$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9f808762-dd71-4f33-bfa8-cb4244801d34.roa File: 9f808762-dd71-4f33-bfa8-cb4244801d34.roa (raw, json) Hash identifier: YeFFfrqD+Gto6Tg1Rgz9df3/PJ0syTbqH+gso2f/b74= Subject key identifier: 80:D9:38:F5:21:DF:1F:15:BF:FF:A2:91:96:99:B4:BE:AA:05:EA:D8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 74D3B4533990956155860CD08B6703F0EBE39B36 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9f808762-dd71-4f33-bfa8-cb4244801d34.roa Signing time: Fri 16 May 2025 00:40:21 +0000 ROA not before: Fri 16 May 2025 00:40:21 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:7040::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:d3:b4:53:39:90:95:61:55:86:0c:d0:8b:67:03:f0:eb:e3:9b:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:40:21 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=2d0c9621a520323450e00d06ee0e61b45f96c6226ffa57328adab28df0d8dd84, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:87:4f:32:43:5f:10:6f:31:5e:f7:e9:07:a4: cb:56:17:6b:80:c8:3d:53:c0:c5:93:50:0b:c9:6a: ea:be:44:c2:7f:56:bc:8c:84:16:1c:38:74:d1:d5: 0d:53:6c:96:00:bb:1c:d9:72:e4:da:13:63:e7:35: c4:3f:5f:b5:eb:80:f6:6c:a1:39:00:e0:01:1f:c2: 34:ac:83:8c:c0:71:71:e0:4f:fe:30:37:68:ab:07: e8:a7:33:b5:c9:d9:9f:9f:45:68:8f:fa:c8:e7:39: 59:48:f1:b5:8b:94:48:a4:26:57:f0:88:b9:9a:34: 6e:5e:99:34:2a:42:f7:d3:90:a2:5c:1e:71:be:e0: e8:ef:23:89:3d:05:86:b7:c6:d5:30:57:82:eb:65: 76:24:57:77:ca:b7:5e:bf:c5:a0:4a:a1:d6:44:41: f6:b4:a5:5e:fc:9e:bc:c1:81:de:1f:f1:98:73:ea: c1:d4:87:86:94:e1:25:0f:ac:d5:64:ce:53:4a:7c: cf:73:0b:74:a7:07:26:bc:20:d1:d4:78:2f:55:da: cd:18:75:a1:fe:02:aa:55:5b:f3:59:69:c7:c9:92: cd:12:43:83:2b:03:ec:d7:41:e6:84:21:b9:ab:cc: 98:b9:9b:92:16:a4:88:3b:3a:5c:fc:4b:0f:44:64: 1f:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:D9:38:F5:21:DF:1F:15:BF:FF:A2:91:96:99:B4:BE:AA:05:EA:D8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9f808762-dd71-4f33-bfa8-cb4244801d34.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:7040::/46 Signature Algorithm: sha256WithRSAEncryption a6:b8:38:80:6c:33:1a:92:33:3d:3f:16:c6:e6:ca:15:91:df: c5:2c:56:38:b6:27:66:7d:00:03:d3:60:e1:58:0c:f0:65:00: b6:0d:dd:90:34:76:fa:7f:23:eb:e8:fc:a1:6f:69:05:73:f8: f1:0a:a9:fe:5a:42:7d:68:a8:21:24:8b:d1:bd:ec:2f:7f:cb: a3:2b:d8:31:62:10:6f:7a:44:c7:ed:91:9c:a2:cf:41:31:21: 64:23:8d:17:b1:c4:88:51:7d:aa:42:9a:54:0f:28:be:a7:34: 91:64:0b:b3:46:91:4d:58:a5:3b:f6:8e:34:0b:f0:95:bf:81: 55:6c:24:3c:a4:5f:e0:6a:e7:e3:b8:d6:28:f3:da:7a:50:f1: 97:a1:9a:aa:65:d0:9e:dc:b2:c6:fe:71:c4:36:1c:6b:c5:2f: ce:e0:52:f2:51:16:d9:de:f3:79:45:3d:45:3b:a0:7e:8d:02: ef:c4:9e:3b:0b:7d:1e:8f:d1:f1:12:aa:cf:a0:17:41:99:d7: 9b:a9:b8:d0:af:5d:bf:e6:0b:b2:c3:2c:e1:89:15:34:b2:40: fc:83:7c:75:94:b9:7d:2c:e9:62:7e:5d:fa:a1:8e:e5:f6:46: 4d:17:4c:25:45:f2:ab:8d:f7:b6:2a:40:a2:02:47:33:c8:23: c1:90:c8:64 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUdNO0UzmQlWFVhgzQi2cD8OvjmzYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwNDAyMVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAMmQwYzk2MjFhNTIwMzIzNDUwZTAw ZDA2ZWUwZTYxYjQ1Zjk2YzYyMjZmZmE1NzMyOGFkYWIyOGRmMGQ4ZGQ4NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6odPMkNfEG8xXvfpB6TLVhdrgMg9 U8DFk1ALyWrqvkTCf1a8jIQWHDh00dUNU2yWALsc2XLk2hNj5zXEP1+164D2bKE5 AOABH8I0rIOMwHFx4E/+MDdoqwfopzO1ydmfn0Voj/rI5zlZSPG1i5RIpCZX8Ii5 mjRuXpk0KkL305CiXB5xvuDo7yOJPQWGt8bVMFeC62V2JFd3yrdev8WgSqHWREH2 tKVe/J68wYHeH/GYc+rB1IeGlOElD6zVZM5TSnzPcwt0pwcmvCDR1HgvVdrNGHWh /gKqVVvzWWnHyZLNEkODKwPs10HmhCG5q8yYuZuSFqSIOzpc/EsPRGQfowIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIDZOPUh3x8Vv/+ikZaZtL6qBerYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlmODA4NzYyLWRkNzEtNGYzMy1iZmE4LWNiNDI0NDgwMWQzNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba93BAMA0GCSqGSIb3DQEBCwUAA4IBAQCmuDiAbDMakjM9PxbG 5soVkd/FLFY4tidmfQAD02DhWAzwZQC2Dd2QNHb6fyPr6Pyhb2kFc/jxCqn+WkJ9 aKghJIvRvewvf8ujK9gxYhBvekTH7ZGcos9BMSFkI40XscSIUX2qQppUDyi+pzSR ZAuzRpFNWKU79o40C/CVv4FVbCQ8pF/gaufjuNYo89p6UPGXoZqqZdCe3LLG/nHE NhxrxS/O4FLyURbZ3vN5RT1FO6B+jQLvxJ47C30ej9HxEqrPoBdBmdebqbjQr12/ 5guywyzhiRU0skD8g3x1lLl9LOlifl36oY7l9kZNF0wlRfKrjfe2KkCiAkczyCPB kMhk -----END CERTIFICATE-----Generated at Tue Jun 3 23:39:28 2025 by rpki-client