$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a0d0474f-3a63-4312-ba91-4caeffc8b819.roa File: a0d0474f-3a63-4312-ba91-4caeffc8b819.roa (raw, json) Hash identifier: /7yBKSzoK4oB2peUPs9NPLJ2bIQ7Dyfk6Dh7GsjiRkQ= Subject key identifier: C3:EC:17:32:C0:8B:FA:A4:D7:D1:ED:23:6D:89:D3:AC:00:6F:0E:CF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0EAEDCB2029B01EBEE84705EAF371907B06BA059 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a0d0474f-3a63-4312-ba91-4caeffc8b819.roa Signing time: Fri 16 May 2025 15:10:20 +0000 ROA not before: Fri 16 May 2025 15:10:20 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:4800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:ae:dc:b2:02:9b:01:eb:ee:84:70:5e:af:37:19:07:b0:6b:a0:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:10:20 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=63d70bd8f691293daa38d5e53ab361815b2b1a863a0b1b2ce8b0c78a3fb11075, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:16:1a:1c:c3:21:8d:26:96:22:ea:16:4a:c2: 7e:30:09:50:4b:bf:3a:e4:b9:83:1e:98:54:8b:f1: 27:ff:d2:0b:bd:78:53:f3:e6:96:39:fd:d4:2d:ed: f4:f3:a0:bd:ed:5e:9e:5f:08:53:6e:2c:05:44:b4: 83:21:9e:b3:f8:8f:5e:71:64:96:99:4d:b3:bf:33: b8:2d:a6:f0:2a:45:a4:74:2a:f3:76:d6:e4:30:36: 6d:05:0c:75:77:72:7f:07:70:ff:40:46:40:4a:67: 73:b2:e1:6b:99:30:cc:7c:45:e4:af:42:57:db:37: cd:6f:32:ef:99:9d:10:04:1a:1d:50:8c:01:e9:d0: ce:85:98:da:f0:9a:0a:c1:6f:88:a9:fa:79:df:76: 78:5e:f0:6d:3f:55:51:6e:c4:75:cf:5a:cb:aa:bf: c8:61:d9:a5:3f:b9:b3:a7:a5:1e:83:78:8f:54:d5: 73:d9:f6:47:7b:1a:ca:aa:81:d1:e5:4e:7f:7f:a4: 21:b5:82:bc:98:8b:96:a0:b1:66:00:ac:0d:7e:d7: 51:49:c5:4a:b5:d3:b8:69:7c:4c:cd:df:f1:1a:75: 49:75:d1:e1:fd:97:48:2e:23:67:a1:eb:c6:53:23: 1f:bc:2d:96:79:f3:96:13:88:6d:ee:f7:f4:44:a8: fd:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:EC:17:32:C0:8B:FA:A4:D7:D1:ED:23:6D:89:D3:AC:00:6F:0E:CF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a0d0474f-3a63-4312-ba91-4caeffc8b819.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:4800::/40 Signature Algorithm: sha256WithRSAEncryption 74:7a:9f:79:a3:95:8b:20:ce:56:71:4a:e9:21:45:f4:1b:75: 9f:3e:63:da:d4:5e:0c:5f:45:69:84:60:85:9d:f7:5c:d2:4f: 1d:d1:4a:8b:fb:c6:82:a1:e7:57:17:3c:08:d1:e5:84:6d:6c: 38:4b:05:0f:4e:67:03:3c:a9:b1:70:1c:49:06:0b:7d:e7:e2: 01:e5:82:f8:8d:c2:a2:67:ad:98:dd:2b:f7:c7:0c:b6:9e:8f: 11:1f:f7:7e:ac:b8:17:1f:28:f9:66:0b:43:01:da:9d:dc:99: 96:36:ef:2d:ba:6b:3b:cf:84:10:a3:36:ce:00:a3:58:33:12: d7:e1:61:47:3e:6d:ad:24:56:d4:64:95:ff:22:6d:b4:de:97: 55:81:94:5f:4f:4a:91:a6:96:71:d7:98:c7:53:b9:25:9c:1c: 95:c4:a1:cf:b3:34:41:79:be:52:8b:05:54:44:61:68:f4:6f: d9:28:5a:3e:97:53:22:22:3a:0e:76:7c:21:2b:2f:ac:f7:2b: e5:a2:8b:10:19:db:4d:df:b5:77:a8:68:9f:cb:70:1c:a9:7e: 52:27:2b:26:ee:e8:c5:11:89:09:1e:91:dd:05:ef:86:34:9a: ba:52:1e:5c:7a:c1:58:3c:39:c9:45:8c:06:aa:15:b4:6f:34: c1:57:40:1c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDq7csgKbAevuhHBerzcZB7BroFkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MTAyMFoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANjNkNzBiZDhmNjkxMjkzZGFhMzhk NWU1M2FiMzYxODE1YjJiMWE4NjNhMGIxYjJjZThiMGM3OGEzZmIxMTA3NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRYaHMMhjSaWIuoWSsJ+MAlQS786 5LmDHphUi/En/9ILvXhT8+aWOf3ULe3086C97V6eXwhTbiwFRLSDIZ6z+I9ecWSW mU2zvzO4LabwKkWkdCrzdtbkMDZtBQx1d3J/B3D/QEZASmdzsuFrmTDMfEXkr0JX 2zfNbzLvmZ0QBBodUIwB6dDOhZja8JoKwW+Iqfp533Z4XvBtP1VRbsR1z1rLqr/I YdmlP7mzp6Ueg3iPVNVz2fZHexrKqoHR5U5/f6QhtYK8mIuWoLFmAKwNftdRScVK tdO4aXxMzd/xGnVJddHh/ZdILiNnoevGUyMfvC2WefOWE4ht7vf0RKj9LwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMPsFzLAi/qk19HtI22J06wAbw7PMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EwZDA0NzRmLTNhNjMtNDMxMi1iYTkxLTRjYWVmZmM4YjgxOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacEgwDQYJKoZIhvcNAQELBQADggEBAHR6n3mjlYsgzlZxSukh RfQbdZ8+Y9rUXgxfRWmEYIWd91zSTx3RSov7xoKh51cXPAjR5YRtbDhLBQ9OZwM8 qbFwHEkGC33n4gHlgviNwqJnrZjdK/fHDLaejxEf936suBcfKPlmC0MB2p3cmZY2 7y26azvPhBCjNs4Ao1gzEtfhYUc+ba0kVtRklf8ibbTel1WBlF9PSpGmlnHXmMdT uSWcHJXEoc+zNEF5vlKLBVREYWj0b9koWj6XUyIiOg52fCErL6z3K+WiixAZ203f tXeoaJ/LcBypflInKybu6MURiQkekd0F74Y0mrpSHlx6wVg8OclFjAaqFbRvNMFX QBw= -----END CERTIFICATE-----Generated at Tue Jun 3 23:28:56 2025 by rpki-client