$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9c804d9a-be43-4636-8f74-69e695113d21.roa File: 9c804d9a-be43-4636-8f74-69e695113d21.roa (raw, json) Hash identifier: Paks6Uaefp1CDMYN+H2ptDLRup1hnBQA+HTMjWSr9UQ= Subject key identifier: 49:C2:3D:3A:80:98:A9:83:BB:E2:6C:B4:57:64:5A:0B:53:D5:45:32 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2F7AC63ABE4E805BD200355AA040E46FD8AB60CF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9c804d9a-be43-4636-8f74-69e695113d21.roa Signing time: Fri 16 May 2025 00:41:42 +0000 ROA not before: Fri 16 May 2025 00:41:42 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:7000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:7a:c6:3a:be:4e:80:5b:d2:00:35:5a:a0:40:e4:6f:d8:ab:60:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:41:42 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=7877af94a64cdbbdef90689598d708ef2236fb1798e6c59c3666f8dc28d8c75a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:d5:24:be:17:d5:cc:c8:f1:21:6f:33:89:c0: 5e:d1:47:47:a4:f4:b0:8a:3e:b1:ba:9f:95:23:99: b3:a5:da:ce:53:78:ec:38:0f:ee:22:81:35:a1:21: 4e:e3:66:41:c5:b0:36:e4:57:19:99:b0:dd:ce:84: cf:28:e1:1e:eb:8a:92:69:b2:27:bf:2e:bb:56:7a: a7:05:92:a4:a3:12:41:3f:c2:30:08:4a:0d:74:95: 94:28:d6:7f:d0:25:27:b3:f6:cc:66:26:a5:4e:cf: 9f:85:29:10:b3:76:f8:f9:7a:3d:a2:3b:38:62:ad: f3:29:2c:5e:12:84:92:cc:98:d6:29:44:64:b9:81: 08:f9:68:88:b1:ae:6c:73:14:05:57:63:cd:7e:16: 37:ca:f7:c0:53:38:1c:0e:ff:ec:57:64:3e:1e:f9: 8f:e7:af:43:af:2a:44:e2:22:79:2a:6d:cc:72:4a: ac:51:9b:bf:2b:77:f6:07:4a:88:34:15:51:24:77: 10:b7:a3:03:82:e1:01:fe:dc:16:2e:fe:fc:7b:ad: 7d:d4:ce:0a:37:13:42:b0:98:e2:44:6a:c9:dc:93: 0f:36:d1:06:99:a0:d3:5c:77:b8:f1:7a:06:39:13: 25:9c:07:25:8d:a6:08:bc:5d:0c:8e:5c:5f:52:1e: f6:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:C2:3D:3A:80:98:A9:83:BB:E2:6C:B4:57:64:5A:0B:53:D5:45:32 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9c804d9a-be43-4636-8f74-69e695113d21.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:7000::/40 Signature Algorithm: sha256WithRSAEncryption 35:29:e3:11:9a:87:f9:e8:39:29:4b:73:53:aa:00:94:0c:68: 69:6e:c1:27:85:b7:ee:e2:24:f7:8e:ef:a5:bd:8a:2b:c0:92: c0:08:d7:0f:0f:80:10:34:b5:f5:56:9a:41:bd:21:8c:b3:4f: c0:77:9d:b7:37:9a:98:57:c8:56:be:7e:de:83:09:af:58:65: 92:a1:dd:a1:85:50:9b:b4:1b:c5:22:c6:e1:b0:02:53:df:63: 6e:df:c9:0e:b9:71:28:b7:87:38:d2:87:29:f0:af:d5:4d:9e: 56:f5:8d:02:4c:53:64:94:23:0c:72:13:aa:9f:ac:0a:45:0a: 9d:a1:2f:63:cf:43:75:0d:a6:3d:12:77:65:36:e5:1c:2a:2b: fe:30:98:2e:6e:26:eb:50:50:a2:41:04:61:a1:6d:f6:4c:c5: e8:19:2b:53:c8:ba:e4:7a:5c:ea:eb:07:88:f3:8e:a0:f6:00: 71:9b:f0:8e:87:91:9f:97:2c:aa:a6:a4:96:79:19:41:35:bc: 2f:5a:f0:aa:98:d4:5f:f6:00:93:6f:45:1b:d5:73:4a:58:76: 59:12:2a:c9:50:65:9c:a7:2b:34:8c:d0:55:6d:82:f0:9d:95: d0:66:46:ea:de:b6:b0:4a:cf:10:37:f4:fb:fd:84:18:dd:3a: 99:d8:1c:11 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUL3rGOr5OgFvSADVaoEDkb9irYM8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwNDE0MloX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANzg3N2FmOTRhNjRjZGJiZGVmOTA2 ODk1OThkNzA4ZWYyMjM2ZmIxNzk4ZTZjNTljMzY2NmY4ZGMyOGQ4Yzc1YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdUkvhfVzMjxIW8zicBe0UdHpPSw ij6xup+VI5mzpdrOU3jsOA/uIoE1oSFO42ZBxbA25FcZmbDdzoTPKOEe64qSabIn vy67VnqnBZKkoxJBP8IwCEoNdJWUKNZ/0CUns/bMZialTs+fhSkQs3b4+Xo9ojs4 Yq3zKSxeEoSSzJjWKURkuYEI+WiIsa5scxQFV2PNfhY3yvfAUzgcDv/sV2Q+HvmP 569DrypE4iJ5Km3MckqsUZu/K3f2B0qINBVRJHcQt6MDguEB/twWLv78e6191M4K NxNCsJjiRGrJ3JMPNtEGmaDTXHe48XoGORMlnAcljaYIvF0MjlxfUh72CQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEnCPTqAmKmDu+JstFdkWgtT1UUyMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzljODA0ZDlhLWJlNDMtNDYzNi04Zjc0LTY5ZTY5NTExM2QyMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba93AwDQYJKoZIhvcNAQELBQADggEBADUp4xGah/noOSlLc1Oq AJQMaGluwSeFt+7iJPeO76W9iivAksAI1w8PgBA0tfVWmkG9IYyzT8B3nbc3mphX yFa+ft6DCa9YZZKh3aGFUJu0G8UixuGwAlPfY27fyQ65cSi3hzjShynwr9VNnlb1 jQJMU2SUIwxyE6qfrApFCp2hL2PPQ3UNpj0Sd2U25RwqK/4wmC5uJutQUKJBBGGh bfZMxegZK1PIuuR6XOrrB4jzjqD2AHGb8I6HkZ+XLKqmpJZ5GUE1vC9a8KqY1F/2 AJNvRRvVc0pYdlkSKslQZZynKzSM0FVtgvCdldBmRuretrBKzxA39Pv9hBjdOpnY HBE= -----END CERTIFICATE-----Generated at Tue Jun 3 23:48:14 2025 by rpki-client