$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8058c69-4025-477b-844b-ad5268c2470c.roa File: a8058c69-4025-477b-844b-ad5268c2470c.roa (raw, json) Hash identifier: znEYK35MTYPncHdToaaEce44fsiiJfFFvqdp1sTXV/Q= Subject key identifier: 8C:27:56:BD:EE:F8:D6:33:D9:2E:E4:26:27:D5:3D:12:50:B5:19:2C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 110E62EC4CBB4FC027758CCE8C70759425E3D1F1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8058c69-4025-477b-844b-ad5268c2470c.roa Signing time: Wed 14 May 2025 00:10:38 +0000 ROA not before: Wed 14 May 2025 00:10:38 +0000 ROA not after: Wed 18 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:8840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:0e:62:ec:4c:bb:4f:c0:27:75:8c:ce:8c:70:75:94:25:e3:d1:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 14 00:10:38 2025 GMT Not After : Jun 18 23:59:59 2025 GMT Subject: serialNumber=62f4a2bc92cbc610455d499b5da81cb8032f10bc60172999cd30cadaf3dc4afa, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:3e:bb:00:61:b8:ea:7b:80:b7:70:70:ad:08: 67:0c:ad:bb:39:00:59:32:60:d5:19:7b:49:01:6e: 67:88:0d:94:d7:0a:25:a9:2e:c2:37:0d:b2:2f:9f: e8:cc:60:2a:63:60:e0:df:db:bd:4c:0a:20:a1:5c: 8f:eb:a4:9a:45:84:6f:2a:01:67:ef:e2:88:15:f8: 44:bb:ca:11:cb:6b:51:c1:f1:da:b3:a4:b5:7b:4d: 27:12:77:37:00:39:e9:73:34:1d:7d:aa:09:3c:44: 9a:e2:3e:9a:24:e3:42:eb:86:85:32:bc:05:89:3a: b8:e2:b7:3c:a3:1e:34:f0:55:cd:27:b6:53:37:97: 91:ff:03:48:6b:9b:bb:6e:8b:10:1f:fb:16:6d:c8: 79:fa:13:41:a5:fb:c6:46:57:82:65:cb:26:ac:c8: 7e:5d:d9:2b:d0:f3:f6:f4:a3:28:d0:db:14:0f:a9: 7e:53:5c:b9:ce:ed:11:2e:a1:45:7a:ac:14:98:bc: b5:c9:9f:3f:42:02:3a:c7:65:67:3f:75:58:05:61: c3:21:d7:db:de:6b:99:59:d2:87:72:5c:dc:14:6f: e6:bb:13:84:06:52:10:50:28:f6:7a:6f:9c:94:94: 7e:a9:99:f5:b5:7f:fa:3a:47:fe:6b:86:d7:dc:af: 95:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:27:56:BD:EE:F8:D6:33:D9:2E:E4:26:27:D5:3D:12:50:B5:19:2C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8058c69-4025-477b-844b-ad5268c2470c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:8840::/48 Signature Algorithm: sha256WithRSAEncryption 62:a8:8a:ba:34:32:0a:a2:21:ef:73:36:17:dc:59:1c:0e:e2: d7:dd:56:46:18:d3:b3:c4:d3:17:7c:24:98:97:dc:9b:4a:be: 38:25:5d:c2:08:a1:8a:d7:b3:e1:79:2c:e7:56:69:cb:d2:f2: b9:69:c4:a7:4a:06:8c:bf:74:b2:8b:84:86:6d:9f:df:e4:8a: bb:39:7a:d8:b0:94:22:eb:20:cb:82:39:38:98:58:28:c6:b6: 60:56:8d:ea:76:31:82:0a:b8:39:e8:83:d1:cd:39:50:2f:c4: bd:c4:55:39:1a:46:36:4b:a8:52:08:36:0f:04:fe:19:c5:a3: 6a:65:d6:f3:90:07:50:e9:82:64:71:4c:b1:20:0d:1b:66:dc: 86:89:e0:0d:cb:ff:a3:0e:b5:e0:71:72:3c:de:d4:c5:7a:a7: 0b:13:55:1c:67:a3:e4:55:3e:59:d8:eb:0f:86:e1:af:a1:a5: 95:6e:d1:6d:e6:7e:d8:4c:60:57:18:11:b7:2e:dd:d4:e6:2d: 2e:26:0d:3f:1e:82:4b:1c:3b:0c:df:d2:bd:d6:f2:b4:a7:8a: 56:85:2e:66:78:eb:42:82:69:bc:4a:85:e5:a0:63:32:e7:08: 33:f6:21:91:3c:ea:94:90:f0:5b:d0:ce:a1:ea:df:a9:4a:7d: f2:f1:d5:01 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUEQ5i7Ey7T8AndYzOjHB1lCXj0fEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNDAwMTAzOFoX DTI1MDYxODIzNTk1OVowejFJMEcGA1UEBRNANjJmNGEyYmM5MmNiYzYxMDQ1NWQ0 OTliNWRhODFjYjgwMzJmMTBiYzYwMTcyOTk5Y2QzMGNhZGFmM2RjNGFmYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2D67AGG46nuAt3BwrQhnDK27OQBZ MmDVGXtJAW5niA2U1wolqS7CNw2yL5/ozGAqY2Dg39u9TAogoVyP66SaRYRvKgFn 7+KIFfhEu8oRy2tRwfHas6S1e00nEnc3ADnpczQdfaoJPESa4j6aJONC64aFMrwF iTq44rc8ox408FXNJ7ZTN5eR/wNIa5u7bosQH/sWbch5+hNBpfvGRleCZcsmrMh+ Xdkr0PP29KMo0NsUD6l+U1y5zu0RLqFFeqwUmLy1yZ8/QgI6x2VnP3VYBWHDIdfb 3muZWdKHclzcFG/muxOEBlIQUCj2em+clJR+qZn1tX/6Okf+a4bX3K+VFwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIwnVr3u+NYz2S7kJifVPRJQtRksMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E4MDU4YzY5LTQwMjUtNDc3Yi04NDRiLWFkNTI2OGMyNDcwYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOIhAMA0GCSqGSIb3DQEBCwUAA4IBAQBiqIq6NDIKoiHvczYX 3FkcDuLX3VZGGNOzxNMXfCSYl9ybSr44JV3CCKGK17PheSznVmnL0vK5acSnSgaM v3Syi4SGbZ/f5Iq7OXrYsJQi6yDLgjk4mFgoxrZgVo3qdjGCCrg56IPRzTlQL8S9 xFU5GkY2S6hSCDYPBP4ZxaNqZdbzkAdQ6YJkcUyxIA0bZtyGieANy/+jDrXgcXI8 3tTFeqcLE1UcZ6PkVT5Z2OsPhuGvoaWVbtFt5n7YTGBXGBG3Lt3U5i0uJg0/HoJL HDsM39K91vK0p4pWhS5meOtCgmm8SoXloGMy5wgz9iGRPOqUkPBb0M6h6t+pSn3y 8dUB -----END CERTIFICATE-----Generated at Tue Jun 3 23:12:20 2025 by rpki-client