$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa File: aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa (raw, json) Hash identifier: NObnCsHuLIGVN/9iWDSATmfbOqyztXIimY8ikefhvlY= Subject key identifier: 6D:9F:03:48:8D:CF:D8:69:D9:88:6D:E1:7F:24:19:65:EC:7B:0B:CE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2E8FFD071ED6F4A7B9CF2C3E1A49315D0F391690 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa Signing time: Fri 30 May 2025 00:00:10 +0000 ROA not before: Fri 30 May 2025 00:00:10 +0000 ROA not after: Fri 04 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:8f:fd:07:1e:d6:f4:a7:b9:cf:2c:3e:1a:49:31:5d:0f:39:16:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 30 00:00:10 2025 GMT Not After : Jul 4 23:59:59 2025 GMT Subject: serialNumber=c2f7a06bdd53b82b9308039a6d70a60b57b98be2ed65388d0faabdcd2ba590a5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:cb:a5:6b:bf:b5:b8:3b:b3:5f:2d:31:ce:61: 6f:ae:f9:3f:20:63:65:3c:3e:60:17:d5:cd:84:b3: f8:03:32:d0:29:88:e2:c0:9d:8b:74:9c:c7:e9:42: 75:94:02:78:9f:07:e6:54:8b:20:7b:90:91:3c:4b: ab:ae:81:82:a6:6b:1c:a6:67:20:e8:dd:a3:1a:b5: ac:fb:aa:d0:e3:a1:1a:e4:17:61:c9:9b:07:e2:4d: 8c:22:d2:8d:39:d2:f8:93:e5:c7:16:2b:50:14:57: 3a:65:ce:a1:0a:7d:51:68:55:4e:cb:0b:b0:0b:1f: 4b:94:d0:fc:68:84:21:35:d4:36:fc:c3:c4:2a:8a: 6e:99:4c:c7:f8:ca:5d:e8:0b:06:ac:55:e7:f8:54: fd:51:d8:35:10:a4:88:95:2b:42:bf:ff:8e:a0:64: b5:ff:d4:fa:79:5a:9d:3f:91:f7:7f:b6:a7:95:aa: 1c:d8:e5:0b:6d:62:1a:ab:d7:5b:4e:2e:4f:57:fd: ff:c2:9d:7e:d8:22:43:a8:27:bf:bb:ed:0a:2a:05: ab:ab:29:23:4f:3b:5e:25:d8:c5:d6:e2:df:b8:fb: b2:c7:c9:30:d4:f7:cc:cf:4d:39:60:65:a5:e9:c6: a7:8c:e8:b3:8d:35:18:47:b3:49:c1:e8:3f:a1:d9: 59:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:9F:03:48:8D:CF:D8:69:D9:88:6D:E1:7F:24:19:65:EC:7B:0B:CE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:a000::/40 Signature Algorithm: sha256WithRSAEncryption 43:52:cb:2c:24:a1:e7:02:4e:b1:00:bc:dd:08:c4:12:b3:78: f1:ae:14:84:df:40:ae:e9:7b:fd:68:7d:c0:3a:ce:30:62:00: 49:24:98:5b:e7:b6:4f:1d:29:be:7f:98:20:81:ba:65:a2:e6: fc:d7:e6:24:53:71:51:7d:ea:3b:8c:17:94:bf:74:60:06:4c: 9a:9e:c2:43:6d:32:7c:af:d1:8f:9d:30:ab:c8:f7:7b:28:f9: 79:48:40:1a:87:8b:19:bc:95:46:93:77:28:31:1c:d1:3c:68: 25:25:d5:88:79:5b:0f:b6:b9:b3:ba:90:59:20:50:5c:e6:4e: 6b:ac:a9:f7:c0:22:84:50:a9:0b:d2:15:0f:51:a8:8e:de:ff: 59:1a:e0:33:3a:71:42:c0:66:ce:f7:78:69:8b:47:b0:13:a1: ec:1d:bd:d3:6f:9e:d1:b1:24:80:0a:50:d1:4d:24:a9:65:6d: 45:fe:e0:8b:8c:7b:87:8a:b4:b1:1b:8c:ab:ee:d1:40:25:dd: 2a:72:57:f4:37:a7:7c:c9:55:3d:f2:98:58:51:e6:7d:f2:66: 38:16:de:14:70:54:2f:bc:aa:ec:bc:d7:2e:fb:29:4f:aa:e2: 4e:2c:83:78:da:91:f4:15:5f:b1:dc:d5:35:6b:36:67:95:8e: 0e:00:27:90 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULo/9Bx7W9Ke5zyw+GkkxXQ85FpAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUzMDAwMDAxMFoX DTI1MDcwNDIzNTk1OVowejFJMEcGA1UEBRNAYzJmN2EwNmJkZDUzYjgyYjkzMDgw MzlhNmQ3MGE2MGI1N2I5OGJlMmVkNjUzODhkMGZhYWJkY2QyYmE1OTBhNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsula7+1uDuzXy0xzmFvrvk/IGNl PD5gF9XNhLP4AzLQKYjiwJ2LdJzH6UJ1lAJ4nwfmVIsge5CRPEurroGCpmscpmcg 6N2jGrWs+6rQ46Ea5BdhyZsH4k2MItKNOdL4k+XHFitQFFc6Zc6hCn1RaFVOywuw Cx9LlND8aIQhNdQ2/MPEKopumUzH+Mpd6AsGrFXn+FT9Udg1EKSIlStCv/+OoGS1 /9T6eVqdP5H3f7anlaoc2OULbWIaq9dbTi5PV/3/wp1+2CJDqCe/u+0KKgWrqykj TzteJdjF1uLfuPuyx8kw1PfMz005YGWl6canjOizjTUYR7NJweg/odlZYQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG2fA0iNz9hp2Yht4X8kGWXsewvOMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FiYTIzMThjLWU5NmEtNDA1OC04ZTBjLTVhY2EyYjU2YWFkOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMqAwDQYJKoZIhvcNAQELBQADggEBAENSyywkoecCTrEAvN0I xBKzePGuFITfQK7pe/1ofcA6zjBiAEkkmFvntk8dKb5/mCCBumWi5vzX5iRTcVF9 6juMF5S/dGAGTJqewkNtMnyv0Y+dMKvI93so+XlIQBqHixm8lUaTdygxHNE8aCUl 1Yh5Ww+2ubO6kFkgUFzmTmusqffAIoRQqQvSFQ9RqI7e/1ka4DM6cULAZs73eGmL R7AToewdvdNvntGxJIAKUNFNJKllbUX+4IuMe4eKtLEbjKvu0UAl3SpyV/Q3p3zJ VT3ymFhR5n3yZjgW3hRwVC+8quy81y77KU+q4k4sg3jakfQVX7Hc1TVrNmeVjg4A J5A= -----END CERTIFICATE-----Generated at Tue Jun 3 23:11:28 2025 by rpki-client