$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ef6ab83-cb4a-4c45-a58b-8383ab2bf4f7.roa File: 9ef6ab83-cb4a-4c45-a58b-8383ab2bf4f7.roa (raw, json) Hash identifier: 8sTQtPlXYax1yTld5gDfg4SXm1+ZLh+RpNjylnToUM4= Subject key identifier: 8A:57:98:C2:2B:C3:6A:8C:54:49:27:EB:6F:1D:05:65:C2:EC:D3:E6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4B430F97962B8A72510E7C7F484A196F7964D41B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ef6ab83-cb4a-4c45-a58b-8383ab2bf4f7.roa Signing time: Sat 10 May 2025 00:01:09 +0000 ROA not before: Sat 10 May 2025 00:01:09 +0000 ROA not after: Sat 14 Jun 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da60:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:43:0f:97:96:2b:8a:72:51:0e:7c:7f:48:4a:19:6f:79:64:d4:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 10 00:01:09 2025 GMT Not After : Jun 14 23:59:59 2025 GMT Subject: serialNumber=3698187f2def490060dfe4109097f7347a733e7f7cb45f94a806c671ddb47630, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:22:4f:ba:67:d5:17:88:a8:a0:b1:56:26:ab: d0:aa:e4:36:9f:ce:bd:1a:76:82:d3:74:fe:93:d9: 6a:d0:f6:1c:a8:49:5a:e6:e8:4d:2b:6c:7f:0c:8e: de:50:6e:77:82:67:34:1f:96:45:1e:24:70:7a:38: 22:22:69:e7:42:1b:07:ae:74:95:9a:67:80:33:ee: 35:6d:05:72:98:c2:98:7b:0f:d3:2a:4d:59:3d:b0: fd:96:32:2b:88:50:78:6c:bc:44:98:29:78:fb:96: 71:97:f6:b9:0e:b0:2c:28:4d:94:4b:a9:10:c3:a2: ef:57:77:57:4c:dc:ed:da:58:a9:eb:91:cd:8e:f1: c6:7a:a0:07:ef:23:17:b6:55:3f:a2:70:eb:1b:7e: 3c:40:11:a7:36:1f:18:fe:46:da:94:0b:ac:58:e5: a1:42:44:47:2e:0e:52:e7:1e:b8:15:e1:81:c7:7a: 2a:8e:27:b5:1c:42:19:2d:f0:0e:3a:46:e1:52:09: b9:eb:c5:62:0a:c2:2e:f8:51:e8:11:51:84:f1:8f: e1:21:09:eb:2d:43:a3:d3:eb:6e:62:a3:a5:59:42: 69:b7:51:5f:c8:2e:bc:ea:51:82:2b:54:b9:d5:83: 5f:d5:3b:77:30:31:b3:22:a2:31:46:f8:87:49:56: 18:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:57:98:C2:2B:C3:6A:8C:54:49:27:EB:6F:1D:05:65:C2:EC:D3:E6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ef6ab83-cb4a-4c45-a58b-8383ab2bf4f7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:b000::/40 Signature Algorithm: sha256WithRSAEncryption 35:46:40:7e:c8:e7:cf:2e:db:cd:8f:3b:79:2c:63:4b:42:80: 4d:69:e8:8f:8b:14:a2:42:d8:d1:93:f9:b3:09:0a:3f:ac:7a: 61:54:9d:71:ce:a6:83:57:93:0d:ce:7d:ef:a1:27:d5:26:22: a3:53:87:1c:e8:05:d8:f6:53:a6:fe:ca:cb:2f:43:24:d1:2d: 99:91:91:3e:23:00:17:51:1a:68:b7:22:92:98:52:f8:99:c5: 49:8a:1b:e7:47:f5:a7:28:2e:c6:76:3f:dc:2e:11:be:81:da: a9:b1:a1:c1:87:c4:d2:a7:61:fb:ed:a3:fd:ec:bc:1f:92:7a: d0:57:3f:83:27:0c:d2:27:ca:d2:2d:ba:93:c4:85:33:ed:90: 72:5c:f9:22:88:52:57:62:d2:1a:c2:7c:64:88:15:5a:a8:4c: 79:49:43:c7:84:47:e7:66:65:99:1d:91:90:94:03:0f:49:bd: 89:6c:0e:0a:c1:a6:00:02:30:33:8c:c5:4b:f2:9b:67:1c:8a: e7:b9:ac:52:1e:74:cc:01:dd:46:f2:19:d4:26:89:fc:31:b4: 13:60:4e:18:f2:9a:fa:2b:85:2d:e7:38:d6:ad:f7:3a:2d:71: 6c:cb:2f:ff:d2:2f:92:d2:0c:f5:d8:2d:76:a9:ea:3b:1e:ef: 57:87:92:78 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUS0MPl5YrinJRDnx/SEoZb3lk1BswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMDAwMDEwOVoX DTI1MDYxNDIzNTk1OVowejFJMEcGA1UEBRNAMzY5ODE4N2YyZGVmNDkwMDYwZGZl NDEwOTA5N2Y3MzQ3YTczM2U3ZjdjYjQ1Zjk0YTgwNmM2NzFkZGI0NzYzMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiJPumfVF4iooLFWJqvQquQ2n869 GnaC03T+k9lq0PYcqEla5uhNK2x/DI7eUG53gmc0H5ZFHiRwejgiImnnQhsHrnSV mmeAM+41bQVymMKYew/TKk1ZPbD9ljIriFB4bLxEmCl4+5Zxl/a5DrAsKE2US6kQ w6LvV3dXTNzt2lip65HNjvHGeqAH7yMXtlU/onDrG348QBGnNh8Y/kbalAusWOWh QkRHLg5S5x64FeGBx3oqjie1HEIZLfAOOkbhUgm568ViCsIu+FHoEVGE8Y/hIQnr LUOj0+tuYqOlWUJpt1FfyC686lGCK1S51YNf1Tt3MDGzIqIxRviHSVYYcQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIpXmMIrw2qMVEkn628dBWXC7NPmMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzllZjZhYjgzLWNiNGEtNGM0NS1hNThiLTgzODNhYjJiZjRmNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYLAwDQYJKoZIhvcNAQELBQADggEBADVGQH7I588u282PO3ks Y0tCgE1p6I+LFKJC2NGT+bMJCj+semFUnXHOpoNXkw3Ofe+hJ9UmIqNThxzoBdj2 U6b+yssvQyTRLZmRkT4jABdRGmi3IpKYUviZxUmKG+dH9acoLsZ2P9wuEb6B2qmx ocGHxNKnYfvto/3svB+SetBXP4MnDNInytItupPEhTPtkHJc+SKIUldi0hrCfGSI FVqoTHlJQ8eER+dmZZkdkZCUAw9JvYlsDgrBpgACMDOMxUvym2cciue5rFIedMwB 3UbyGdQmifwxtBNgThjymvorhS3nONat9zotcWzLL//SL5LSDPXYLXap6jse71eH kng= -----END CERTIFICATE-----Generated at Tue Jun 3 23:19:29 2025 by rpki-client