$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8746c50-b2c6-438f-ad79-3b608da68b61.roa File: a8746c50-b2c6-438f-ad79-3b608da68b61.roa (raw, json) Hash identifier: coZ14wxoPN4ufuKjga6cuaCzwwWcEtPlRmSAJGl6tDI= Subject key identifier: 4A:EC:42:08:E8:14:26:42:C4:F1:CB:D0:5D:56:F1:33:33:23:94:9C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4CFDE18B28DB526F57DE1912CECA93E7D06ECDEB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8746c50-b2c6-438f-ad79-3b608da68b61.roa Signing time: Fri 16 May 2025 15:10:16 +0000 ROA not before: Fri 16 May 2025 15:10:16 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:fd:e1:8b:28:db:52:6f:57:de:19:12:ce:ca:93:e7:d0:6e:cd:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:10:16 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=d62279a1b35fea1c583669cb256fe00f73a6711f099221f3df8d38987c1ecc6d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:3e:b6:79:86:6e:18:46:78:98:15:3f:a6:4f: 74:a3:98:43:4b:17:4f:ff:00:5b:71:00:07:7d:85: cb:08:e0:c9:b7:2e:b6:a7:26:59:69:00:73:7d:af: c2:14:0a:d4:6c:96:0a:74:a5:31:b4:89:e9:0a:2e: b4:24:f9:fc:19:14:c7:8d:91:57:27:54:32:23:0e: 22:81:a3:1c:b2:e2:7f:04:aa:e4:6d:36:eb:f2:54: 49:28:92:59:ff:a0:7b:21:d6:94:ce:5b:61:8c:0d: fa:d8:30:97:ed:07:22:17:51:0b:49:47:b6:55:64: ca:3a:2f:bf:15:ab:37:fa:30:2d:6b:a9:d8:49:91: 87:5f:61:c2:69:cd:5e:51:fd:cb:1c:a7:23:46:87: a1:15:12:7d:8a:e8:52:9e:83:f5:58:ef:ba:9e:7b: 6a:f1:e6:dd:83:ee:32:12:31:74:8f:42:6e:63:c1: f1:c4:f6:3a:b8:e6:79:31:e0:53:a1:d5:8a:d0:f1: 04:25:31:df:70:50:38:3a:a9:a1:2b:a5:ec:3a:2e: 75:59:25:04:cc:26:e2:8f:31:b4:92:e3:23:7b:8a: 53:48:d1:40:0c:2b:e3:90:a9:70:14:83:51:04:7e: eb:1e:83:62:4d:60:1a:2c:1e:a1:54:22:ab:ee:9a: 42:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:EC:42:08:E8:14:26:42:C4:F1:CB:D0:5D:56:F1:33:33:23:94:9C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8746c50-b2c6-438f-ad79-3b608da68b61.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:6000::/40 Signature Algorithm: sha256WithRSAEncryption a4:5d:6d:36:2a:d6:95:8d:19:3a:ec:f7:76:1e:c0:2d:67:24: f8:e7:75:91:fa:57:28:23:f5:ab:d1:77:31:25:86:91:71:d6: 9e:24:6c:85:d2:0c:35:f0:2e:d2:de:1f:1a:2c:4f:3f:1e:2a: fa:0b:72:7d:57:73:07:e6:3a:67:28:54:e6:a4:2e:4f:7c:7a: 06:8c:9e:cf:22:73:57:fe:f1:c7:7c:61:c3:4a:09:4d:1b:4f: a8:91:69:64:1e:83:39:1b:56:bd:0a:18:47:8b:69:30:e9:d5: d6:87:82:a3:5a:32:a3:33:82:9d:e9:55:07:a9:24:be:09:6a: e2:45:a2:62:fa:a7:2c:86:e1:a2:3b:ed:16:8e:4b:e7:e6:17: b6:a2:19:ec:21:af:8d:a1:a1:ee:1b:b2:06:9e:b8:e4:06:2e: 9f:91:cd:46:36:81:8e:23:0e:31:3e:eb:9b:ab:15:be:45:e2: 3b:80:37:1f:1a:1f:04:8e:68:08:2a:25:f8:9f:6f:78:1d:44: 1b:e3:dd:61:67:30:d9:71:42:0e:33:70:1b:4f:d4:d4:ca:ce: f7:41:a6:f9:24:f3:22:67:68:e2:bb:3d:1f:3a:fe:43:82:40: aa:19:43:20:a6:dd:6c:fb:93:f6:ea:e9:6e:01:f6:b0:06:eb: 25:10:5d:a2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUTP3hiyjbUm9X3hkSzsqT59BuzeswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MTAxNloX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAZDYyMjc5YTFiMzVmZWExYzU4MzY2 OWNiMjU2ZmUwMGY3M2E2NzExZjA5OTIyMWYzZGY4ZDM4OTg3YzFlY2M2ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArj62eYZuGEZ4mBU/pk90o5hDSxdP /wBbcQAHfYXLCODJty62pyZZaQBzfa/CFArUbJYKdKUxtInpCi60JPn8GRTHjZFX J1QyIw4igaMcsuJ/BKrkbTbr8lRJKJJZ/6B7IdaUzlthjA362DCX7QciF1ELSUe2 VWTKOi+/Fas3+jAta6nYSZGHX2HCac1eUf3LHKcjRoehFRJ9iuhSnoP1WO+6nntq 8ebdg+4yEjF0j0JuY8HxxPY6uOZ5MeBTodWK0PEEJTHfcFA4OqmhK6XsOi51WSUE zCbijzG0kuMje4pTSNFADCvjkKlwFINRBH7rHoNiTWAaLB6hVCKr7ppCiQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFErsQgjoFCZCxPHL0F1W8TMzI5ScMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E4NzQ2YzUwLWIyYzYtNDM4Zi1hZDc5LTNiNjA4ZGE2OGI2MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaGAwDQYJKoZIhvcNAQELBQADggEBAKRdbTYq1pWNGTrs93Ye wC1nJPjndZH6Vygj9avRdzElhpFx1p4kbIXSDDXwLtLeHxosTz8eKvoLcn1Xcwfm OmcoVOakLk98egaMns8ic1f+8cd8YcNKCU0bT6iRaWQegzkbVr0KGEeLaTDp1daH gqNaMqMzgp3pVQepJL4JauJFomL6pyyG4aI77RaOS+fmF7aiGewhr42hoe4bsgae uOQGLp+RzUY2gY4jDjE+65urFb5F4juANx8aHwSOaAgqJfifb3gdRBvj3WFnMNlx Qg4zcBtP1NTKzvdBpvkk8yJnaOK7PR86/kOCQKoZQyCm3Wz7k/bq6W4B9rAG6yUQ XaI= -----END CERTIFICATE-----Generated at Tue Jun 3 23:30:17 2025 by rpki-client