$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b3ed934e-b507-4d1e-8108-d901f3b37b6d.roa File: b3ed934e-b507-4d1e-8108-d901f3b37b6d.roa (raw, json) Hash identifier: hQAoCL8SO8m13yh/Dfk/8vqm01lFzfHqggK4A/yYXzQ= Subject key identifier: F8:C2:B5:EE:DE:8D:A5:55:0F:6A:04:08:E6:7E:C6:17:8A:7B:F1:F1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 28188C6014697928C86BD29E784E247E1D7C07B0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b3ed934e-b507-4d1e-8108-d901f3b37b6d.roa Signing time: Fri 16 May 2025 00:30:07 +0000 ROA not before: Fri 16 May 2025 00:30:07 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:18:8c:60:14:69:79:28:c8:6b:d2:9e:78:4e:24:7e:1d:7c:07:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:30:07 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=867418becad75b383d4c2ad8ac17be4e124d2c1966c31f2c4c6fc2991c8e14c6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:a1:f6:bc:c5:a8:05:a4:9e:01:e9:90:ca:cb: 7c:77:7c:03:31:82:35:27:9f:73:35:1d:aa:05:37: 66:a4:8d:9c:62:e4:63:3f:9f:7a:93:d7:0d:24:76: 2e:c8:87:ea:f0:59:09:3b:45:24:32:58:79:0b:1f: d1:d1:b7:fb:d9:a2:d9:2d:d0:db:c3:cf:58:41:d8: 3f:29:f9:2b:5b:78:83:5c:65:fe:77:ab:25:9f:f2: 32:1c:c6:a9:35:10:eb:50:08:30:81:1a:15:45:61: 72:8a:a2:69:45:0a:75:50:af:f4:97:3e:d9:7f:86: 03:08:fd:34:0b:55:8c:79:14:95:4f:62:3c:7b:a4: ea:6d:ca:c1:ff:ee:5e:fa:d6:af:3f:0d:e0:67:22: 72:b2:f8:a8:12:ca:13:65:0b:5d:55:96:65:9f:fb: 34:7f:60:e4:40:49:27:58:ce:62:c9:cc:71:18:fc: af:83:dc:e1:b8:7d:95:ca:30:4c:59:3e:ce:ea:e3: 49:df:ba:00:74:16:1c:8b:80:a5:07:ed:19:9b:c2: 0f:fc:a1:52:33:21:c5:46:06:0b:1c:24:b6:26:fe: ac:a1:e3:02:8c:32:8b:82:8e:af:72:a8:3e:8b:c0: 6c:cf:24:27:02:37:b9:53:42:95:5c:9f:a1:59:18: 69:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:C2:B5:EE:DE:8D:A5:55:0F:6A:04:08:E6:7E:C6:17:8A:7B:F1:F1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b3ed934e-b507-4d1e-8108-d901f3b37b6d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:1000::/40 Signature Algorithm: sha256WithRSAEncryption 6d:25:91:71:1f:1c:ac:36:ae:e9:e8:13:fe:e4:b3:8f:95:51: 89:86:e7:c3:22:e2:e9:5a:30:17:2c:5d:50:be:c4:01:df:8d: b0:45:42:da:bc:0c:68:f0:6b:e8:74:e5:62:42:8e:8b:e7:40: 8b:ca:1b:85:60:df:d7:f6:1c:e5:1b:3b:e2:11:e1:ab:75:ab: 80:b9:d1:19:e2:9e:74:a9:98:7e:0a:2f:73:dd:ce:51:2f:7a: ed:ef:39:e6:e1:47:7c:9b:8a:9e:ac:3c:43:96:87:c2:69:28: a0:bc:1e:fc:f8:93:ee:b6:1f:46:54:a4:72:4e:80:81:33:f9: 63:c8:97:d8:a6:be:32:35:fc:72:f1:eb:9d:4e:60:26:23:1a: 00:e0:1c:c2:44:28:d8:d0:b7:00:ac:b7:e6:87:28:1a:d2:7d: 25:04:d6:e7:bd:a4:2a:07:ac:02:bc:92:e6:38:ac:da:9b:54: 75:c8:fd:20:ce:8e:e9:e8:b2:cb:19:70:73:e5:c7:57:bb:8d: 95:59:45:e9:f6:ac:56:7e:25:70:51:c1:ab:6f:7b:ba:26:0b: 17:23:3c:ea:09:b7:49:99:e6:c1:73:eb:24:e1:06:27:42:45: eb:a7:2d:71:e1:64:46:1b:71:7d:76:51:c7:05:74:9c:90:2f: f5:2e:a4:3f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKBiMYBRpeSjIa9KeeE4kfh18B7AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMzAwN1oX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAODY3NDE4YmVjYWQ3NWIzODNkNGMy YWQ4YWMxN2JlNGUxMjRkMmMxOTY2YzMxZjJjNGM2ZmMyOTkxYzhlMTRjNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6H2vMWoBaSeAemQyst8d3wDMYI1 J59zNR2qBTdmpI2cYuRjP596k9cNJHYuyIfq8FkJO0UkMlh5Cx/R0bf72aLZLdDb w89YQdg/KfkrW3iDXGX+d6sln/IyHMapNRDrUAgwgRoVRWFyiqJpRQp1UK/0lz7Z f4YDCP00C1WMeRSVT2I8e6TqbcrB/+5e+tavPw3gZyJysvioEsoTZQtdVZZln/s0 f2DkQEknWM5iycxxGPyvg9zhuH2VyjBMWT7O6uNJ37oAdBYci4ClB+0Zm8IP/KFS MyHFRgYLHCS2Jv6soeMCjDKLgo6vcqg+i8BszyQnAje5U0KVXJ+hWRhpEwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPjCte7ejaVVD2oECOZ+xheKe/HxMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IzZWQ5MzRlLWI1MDctNGQxZS04MTA4LWQ5MDFmM2IzN2I2ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/xAwDQYJKoZIhvcNAQELBQADggEBAG0lkXEfHKw2runoE/7k s4+VUYmG58Mi4ulaMBcsXVC+xAHfjbBFQtq8DGjwa+h05WJCjovnQIvKG4Vg39f2 HOUbO+IR4at1q4C50RninnSpmH4KL3PdzlEveu3vOebhR3ybip6sPEOWh8JpKKC8 Hvz4k+62H0ZUpHJOgIEz+WPIl9imvjI1/HLx651OYCYjGgDgHMJEKNjQtwCst+aH KBrSfSUE1ue9pCoHrAK8kuY4rNqbVHXI/SDOjunosssZcHPlx1e7jZVZRen2rFZ+ JXBRwatve7omCxcjPOoJt0mZ5sFz6yThBidCReunLXHhZEYbcX12UccFdJyQL/Uu pD8= -----END CERTIFICATE-----Generated at Tue Jun 3 23:19:27 2025 by rpki-client