$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/add5cc6a-7ce6-4c3c-925b-feadc7007109.roa File: add5cc6a-7ce6-4c3c-925b-feadc7007109.roa (raw, json) Hash identifier: aDvobromAExMueEX5tuvN9amdnzogEhtqj7iGUiCkDo= Subject key identifier: E2:6E:03:23:FB:EB:46:08:E2:EB:A2:79:3C:D0:96:4D:ED:08:0B:A7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3A5A575FED8DB6E617AAA7735F30F561BFABB7E5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/add5cc6a-7ce6-4c3c-925b-feadc7007109.roa Signing time: Thu 22 May 2025 00:36:45 +0000 ROA not before: Thu 22 May 2025 00:36:45 +0000 ROA not after: Thu 26 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daed:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:5a:57:5f:ed:8d:b6:e6:17:aa:a7:73:5f:30:f5:61:bf:ab:b7:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 22 00:36:45 2025 GMT Not After : Jun 26 23:59:59 2025 GMT Subject: serialNumber=42d3d5ec49d9710073ca5acc87750535445efd716aa4245b98ef000247af0970, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:a7:c6:20:3d:f6:ec:2d:9f:ec:75:36:dd:53: e3:5e:96:4d:5f:db:1e:fb:24:19:fa:32:7c:1b:1d: 46:75:d5:e1:00:73:85:ed:68:1b:6a:ad:b4:8a:71: df:ba:89:d4:2a:d9:0b:10:7b:79:2e:3f:49:3e:b6: ce:09:c0:92:c0:89:60:d4:91:2a:48:e0:69:22:cf: bd:b5:bc:50:48:5f:6b:f0:50:0f:b1:60:7c:56:89: a7:ce:a8:63:97:36:09:6f:d9:c4:1a:e7:7a:96:c0: ec:a0:40:db:01:5a:67:c8:42:2f:20:d9:21:a8:71: 05:e7:3f:28:c3:fe:17:5a:0d:ba:ef:ca:cf:24:2b: 2c:60:ab:e8:8c:51:49:20:27:cc:b1:0b:4b:cc:32: 82:15:b4:d5:f9:3a:32:9e:22:18:1d:9a:92:1a:b6: 37:7a:c8:c8:3c:88:79:04:48:7c:dc:b1:4e:79:b7: b2:99:64:84:b3:84:c6:76:b0:a3:3e:06:43:f3:33: bc:6c:87:e9:39:90:7f:a5:c8:3d:c5:52:34:2c:a8: 76:17:d7:f4:9c:72:d8:68:9f:ed:8f:d5:89:84:84: e4:84:6a:c0:30:dc:fa:e1:ba:01:f3:cf:56:c6:68: 90:3d:ad:6d:54:f1:2e:db:52:ce:73:4d:75:10:65: 3e:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:6E:03:23:FB:EB:46:08:E2:EB:A2:79:3C:D0:96:4D:ED:08:0B:A7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/add5cc6a-7ce6-4c3c-925b-feadc7007109.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daed:2800::/40 Signature Algorithm: sha256WithRSAEncryption 9e:86:60:5d:ae:23:6a:7e:cd:89:65:51:fc:81:53:70:42:02: cb:0b:32:32:be:fb:b2:0a:25:57:ad:1d:19:40:88:4e:91:61: ab:85:2d:d4:2d:69:be:71:7a:33:7f:d2:29:b2:93:83:34:d2: d6:b4:1f:f0:44:d1:10:23:64:44:d9:c1:d5:85:9a:de:9e:49: fb:20:19:c8:c7:8f:50:1d:21:aa:e2:54:95:d2:6d:8c:65:1f: 31:ee:0f:3c:74:2e:48:53:9b:1c:66:6c:7e:26:e6:7b:fc:ec: b7:c7:a5:d3:6d:06:bf:17:f6:7e:a6:b0:3b:d6:f6:40:7c:36: c8:28:21:83:97:55:8d:4f:fd:02:f4:ac:69:f7:6e:04:bd:6f: 21:12:03:8f:84:93:c3:aa:08:f6:8c:68:4e:73:74:5b:a5:79: f4:40:92:4a:ef:96:0b:45:ff:f6:c8:80:dc:05:1e:36:ab:52: 05:9d:48:f7:2d:d1:40:8c:c8:d8:ce:e2:f8:b4:24:2a:90:e6: 40:f1:8a:ae:cc:75:07:e7:f0:fe:8c:13:28:23:d0:ef:56:f8: 88:e5:9c:22:d2:e6:0f:77:bc:e6:c6:0d:c0:97:da:a1:df:7c: 37:89:8d:61:20:e5:38:a1:76:1a:cc:14:62:a6:7f:1d:62:ad: f9:93:78:93 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOlpXX+2NtuYXqqdzXzD1Yb+rt+UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUyMjAwMzY0NVoX DTI1MDYyNjIzNTk1OVowejFJMEcGA1UEBRNANDJkM2Q1ZWM0OWQ5NzEwMDczY2E1 YWNjODc3NTA1MzU0NDVlZmQ3MTZhYTQyNDViOThlZjAwMDI0N2FmMDk3MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqfGID327C2f7HU23VPjXpZNX9se +yQZ+jJ8Gx1GddXhAHOF7Wgbaq20inHfuonUKtkLEHt5Lj9JPrbOCcCSwIlg1JEq SOBpIs+9tbxQSF9r8FAPsWB8VomnzqhjlzYJb9nEGud6lsDsoEDbAVpnyEIvINkh qHEF5z8ow/4XWg2678rPJCssYKvojFFJICfMsQtLzDKCFbTV+ToyniIYHZqSGrY3 esjIPIh5BEh83LFOebeymWSEs4TGdrCjPgZD8zO8bIfpOZB/pcg9xVI0LKh2F9f0 nHLYaJ/tj9WJhITkhGrAMNz64boB889WxmiQPa1tVPEu21LOc011EGU+PQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOJuAyP760YI4uuieTzQlk3tCAunMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FkZDVjYzZhLTdjZTYtNGMzYy05MjViLWZlYWRjNzAwNzEwOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7SgwDQYJKoZIhvcNAQELBQADggEBAJ6GYF2uI2p+zYllUfyB U3BCAssLMjK++7IKJVetHRlAiE6RYauFLdQtab5xejN/0imyk4M00ta0H/BE0RAj ZETZwdWFmt6eSfsgGcjHj1AdIariVJXSbYxlHzHuDzx0LkhTmxxmbH4m5nv87LfH pdNtBr8X9n6msDvW9kB8NsgoIYOXVY1P/QL0rGn3bgS9byESA4+Ek8OqCPaMaE5z dFulefRAkkrvlgtF//bIgNwFHjarUgWdSPct0UCMyNjO4vi0JCqQ5kDxiq7MdQfn 8P6MEygj0O9W+IjlnCLS5g93vObGDcCX2qHffDeJjWEg5TihdhrMFGKmfx1irfmT eJM= -----END CERTIFICATE-----Generated at Tue Jun 3 23:14:00 2025 by rpki-client