$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9add10b6-9103-4c19-a99b-242367ce96bd.roa File: 9add10b6-9103-4c19-a99b-242367ce96bd.roa (raw, json) Hash identifier: AhEdNebER5aJxh6h4P6FWc1vdMfLuzwPRqiBgSjUdEA= Subject key identifier: 93:4A:3F:3E:75:B7:E4:F7:19:F4:DC:69:9D:97:D2:15:B9:07:05:7A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 22BEA32B2F2F2690E2ADC8000A9B6B549C06E0F6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9add10b6-9103-4c19-a99b-242367ce96bd.roa Signing time: Wed 14 May 2025 00:10:05 +0000 ROA not before: Wed 14 May 2025 00:10:05 +0000 ROA not after: Wed 18 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:4840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:be:a3:2b:2f:2f:26:90:e2:ad:c8:00:0a:9b:6b:54:9c:06:e0:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 14 00:10:05 2025 GMT Not After : Jun 18 23:59:59 2025 GMT Subject: serialNumber=c22bb12bdf68db6fb3bb6e3224b6acd33b99117ef4af8216c93cddb167693cc3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:07:65:dc:6b:70:7f:b3:d5:ea:d6:e8:75:2b: 99:78:7c:53:e1:31:a7:dc:6b:1f:41:be:d5:88:ad: 28:89:63:10:5c:07:a8:23:79:f9:66:47:a9:f7:a1: 31:38:eb:59:5f:fa:2b:ed:f9:d7:02:3d:04:67:be: 52:ac:e7:8d:08:14:5d:cd:3c:98:70:15:2c:60:0d: de:6a:f8:36:ba:f1:e6:d8:41:d1:0a:e2:09:39:55: 69:71:f5:61:40:e1:cb:db:4f:e3:3d:55:b6:09:38: e7:d2:c7:0c:ec:ac:43:b2:2f:20:f6:09:c1:f3:c9: e1:6c:e4:02:5b:df:68:5f:c3:71:b2:0e:3f:94:f4: 32:d5:58:aa:48:5a:c7:94:92:fe:fb:00:fa:d5:fe: 2e:02:c7:da:a2:14:83:f6:62:b6:82:b5:bc:98:89: f2:e4:2b:d0:8e:bb:3c:dd:e5:f1:9a:15:9d:8c:af: 93:73:8f:b4:a3:99:09:8d:57:56:04:05:7c:26:c8: 07:bf:16:db:ab:a3:cd:a8:d4:e9:83:0c:81:e3:20: 9c:4a:8e:99:dd:7b:dc:cb:b0:d9:a4:14:60:87:1e: 8f:12:be:b3:4f:24:4a:88:d9:68:14:cd:fb:12:15: 5d:5e:f4:ea:ac:7b:85:fc:28:95:28:ce:66:48:0c: 25:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:4A:3F:3E:75:B7:E4:F7:19:F4:DC:69:9D:97:D2:15:B9:07:05:7A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9add10b6-9103-4c19-a99b-242367ce96bd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:4840::/48 Signature Algorithm: sha256WithRSAEncryption 9d:0c:c0:4d:58:55:40:d7:c7:66:d8:1a:58:c2:2f:f4:f9:bb: c8:b8:23:31:5c:a1:9c:18:68:44:7f:ea:a2:76:21:ca:85:39: 4e:91:ec:f7:14:60:0a:e7:14:b5:eb:4a:03:ec:57:0b:35:23: a7:01:dd:05:9d:49:b7:6d:f1:b9:df:51:c4:7a:57:46:ee:b6: 50:74:65:85:f9:b8:22:2a:09:22:bd:50:56:11:31:a2:a4:16: 98:39:2b:2c:d8:55:dd:b8:73:28:7a:6a:60:9b:79:8b:ea:98: 16:e0:2b:a1:9d:5b:29:a1:ca:e0:65:02:c0:92:02:ff:d1:d4: 76:b5:7d:33:5f:96:13:25:90:01:c3:fa:26:a5:4c:70:1f:42: ed:ba:30:59:d3:aa:8b:45:86:9e:92:8b:77:29:4e:f4:22:b6: 4c:7d:bf:4f:c3:aa:f9:34:61:c8:1d:f2:00:43:2f:23:37:36: 0a:29:8f:0c:fe:84:d0:a1:ba:f2:61:78:9b:ea:ac:08:9e:e3: 81:cc:a2:c0:56:c5:e1:e5:da:a4:ad:f4:87:68:c1:68:a8:0a: 65:cb:4e:fa:fc:55:52:0c:24:fd:54:8b:31:d6:bc:e0:33:6e: 37:ed:54:0a:37:d7:f4:32:d1:a1:06:03:7e:c2:66:bc:0b:f7: fc:28:d1:d5 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUIr6jKy8vJpDircgACptrVJwG4PYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNDAwMTAwNVoX DTI1MDYxODIzNTk1OVowejFJMEcGA1UEBRNAYzIyYmIxMmJkZjY4ZGI2ZmIzYmI2 ZTMyMjRiNmFjZDMzYjk5MTE3ZWY0YWY4MjE2YzkzY2RkYjE2NzY5M2NjMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgdl3Gtwf7PV6tbodSuZeHxT4TGn 3GsfQb7ViK0oiWMQXAeoI3n5Zkep96ExOOtZX/or7fnXAj0EZ75SrOeNCBRdzTyY cBUsYA3eavg2uvHm2EHRCuIJOVVpcfVhQOHL20/jPVW2CTjn0scM7KxDsi8g9gnB 88nhbOQCW99oX8Nxsg4/lPQy1ViqSFrHlJL++wD61f4uAsfaohSD9mK2grW8mIny 5CvQjrs83eXxmhWdjK+Tc4+0o5kJjVdWBAV8JsgHvxbbq6PNqNTpgwyB4yCcSo6Z 3Xvcy7DZpBRghx6PEr6zTyRKiNloFM37EhVdXvTqrHuF/CiVKM5mSAwlbwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJNKPz51t+T3GfTcaZ2X0hW5BwV6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlhZGQxMGI2LTkxMDMtNGMxOS1hOTliLTI0MjM2N2NlOTZiZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/0hAMA0GCSqGSIb3DQEBCwUAA4IBAQCdDMBNWFVA18dm2BpY wi/0+bvIuCMxXKGcGGhEf+qidiHKhTlOkez3FGAK5xS160oD7FcLNSOnAd0FnUm3 bfG531HEeldG7rZQdGWF+bgiKgkivVBWETGipBaYOSss2FXduHMoempgm3mL6pgW 4CuhnVspocrgZQLAkgL/0dR2tX0zX5YTJZABw/ompUxwH0LtujBZ06qLRYaekot3 KU70IrZMfb9Pw6r5NGHIHfIAQy8jNzYKKY8M/oTQobryYXib6qwInuOBzKLAVsXh 5dqkrfSHaMFoqAply076/FVSDCT9VIsx1rzgM2437VQKN9f0MtGhBgN+wma8C/f8 KNHV -----END CERTIFICATE-----Generated at Mon Jun 2 06:26:55 2025 by rpki-client