$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2514fe3-5779-4174-ba62-2a19e0c7ddf9.roa File: a2514fe3-5779-4174-ba62-2a19e0c7ddf9.roa (raw, json) Hash identifier: A30a1phUH4F/X9+b4ZJUKLod8Ir3L6pHauY1ZPuw/SU= Subject key identifier: FA:27:E3:A0:71:7E:4A:B4:8E:89:DF:1A:A5:70:7A:AB:22:17:B2:2A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1C83E95FEB7EB4455699E9C1DA6D8E8BB9B81CFE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2514fe3-5779-4174-ba62-2a19e0c7ddf9.roa Signing time: Mon 02 Jun 2025 15:00:08 +0000 ROA not before: Mon 02 Jun 2025 15:00:08 +0000 ROA not after: Mon 07 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da21::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:83:e9:5f:eb:7e:b4:45:56:99:e9:c1:da:6d:8e:8b:b9:b8:1c:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 2 15:00:08 2025 GMT Not After : Jul 7 23:59:59 2025 GMT Subject: serialNumber=655bf71083a584a1de5c1cca6836223732d60f8a12565a8c12ebd4bb7d74c1f4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:99:f6:5e:6f:b2:c9:69:13:89:bb:bb:18:0d: 98:47:33:1e:40:07:5f:9a:b4:00:b8:f5:fa:e1:8d: fd:a3:d0:76:c4:ff:c0:ce:2a:87:e9:7c:aa:7a:d9: f7:d2:19:bf:df:34:06:01:38:73:2a:5b:47:c5:e6: dc:5a:2a:f7:d9:10:ce:42:99:6d:79:cd:1e:be:e3: 33:ec:07:87:1f:86:20:d7:39:3e:75:16:39:8f:37: d1:ef:00:e0:43:96:fa:45:5b:4e:a2:c2:db:64:eb: 48:16:7c:8b:01:15:22:b3:c9:ff:b8:46:16:af:d0: d0:74:b2:45:39:38:89:b1:7d:6a:48:6d:28:ce:5c: 27:35:42:ce:6f:62:f6:f6:ae:94:91:9b:a8:b1:46: e4:e1:2d:dd:26:84:39:58:f4:1a:63:03:2a:28:75: 5c:92:b2:99:18:e5:61:b5:3f:19:7f:d3:84:3b:e8: ae:bb:01:31:05:67:20:00:27:bd:04:b3:48:75:82: 92:3a:07:a2:67:9a:62:8e:d6:a1:29:75:7d:b1:eb: 37:c0:4a:9f:ca:d8:d6:d5:e3:9a:2d:f6:cf:55:fd: a0:58:ac:57:fd:09:3e:7a:22:20:20:e3:8f:c3:5c: 6a:00:89:28:06:89:9d:2e:23:e1:db:e2:47:9c:f6: 06:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:27:E3:A0:71:7E:4A:B4:8E:89:DF:1A:A5:70:7A:AB:22:17:B2:2A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2514fe3-5779-4174-ba62-2a19e0c7ddf9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da21::/36 Signature Algorithm: sha256WithRSAEncryption 51:11:5a:c9:89:6a:fe:45:c6:be:ad:d1:e9:93:8f:a5:64:b5: bd:ad:05:44:a6:cd:77:53:af:08:d9:0c:28:30:15:23:30:6b: 1a:76:75:f3:83:a8:5c:11:65:0d:7e:84:4b:c9:da:ca:41:67: 93:ed:74:ea:fa:d2:bc:bc:44:de:3d:09:c2:ce:f4:60:18:75: 9f:63:5f:7b:d8:84:32:89:8d:a6:42:fc:a4:10:4a:d0:87:1d: d5:70:db:ee:8b:82:fa:c5:3f:0a:cb:cd:f9:98:e7:1b:ae:b5: 40:62:49:98:37:94:f2:6e:99:29:a6:a2:48:60:e5:20:36:c6: 30:01:8c:97:9f:bd:77:3b:af:09:f1:f9:0c:99:88:39:03:43: 8f:bc:fd:9b:ec:6d:3e:37:fe:e2:86:14:e6:f6:d6:05:08:50: 7e:fd:a1:7f:f5:93:f5:b5:48:db:99:0f:aa:85:27:62:63:80: 46:a1:e7:93:0d:60:c7:81:94:24:e1:41:1f:17:42:11:df:d1: d4:8b:45:79:53:e3:43:4f:24:48:22:ac:d0:f8:75:e2:99:27: bb:c4:6d:86:30:49:39:f0:73:8c:e3:39:e2:85:ab:30:f6:6b: cc:1b:a2:35:ee:c0:45:14:56:20:f6:b0:a9:f3:a1:ca:06:3c: 96:d4:72:b0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUHIPpX+t+tEVWmenB2m2Oi7m4HP4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwMjE1MDAwOFoX DTI1MDcwNzIzNTk1OVowejFJMEcGA1UEBRNANjU1YmY3MTA4M2E1ODRhMWRlNWMx Y2NhNjgzNjIyMzczMmQ2MGY4YTEyNTY1YThjMTJlYmQ0YmI3ZDc0YzFmNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJn2Xm+yyWkTibu7GA2YRzMeQAdf mrQAuPX64Y39o9B2xP/AziqH6Xyqetn30hm/3zQGAThzKltHxebcWir32RDOQplt ec0evuMz7AeHH4Yg1zk+dRY5jzfR7wDgQ5b6RVtOosLbZOtIFnyLARUis8n/uEYW r9DQdLJFOTiJsX1qSG0ozlwnNULOb2L29q6UkZuosUbk4S3dJoQ5WPQaYwMqKHVc krKZGOVhtT8Zf9OEO+iuuwExBWcgACe9BLNIdYKSOgeiZ5pijtahKXV9ses3wEqf ytjW1eOaLfbPVf2gWKxX/Qk+eiIgIOOPw1xqAIkoBomdLiPh2+JHnPYG6QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPon46Bxfkq0jonfGqVweqsiF7IqMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EyNTE0ZmUzLTU3NzktNDE3NC1iYTYyLTJhMTllMGM3ZGRmOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaIQAwDQYJKoZIhvcNAQELBQADggEBAFERWsmJav5Fxr6t0emT j6Vktb2tBUSmzXdTrwjZDCgwFSMwaxp2dfODqFwRZQ1+hEvJ2spBZ5PtdOr60ry8 RN49CcLO9GAYdZ9jX3vYhDKJjaZC/KQQStCHHdVw2+6LgvrFPwrLzfmY5xuutUBi SZg3lPJumSmmokhg5SA2xjABjJefvXc7rwnx+QyZiDkDQ4+8/ZvsbT43/uKGFOb2 1gUIUH79oX/1k/W1SNuZD6qFJ2JjgEah55MNYMeBlCThQR8XQhHf0dSLRXlT40NP JEgirND4deKZJ7vEbYYwSTnwc4zjOeKFqzD2a8wbojXuwEUUViD2sKnzocoGPJbU crA= -----END CERTIFICATE-----Generated at Tue Jun 3 23:41:02 2025 by rpki-client