$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af674e28-8a6b-4881-bc24-1bd1d459637c.roa File: af674e28-8a6b-4881-bc24-1bd1d459637c.roa (raw, json) Hash identifier: dpL5R+O6HN8vnj6BM0yWrL6adxWkjRVQDcI1eioayuQ= Subject key identifier: 38:EA:08:3E:DC:D3:AD:79:DC:0B:A9:F7:42:5F:97:2A:31:CB:25:6B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 74CF99DC62D4EB4FA9E713E5EC03E4A3B3577E7F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af674e28-8a6b-4881-bc24-1bd1d459637c.roa Signing time: Tue 10 Jun 2025 15:12:18 +0000 ROA not before: Tue 10 Jun 2025 15:12:18 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 00:01:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:cf:99:dc:62:d4:eb:4f:a9:e7:13:e5:ec:03:e4:a3:b3:57:7e:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:12:18 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=ba15711756c793c520d331519fb520f37e6cf09b965438fc35bb44aebaf688eb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:c7:24:b4:cd:47:86:3c:6b:79:13:30:6f:26: d2:c9:62:b8:a1:cf:3d:99:8c:1b:f0:e7:5b:43:f6: 24:3f:d4:f7:75:fb:35:bb:83:ee:73:e5:41:79:21: 6a:f9:13:cb:6b:4a:4d:2e:00:69:1a:68:e1:84:15: 77:9a:62:ba:14:aa:70:ac:75:47:a9:df:44:6a:a1: 2a:d9:2b:d4:df:71:4c:ee:42:fc:a5:87:c9:3e:c3: e9:6a:66:e6:11:ab:1a:cf:de:a9:be:b0:0e:57:e4: d3:8f:34:22:cc:14:7e:c8:9f:b0:b3:f6:62:be:5d: 71:43:03:dd:ef:10:40:e9:6f:85:bd:a6:d9:de:a8: eb:a5:cc:14:c3:3a:45:cb:b6:e0:00:b2:88:b9:aa: a0:17:ac:2f:3f:87:3f:8b:60:a2:da:3d:8e:4e:06: 09:79:e0:00:24:6e:cb:16:0e:aa:d7:f0:fd:1a:e4: a8:3b:f7:f1:69:20:87:9d:c5:81:ca:76:02:41:47: f7:d4:18:bd:13:02:ce:5c:29:8b:f2:f0:38:3b:76: 19:cc:cf:ea:6a:7b:fd:e0:fb:08:73:78:1e:79:a6: 84:0e:d5:89:21:19:be:e3:a5:a9:3c:50:bf:d3:41: 04:8c:12:b6:5c:14:92:c0:82:e1:84:c0:84:74:13: 78:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:EA:08:3E:DC:D3:AD:79:DC:0B:A9:F7:42:5F:97:2A:31:CB:25:6B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af674e28-8a6b-4881-bc24-1bd1d459637c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:a000::/40 Signature Algorithm: sha256WithRSAEncryption 40:ff:a9:fb:27:3a:ce:f3:8f:f2:d2:be:de:d4:bd:f4:34:c3: 3b:54:a4:7c:b5:06:fd:19:30:6f:69:e7:20:d0:94:62:16:f5: b1:45:cd:e3:a7:11:79:8e:36:f5:66:21:f0:94:b7:83:d8:a8: 0d:58:32:9b:3e:ef:2f:d8:1f:da:69:ff:91:94:0c:7c:3d:7f: 4b:ea:65:92:19:0a:63:65:3a:14:77:a6:fb:de:f3:ef:23:7c: c8:a0:b1:91:5f:26:29:e8:32:fb:51:fc:21:bd:ba:00:bc:c6: d8:f3:05:18:b9:2a:3e:49:9d:bc:96:6f:bb:d0:53:49:29:bc: dd:fd:81:0e:38:74:ff:e2:90:2d:4d:94:7b:9f:b2:85:9a:5c: f6:ab:75:ea:b4:d7:1b:b6:f2:66:65:26:d8:0f:1e:97:d1:04: 44:90:01:b6:d8:d8:e3:67:70:8d:db:d3:9b:f1:0d:64:05:c8: 69:54:0d:f2:3a:98:90:2e:c0:de:38:5a:e5:60:b7:a5:71:f3: ab:f4:84:8e:6c:55:f4:b1:9b:7f:35:d6:5b:ef:cb:99:80:74: 84:98:ee:fe:58:e9:1b:0d:37:f0:d3:a3:97:6b:fc:c2:2f:e0: 96:e5:dc:ff:4c:3e:d5:b5:a0:53:45:7f:79:ef:55:9e:6d:c2: ad:8d:a6:3d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdM+Z3GLU60+p5xPl7APko7NXfn8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MTIxOFoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAYmExNTcxMTc1NmM3OTNjNTIwZDMz MTUxOWZiNTIwZjM3ZTZjZjA5Yjk2NTQzOGZjMzViYjQ0YWViYWY2ODhlYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2McktM1HhjxreRMwbybSyWK4oc89 mYwb8OdbQ/YkP9T3dfs1u4Puc+VBeSFq+RPLa0pNLgBpGmjhhBV3mmK6FKpwrHVH qd9EaqEq2SvU33FM7kL8pYfJPsPpambmEasaz96pvrAOV+TTjzQizBR+yJ+ws/Zi vl1xQwPd7xBA6W+FvabZ3qjrpcwUwzpFy7bgALKIuaqgF6wvP4c/i2Ci2j2OTgYJ eeAAJG7LFg6q1/D9GuSoO/fxaSCHncWBynYCQUf31Bi9EwLOXCmL8vA4O3YZzM/q anv94PsIc3geeaaEDtWJIRm+46WpPFC/00EEjBK2XBSSwILhhMCEdBN4hwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDjqCD7c06153Aup90JflyoxyyVrMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FmNjc0ZTI4LThhNmItNDg4MS1iYzI0LTFiZDFkNDU5NjM3Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoKAwDQYJKoZIhvcNAQELBQADggEBAED/qfsnOs7zj/LSvt7U vfQ0wztUpHy1Bv0ZMG9p5yDQlGIW9bFFzeOnEXmONvVmIfCUt4PYqA1YMps+7y/Y H9pp/5GUDHw9f0vqZZIZCmNlOhR3pvve8+8jfMigsZFfJinoMvtR/CG9ugC8xtjz BRi5Kj5JnbyWb7vQU0kpvN39gQ44dP/ikC1NlHufsoWaXPardeq01xu28mZlJtgP HpfRBESQAbbY2ONncI3b05vxDWQFyGlUDfI6mJAuwN44WuVgt6Vx86v0hI5sVfSx m3811lvvy5mAdISY7v5Y6RsNN/DTo5dr/MIv4Jbl3P9MPtW1oFNFf3nvVZ5twq2N pj0= -----END CERTIFICATE-----Generated at Tue Jun 17 17:33:20 2025 by rpki-client