$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9b4623a6-3162-48fd-9091-235f75f6c97d.roa File: 9b4623a6-3162-48fd-9091-235f75f6c97d.roa (raw, json) Hash identifier: rGLijI/aYWs7qfkzlNHxzIxolqGs3VZLGwtBXNHHRlk= Subject key identifier: A1:19:09:4D:CD:14:07:E8:70:DE:CF:89:BB:32:9B:1C:A4:97:26:F2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 73831B887DC30AA4152898F7467B86DAB8EC1E7C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9b4623a6-3162-48fd-9091-235f75f6c97d.roa Signing time: Mon 12 May 2025 15:00:15 +0000 ROA not before: Mon 12 May 2025 15:00:15 +0000 ROA not after: Mon 16 Jun 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daf4:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:83:1b:88:7d:c3:0a:a4:15:28:98:f7:46:7b:86:da:b8:ec:1e:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 12 15:00:15 2025 GMT Not After : Jun 16 23:59:59 2025 GMT Subject: serialNumber=614b148349242adf240585d89407d267b3e751120376257043232c58b6aa1d68, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:cf:ef:97:b3:0b:33:53:b4:01:24:cb:1d:14: e4:8e:4a:ea:03:94:b7:74:2b:2f:85:37:e1:10:a5: 31:f6:bf:c1:0e:88:a9:d2:b8:c0:91:57:61:10:e3: 22:23:f9:1e:c7:85:51:f0:fe:f6:5f:38:7d:ce:dc: 3c:72:cc:15:38:b1:75:77:ce:2c:e2:f1:30:0a:2a: 06:ed:ac:f4:af:98:ce:b7:69:c9:e2:ce:71:12:92: 7f:ce:48:f1:f6:da:7b:12:bf:d0:ad:c1:cd:f6:e2: a3:ba:c7:e9:91:6e:3a:85:18:ea:24:13:fd:57:18: 71:b3:99:9d:d0:80:cd:d1:81:a2:32:c9:06:ed:d2: 75:6c:2e:53:52:9d:63:fc:63:41:7c:21:b0:74:ef: b7:b1:3f:3b:1d:3d:3f:8f:32:63:b2:48:c9:99:0c: 98:40:89:5c:21:32:89:f7:da:47:26:92:b3:37:ad: b3:c1:ac:45:5b:37:5f:d0:87:22:b0:7c:76:6e:24: 33:29:44:c0:42:18:6c:11:bf:33:24:f3:07:0a:99: 68:0e:cf:10:c5:06:78:81:a3:5b:e1:ba:c7:5f:44: 07:19:62:5e:9c:2a:37:80:dc:52:c5:31:11:f0:9c: 9f:ea:d8:f4:b0:76:f2:6a:03:06:73:bc:dc:51:60: 74:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:19:09:4D:CD:14:07:E8:70:DE:CF:89:BB:32:9B:1C:A4:97:26:F2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9b4623a6-3162-48fd-9091-235f75f6c97d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:4000::/40 Signature Algorithm: sha256WithRSAEncryption a1:78:af:b6:c4:a7:b9:b2:64:b6:a5:9c:be:49:7d:67:ae:df: 9c:42:79:b7:fe:f3:2c:d7:21:30:e4:58:4d:11:e2:9e:b3:16: c0:d9:f1:5a:01:0d:ba:8c:dc:8f:7c:ef:b6:af:6a:30:4e:a6: 93:17:86:97:d4:d3:ca:58:db:db:72:c6:5f:4d:11:12:ca:eb: 1b:70:50:f0:47:a3:dc:a9:bd:56:ba:01:ec:e8:8a:6e:42:46: c6:67:51:42:37:5d:8b:14:f5:4f:bb:e4:24:fc:c4:7c:93:df: 75:2d:b1:16:c4:75:c0:de:6f:77:a0:50:4d:ae:b5:2a:97:48: c7:95:f1:64:0a:7f:a8:72:78:69:bd:f2:a1:1a:fb:9a:0a:d2: 0b:d4:cd:22:a8:90:28:47:2c:4c:9d:60:e4:c5:88:d1:d3:24: f4:97:4b:17:a3:ce:12:12:6a:4c:b0:91:1d:c3:d8:ce:17:09: f2:6b:3c:a9:20:76:ee:84:1d:74:7b:50:e0:7e:2d:40:d8:9c: e2:1f:ee:fd:85:e7:c3:de:07:03:f5:2f:db:27:47:8d:20:7b: 78:a2:7c:2d:bf:81:24:57:41:8a:5b:85:2c:85:c7:2e:68:98: b4:a5:a3:2c:28:1f:0d:c9:b4:01:e0:3e:26:b1:81:5d:1f:cb: d9:ab:f8:3b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUc4MbiH3DCqQVKJj3RnuG2rjsHnwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMjE1MDAxNVoX DTI1MDYxNjIzNTk1OVowejFJMEcGA1UEBRNANjE0YjE0ODM0OTI0MmFkZjI0MDU4 NWQ4OTQwN2QyNjdiM2U3NTExMjAzNzYyNTcwNDMyMzJjNThiNmFhMWQ2ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnM/vl7MLM1O0ASTLHRTkjkrqA5S3 dCsvhTfhEKUx9r/BDoip0rjAkVdhEOMiI/kex4VR8P72Xzh9ztw8cswVOLF1d84s 4vEwCioG7az0r5jOt2nJ4s5xEpJ/zkjx9tp7Er/QrcHN9uKjusfpkW46hRjqJBP9 Vxhxs5md0IDN0YGiMskG7dJ1bC5TUp1j/GNBfCGwdO+3sT87HT0/jzJjskjJmQyY QIlcITKJ99pHJpKzN62zwaxFWzdf0IcisHx2biQzKUTAQhhsEb8zJPMHCploDs8Q xQZ4gaNb4brHX0QHGWJenCo3gNxSxTER8Jyf6tj0sHbyagMGc7zcUWB0cwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKEZCU3NFAfocN7PibsymxyklybyMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzliNDYyM2E2LTMxNjItNDhmZC05MDkxLTIzNWY3NWY2Yzk3ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9EAwDQYJKoZIhvcNAQELBQADggEBAKF4r7bEp7myZLalnL5J fWeu35xCebf+8yzXITDkWE0R4p6zFsDZ8VoBDbqM3I9877avajBOppMXhpfU08pY 29tyxl9NERLK6xtwUPBHo9ypvVa6Aezoim5CRsZnUUI3XYsU9U+75CT8xHyT33Ut sRbEdcDeb3egUE2utSqXSMeV8WQKf6hyeGm98qEa+5oK0gvUzSKokChHLEydYOTF iNHTJPSXSxejzhISakywkR3D2M4XCfJrPKkgdu6EHXR7UOB+LUDYnOIf7v2F58Pe BwP1L9snR40ge3iifC2/gSRXQYpbhSyFxy5omLSloywoHw3JtAHgPiaxgV0fy9mr +Ds= -----END CERTIFICATE-----Generated at Tue Jun 3 23:33:22 2025 by rpki-client