$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b0c7485a-6d94-4adf-ad68-d031efad9d50.roa File: b0c7485a-6d94-4adf-ad68-d031efad9d50.roa (raw, json) Hash identifier: fq0/EGKQr2PdFs41IP0nlDUuJT5lEB92Z/zUXxE6svI= Subject key identifier: D2:8F:42:46:D1:94:7A:0A:57:D4:45:B0:40:00:C7:E3:83:8C:58:E8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1331A4607721C21CBCCD21576F0D8232912C0061 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b0c7485a-6d94-4adf-ad68-d031efad9d50.roa Signing time: Wed 14 May 2025 00:41:13 +0000 ROA not before: Wed 14 May 2025 00:41:13 +0000 ROA not after: Wed 18 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:9080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:31:a4:60:77:21:c2:1c:bc:cd:21:57:6f:0d:82:32:91:2c:00:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 14 00:41:13 2025 GMT Not After : Jun 18 23:59:59 2025 GMT Subject: serialNumber=d774e574af84799df378337d72a54c07d785ed35168233040bbce9ae4714f686, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:2a:bf:b4:44:20:bb:5b:e8:43:20:38:ce:bd: 9c:f6:13:ff:cc:a6:b0:27:2a:23:76:f3:c4:a2:11: c5:a3:0f:ad:2c:ee:d3:88:ae:27:d4:f5:a6:62:e5: 01:84:56:29:c4:95:f1:11:2e:9e:a5:71:a5:8b:32: 0c:ac:4e:df:a9:99:72:dc:58:8a:6b:c5:00:ea:a6: 18:91:4c:c4:14:20:12:44:6f:37:f9:54:ed:e7:10: b0:bb:d5:b9:f2:32:7c:52:16:d9:9f:1e:19:1d:84: 98:c2:5c:23:88:0b:1a:78:7f:5b:0b:1f:24:4f:8b: 9c:d1:fc:d9:78:1c:1d:95:8f:8e:b6:03:30:97:c3: f5:e8:ac:91:18:6d:13:02:02:6a:67:4f:46:a7:6b: 55:66:4c:96:f9:e3:dc:d8:5c:ea:31:a0:bd:ec:a1: b5:e4:ff:b4:29:da:8b:81:4f:b7:f1:0f:91:38:9c: 05:4a:e4:b4:c4:77:47:7d:cf:a2:17:b4:96:9e:b5: f0:c6:41:b5:d9:61:38:3a:57:04:39:8f:d3:81:6b: 8e:3d:c9:1e:fa:03:85:30:03:d4:af:fc:67:47:aa: 71:98:fa:a9:9b:93:c9:b7:f2:c2:d7:f4:45:df:be: 0f:3d:aa:06:2a:ab:08:4a:85:dd:83:c6:34:fe:da: ef:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:8F:42:46:D1:94:7A:0A:57:D4:45:B0:40:00:C7:E3:83:8C:58:E8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b0c7485a-6d94-4adf-ad68-d031efad9d50.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:9080::/48 Signature Algorithm: sha256WithRSAEncryption 38:dd:5f:41:90:8b:7c:f1:80:14:94:df:1f:97:17:29:2e:b6: c7:58:0c:15:99:18:06:93:f7:9b:4c:52:c1:d7:44:d3:b5:05: 5b:85:52:0c:81:2e:db:20:8b:7b:bb:44:0c:a9:de:8a:06:7d: 1c:5b:50:5f:5f:aa:56:96:d8:59:fb:95:a3:3b:4d:b4:db:ca: cf:3b:6b:c3:af:e7:a4:e2:38:7b:9d:ca:1d:d2:7a:c7:c5:58: e7:11:01:ef:cf:15:3e:f0:c9:8a:b6:40:4d:b8:07:2e:48:ef: bd:92:3b:1a:00:94:80:8e:9a:df:b4:09:6c:2a:f3:b3:5d:35: 97:cb:11:e2:d1:6d:03:60:6e:3d:d5:b1:eb:e3:5e:ec:09:03: d7:29:a9:c3:7d:f2:5a:d0:33:e8:d3:75:e7:1b:6d:98:ec:c7: 07:3a:fc:ca:61:b5:a3:04:a1:99:9b:8c:c5:5e:7d:85:68:0f: 29:34:5b:6e:df:ca:b1:5f:a8:4b:35:70:32:fa:e3:33:79:f0: 0d:32:f3:08:19:f4:a7:6c:f7:91:34:17:5d:ef:7e:02:1e:1f: 51:00:26:33:6c:ff:52:89:8e:92:2e:52:27:5f:41:0c:b1:00: 56:0e:5b:c2:ff:c7:98:d0:31:39:6b:ea:67:b2:b2:0d:41:59: b1:21:de:0f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUEzGkYHchwhy8zSFXbw2CMpEsAGEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNDAwNDExM1oX DTI1MDYxODIzNTk1OVowejFJMEcGA1UEBRNAZDc3NGU1NzRhZjg0Nzk5ZGYzNzgz MzdkNzJhNTRjMDdkNzg1ZWQzNTE2ODIzMzA0MGJiY2U5YWU0NzE0ZjY4NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyq/tEQgu1voQyA4zr2c9hP/zKaw JyojdvPEohHFow+tLO7TiK4n1PWmYuUBhFYpxJXxES6epXGlizIMrE7fqZly3FiK a8UA6qYYkUzEFCASRG83+VTt5xCwu9W58jJ8UhbZnx4ZHYSYwlwjiAsaeH9bCx8k T4uc0fzZeBwdlY+OtgMwl8P16KyRGG0TAgJqZ09Gp2tVZkyW+ePc2FzqMaC97KG1 5P+0KdqLgU+38Q+ROJwFSuS0xHdHfc+iF7SWnrXwxkG12WE4OlcEOY/TgWuOPcke +gOFMAPUr/xnR6pxmPqpm5PJt/LC1/RF374PPaoGKqsISoXdg8Y0/trvBQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNKPQkbRlHoKV9RFsEAAx+ODjFjoMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IwYzc0ODVhLTZkOTQtNGFkZi1hZDY4LWQwMzFlZmFkOWQ1MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAJCAMA0GCSqGSIb3DQEBCwUAA4IBAQA43V9BkIt88YAUlN8f lxcpLrbHWAwVmRgGk/ebTFLB10TTtQVbhVIMgS7bIIt7u0QMqd6KBn0cW1BfX6pW lthZ+5WjO02028rPO2vDr+ek4jh7ncod0nrHxVjnEQHvzxU+8MmKtkBNuAcuSO+9 kjsaAJSAjprftAlsKvOzXTWXyxHi0W0DYG491bHr417sCQPXKanDffJa0DPo03Xn G22Y7McHOvzKYbWjBKGZm4zFXn2FaA8pNFtu38qxX6hLNXAy+uMzefANMvMIGfSn bPeRNBdd734CHh9RACYzbP9SiY6SLlInX0EMsQBWDlvC/8eY0DE5a+pnsrINQVmx Id4P -----END CERTIFICATE-----Generated at Mon Jun 2 06:17:11 2025 by rpki-client