$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9b072caa-75fc-4171-a003-7c2d34288af7.roa File: 9b072caa-75fc-4171-a003-7c2d34288af7.roa (raw, json) Hash identifier: wumIWIXEMa1A1S/NwnrzvBZlmCK6G/KGzjkF3vRmn+Q= Subject key identifier: 2C:9A:65:A8:24:EC:C9:A9:C4:A7:E5:62:74:8D:D5:21:D2:4F:C5:4D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 015D2C88000ADCFB12210D469997932761E307B4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9b072caa-75fc-4171-a003-7c2d34288af7.roa Signing time: Fri 16 May 2025 15:40:19 +0000 ROA not before: Fri 16 May 2025 15:40:19 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da18::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:5d:2c:88:00:0a:dc:fb:12:21:0d:46:99:97:93:27:61:e3:07:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:40:19 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=e2b0cd0a55041e098655b105224b75b00c17d803e60ccb09636cb36c9d872031, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:66:33:be:7b:c0:3b:b7:3c:80:e3:51:c2:bd: 77:26:57:1f:34:9a:fa:1b:e4:bc:e0:98:8b:c4:cf: a2:8f:69:a1:f7:08:28:09:31:d9:53:e0:34:68:c8: 9c:fc:a6:f2:e4:66:35:36:ae:80:1e:95:4b:7d:12: 26:83:97:c5:8a:91:fa:bb:f4:3b:a1:fb:31:ce:bf: 8d:a1:07:3e:50:73:6d:d9:82:4b:41:e9:a6:17:33: 52:56:7d:c8:21:4e:de:3a:58:bc:fc:68:10:f6:4f: 36:b1:6c:6c:14:3d:d1:62:d8:8d:85:a8:d7:bd:28: 74:d5:0e:ae:53:82:7f:0e:7b:74:65:06:93:da:37: 09:c2:dc:d5:91:44:3b:4f:f6:5e:4c:18:35:95:32: b0:c0:54:b5:86:bb:bf:b0:dc:3c:34:3b:53:56:a4: f2:ff:a8:6d:b6:13:08:55:d6:75:db:da:73:8d:11: ba:71:70:d5:3e:45:77:4f:b4:13:af:f3:24:1a:52: 08:1d:c4:64:d4:4f:a1:f2:cb:5a:ef:ed:2e:d0:82: 1a:5d:ae:9f:9b:a0:d9:60:8b:23:3d:c4:bc:88:7e: e6:d2:69:00:ea:41:cb:62:08:d8:04:2f:95:37:9e: 7a:77:26:d7:67:5f:a4:f3:4f:83:f1:aa:b5:9c:9f: 40:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:9A:65:A8:24:EC:C9:A9:C4:A7:E5:62:74:8D:D5:21:D2:4F:C5:4D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9b072caa-75fc-4171-a003-7c2d34288af7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da18::/38 Signature Algorithm: sha256WithRSAEncryption 00:99:8f:2c:62:af:d3:a7:49:42:c7:4e:46:fa:ba:ef:56:eb: cd:f7:ca:4c:51:0e:0e:d8:a3:be:c9:e0:8f:bd:50:60:d7:31: cb:da:68:1a:17:54:5e:ff:1d:bf:1b:3c:b6:da:66:ca:e6:9d: 83:c6:cf:b5:62:dd:78:82:69:b2:1c:4b:ba:16:67:a5:5e:00: 7a:31:74:63:3a:33:cf:9e:fe:df:bb:5d:3a:3d:f6:72:38:6c: 82:b7:04:51:c3:28:d0:b3:96:eb:8d:41:2e:4a:24:61:55:1a: 5e:62:71:80:84:f9:24:02:2d:ed:a1:2a:b0:ec:4c:41:ba:50: 87:25:4c:d5:01:0f:c6:d7:00:8c:a8:15:e1:60:0e:9a:a1:fe: cf:0f:d4:62:e7:8b:15:3c:fc:a1:f5:1b:5d:a7:d5:a7:78:08: 2d:be:22:b2:96:52:15:76:c8:9e:f4:70:56:5f:a3:10:6c:e0: 0b:5b:8d:75:37:df:23:a3:31:df:d5:f8:d3:74:f3:d1:bd:cd: 42:b9:3a:a6:8a:ea:ef:a6:db:14:81:dc:f3:1f:aa:c2:e7:e7: c1:fc:32:7a:a9:c4:1a:93:95:45:68:95:8f:d6:01:68:ed:cb: 1c:2b:72:d5:fd:49:f7:1b:56:34:63:a7:97:b3:41:fd:2a:14: 6f:5f:38:75 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUAV0siAAK3PsSIQ1GmZeTJ2HjB7QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1NDAxOVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAZTJiMGNkMGE1NTA0MWUwOTg2NTVi MTA1MjI0Yjc1YjAwYzE3ZDgwM2U2MGNjYjA5NjM2Y2IzNmM5ZDg3MjAzMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WYzvnvAO7c8gONRwr13JlcfNJr6 G+S84JiLxM+ij2mh9wgoCTHZU+A0aMic/Kby5GY1Nq6AHpVLfRImg5fFipH6u/Q7 ofsxzr+NoQc+UHNt2YJLQemmFzNSVn3IIU7eOli8/GgQ9k82sWxsFD3RYtiNhajX vSh01Q6uU4J/Dnt0ZQaT2jcJwtzVkUQ7T/ZeTBg1lTKwwFS1hru/sNw8NDtTVqTy /6htthMIVdZ129pzjRG6cXDVPkV3T7QTr/MkGlIIHcRk1E+h8sta7+0u0IIaXa6f m6DZYIsjPcS8iH7m0mkA6kHLYgjYBC+VN556dybXZ1+k80+D8aq1nJ9AawIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCyaZagk7MmpxKflYnSN1SHST8VNMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzliMDcyY2FhLTc1ZmMtNDE3MS1hMDAzLTdjMmQzNDI4OGFmNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaGAAwDQYJKoZIhvcNAQELBQADggEBAACZjyxir9OnSULHTkb6 uu9W6833ykxRDg7Yo77J4I+9UGDXMcvaaBoXVF7/Hb8bPLbaZsrmnYPGz7Vi3XiC abIcS7oWZ6VeAHoxdGM6M8+e/t+7XTo99nI4bIK3BFHDKNCzluuNQS5KJGFVGl5i cYCE+SQCLe2hKrDsTEG6UIclTNUBD8bXAIyoFeFgDpqh/s8P1GLnixU8/KH1G12n 1ad4CC2+IrKWUhV2yJ70cFZfoxBs4AtbjXU33yOjMd/V+NN089G9zUK5OqaK6u+m 2xSB3PMfqsLn58H8MnqpxBqTlUVolY/WAWjtyxwrctX9SfcbVjRjp5ezQf0qFG9f OHU= -----END CERTIFICATE-----Generated at Tue Jun 3 23:31:37 2025 by rpki-client