$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91606af-f23b-41f1-a5e0-9c946ffa3ce0.roa File: a91606af-f23b-41f1-a5e0-9c946ffa3ce0.roa (raw, json) Hash identifier: d22Q/Veb+Po8TzRUeaK99vRDy4tF2uIf5xXmDYKGFy8= Subject key identifier: 91:6F:97:03:E4:F6:58:63:59:DD:95:4F:87:6C:31:0A:21:AF:CC:A2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 733B73253E750213C372C30FDF1D6E307EF395D3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91606af-f23b-41f1-a5e0-9c946ffa3ce0.roa Signing time: Fri 16 May 2025 15:11:10 +0000 ROA not before: Fri 16 May 2025 15:11:10 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:3b:73:25:3e:75:02:13:c3:72:c3:0f:df:1d:6e:30:7e:f3:95:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:11:10 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=6fe4b77eee4a2990a80ba6264a6664d7f2ebb10a1b2305e330742a8b0f65c6e3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:11:86:e1:8a:0e:e6:9f:da:2e:69:fc:64:f4: ad:1e:af:a9:6c:66:1e:ab:8f:26:96:f4:54:ba:e2: ac:ce:39:8b:05:8c:cb:64:8e:ff:d6:d8:4d:cd:0b: 88:66:fc:ce:d5:13:48:22:cb:dc:f0:d8:c7:67:d9: 2a:b0:df:92:98:97:27:44:5c:f4:f7:ac:2a:21:22: 3f:f6:47:f6:95:35:73:89:a1:33:7f:63:a0:3c:c6: 20:81:fb:de:b3:74:22:c0:44:cd:01:29:3b:d9:83: eb:1b:d9:62:9b:c1:b0:f0:28:4f:b8:61:16:2b:41: dd:0e:c6:08:fe:48:1d:34:23:f1:87:31:23:88:f3: 7f:7c:07:e8:3b:00:ce:69:45:9c:51:e0:2a:43:56: 8f:8b:28:a5:0f:04:bb:20:84:ca:31:54:ba:1f:c3: a2:e0:a7:68:4a:b6:c1:ce:81:d0:27:f7:84:4c:1e: 75:85:40:63:31:b3:1a:5b:e0:2f:f9:6c:fb:a0:15: 4a:58:1b:1b:87:0e:c9:8f:ed:d0:2e:4b:ba:46:32: a0:76:68:40:66:c6:83:14:06:bc:74:5c:1e:5d:29: 75:99:1a:b4:27:5a:ef:a2:6d:59:a1:5f:4e:36:7c: 67:07:98:42:a4:84:bb:f0:56:82:26:2c:38:d2:6b: c2:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:6F:97:03:E4:F6:58:63:59:DD:95:4F:87:6C:31:0A:21:AF:CC:A2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91606af-f23b-41f1-a5e0-9c946ffa3ce0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:8000::/40 Signature Algorithm: sha256WithRSAEncryption 1e:5a:0f:aa:98:db:cd:c5:7a:60:5a:8a:97:1d:1e:11:ea:f9: 70:a1:94:ed:55:7a:c3:b6:43:d3:ea:c4:07:f6:f2:c9:f4:95: ad:1b:91:91:aa:32:15:f7:b6:6a:25:8f:b4:ca:10:09:95:47: e8:ec:d3:cd:25:37:be:1b:09:60:8e:b2:a2:31:ea:e3:33:57: e6:1f:c3:66:f9:9d:65:58:f4:d5:7c:ed:e1:59:e5:50:15:26: 3c:9c:54:43:6e:15:45:8c:fe:2b:af:63:5a:e2:a9:f0:c6:20: fc:84:2c:60:93:f7:58:27:68:a9:6d:57:d1:61:a0:72:d5:83: 4a:7f:79:2b:15:91:0a:55:1b:e3:88:54:a8:1c:20:99:0f:d4: a6:e4:3f:3e:0e:ef:27:a0:90:c1:c0:06:47:f3:48:d2:47:ca: b0:bd:69:d9:f3:40:32:17:dc:07:9c:a1:11:fa:0e:31:22:2f: 58:ce:51:a7:63:eb:b0:c3:c4:6b:82:e0:a1:32:d0:ab:57:74: 5a:dd:99:58:3d:01:d4:b8:b2:62:2f:29:a8:36:ff:5f:6c:14: 71:ec:e7:5b:0a:a6:ef:25:4d:9e:67:cc:68:05:ed:91:73:29: a3:38:e0:8f:ad:b2:9d:4f:59:9c:3f:8a:1c:63:9c:47:69:5d: 93:d1:3b:02 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcztzJT51AhPDcsMP3x1uMH7zldMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MTExMFoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANmZlNGI3N2VlZTRhMjk5MGE4MGJh NjI2NGE2NjY0ZDdmMmViYjEwYTFiMjMwNWUzMzA3NDJhOGIwZjY1YzZlMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBGG4YoO5p/aLmn8ZPStHq+pbGYe q48mlvRUuuKszjmLBYzLZI7/1thNzQuIZvzO1RNIIsvc8NjHZ9kqsN+SmJcnRFz0 96wqISI/9kf2lTVziaEzf2OgPMYggfves3QiwETNASk72YPrG9lim8Gw8ChPuGEW K0HdDsYI/kgdNCPxhzEjiPN/fAfoOwDOaUWcUeAqQ1aPiyilDwS7IITKMVS6H8Oi 4KdoSrbBzoHQJ/eETB51hUBjMbMaW+Av+Wz7oBVKWBsbhw7Jj+3QLku6RjKgdmhA ZsaDFAa8dFweXSl1mRq0J1rvom1ZoV9ONnxnB5hCpIS78FaCJiw40mvCkwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJFvlwPk9lhjWd2VT4dsMQohr8yiMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E5MTYwNmFmLWYyM2ItNDFmMS1hNWUwLTljOTQ2ZmZhM2NlMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+IAwDQYJKoZIhvcNAQELBQADggEBAB5aD6qY283FemBaipcd HhHq+XChlO1VesO2Q9PqxAf28sn0la0bkZGqMhX3tmolj7TKEAmVR+js080lN74b CWCOsqIx6uMzV+Yfw2b5nWVY9NV87eFZ5VAVJjycVENuFUWM/iuvY1riqfDGIPyE LGCT91gnaKltV9FhoHLVg0p/eSsVkQpVG+OIVKgcIJkP1KbkPz4O7yegkMHABkfz SNJHyrC9adnzQDIX3AecoRH6DjEiL1jOUadj67DDxGuC4KEy0KtXdFrdmVg9AdS4 smIvKag2/19sFHHs51sKpu8lTZ5nzGgF7ZFzKaM44I+tsp1PWZw/ihxjnEdpXZPR OwI= -----END CERTIFICATE-----Generated at Tue Jun 3 23:10:18 2025 by rpki-client