:22:e4:1e: cd:74:d5:66:18:c4:f9:a5:2a:4f:02:19:e0:15:c3:f3:68:9e: 1e:ef:53:f8:a0:02:54:06:cd:92:63:37:92:2c:89:ee:9e:83: ed:37:a2:be:31:35:f0:f5:14:24:4e:60:f8:b5:35:3b:7d:91: d9:44:fa:80:a5:fe:89:0f:c4:bb:73:25:92:54:39:c3:5c:fa: 07:06:0f:d7:47:9d:88:cd:eb:ca:e3:6c:c1:ee:2d:d1:c2:46: 37:9d:54:b5:7c:48:f9:cd:e4:34:a4:4d:c8:32:b9:37:15:c2: a1:b3:ea:79 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYQPMd3mphhEhsSwhzCzezY1RHhYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUyNjE1MDAwMVoX DTI1MDYzMDIzNTk1OVowejFJMEcGA1UEBRNAYTE4NGI4YWYwM2Q5MjQyZDYyY2Y1 ZDlkMGI4OTU0YTVhMmJiNjBkYzJhODBjYTU4YmZlMGM3N2IxYTMyZTU1ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzp2fp9C8ZathBYqp2gQxZ53oYeNf CDpDvi4i7kDk1DsQ8Uoq4xDjnR0qRpRcfphXBYUWZ5QKszZK6/nawlS8STbrkHRa zhYI3sgss15iIVXmveqcHF3BiEXS/oyy3NRo6PzdjWeq/1VcQfdaDHdrKX4Vu6cT GYuXLCOdffKa6a+dRUaRF5OP77l3hqzwZNcxweT8CiCy7P8hDrTkDW8r7fLjFYAR WJ9okecsPcbjIDvErdWSdh4uuc4iqVckYCzLwvrQ8Ha46rH0vDPswUp+DxKU9Nuw P4ydg9/SU9RsUVqHYev0rqkAmd+LnP2dSHB5BlETDBdU3NYThwpJzimv3QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIDL+5hEHN49pra5Gz8qm311HV0SMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk5NmNjM2I4LTBkZjAtNGYxNy05N2YwLWQ1OWFhODQ1NDI3Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQB9cvOTmUkLZLo9URZf 5RgwDBj6kbbnwpgygGusbdWmABGnJ82ICWYTS+VyvklTEXgrNyP0w/HNue6wntBY Ft2ARlxeg1ytYpXYxrKhJfEG6BKvPb9xwmELRiPY1zii9mF2SJM3ZDRVvA5xg5D3 f/m28sHRPUwym+eKvqBgfNYchnhzajhom/fNxebzbAAi5B7NdNVmGMT5pSpPAhng FcPzaJ4e71P4oAJUBs2SYzeSLInunoPtN6K+MTXw9RQkTmD4tTU7fZHZRPqApf6J D8S7cyWSVDnDXPoHBg/XR52IzevK42zB7i3RwkY3nVS1fEj5zeQ0pE3IMrk3FcKh s+p5 -----END CERTIFICATE-----Generated at Tue Jun 3 23:18:07 2025 by rpki-client