$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb43d920-c136-469d-a403-965ad7c2d9d2.roa File: bb43d920-c136-469d-a403-965ad7c2d9d2.roa (raw, json) Hash identifier: vciaYBpb4ewcWpB2sJCaM5xBzOqCJ6m2v/4a3jRvICc= Subject key identifier: E0:AE:FE:A5:56:93:73:F8:B6:01:46:29:7D:D4:29:57:4C:FF:EF:A0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3EE980B775189C8B76B76183E5468BFCF05D51C6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb43d920-c136-469d-a403-965ad7c2d9d2.roa Signing time: Fri 16 May 2025 00:40:18 +0000 ROA not before: Fri 16 May 2025 00:40:18 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:e9:80:b7:75:18:9c:8b:76:b7:61:83:e5:46:8b:fc:f0:5d:51:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:40:18 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=e09333ff79ab729bfdce886351e0a67e75bcc0faeb043724eeeada216ef89231, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:5d:af:b4:7a:ac:72:ab:63:bd:7f:38:e5:77: b7:e0:4b:93:05:0c:f7:80:18:69:f4:e4:4a:87:15: 3d:f0:27:6a:95:33:bc:4a:29:04:75:08:3d:f7:7d: 23:bc:70:2d:bb:de:37:05:99:97:64:aa:ee:52:f6: 73:70:e1:9a:97:75:e6:21:4b:dd:00:17:bb:f5:6a: 1a:c7:e3:b6:43:d9:68:64:fd:6f:13:7a:1b:4e:84: eb:3d:3c:e0:22:53:93:f5:f7:5d:77:21:18:20:ce: 38:a3:90:0c:e9:e6:9b:2a:5a:e5:02:da:d4:47:cd: 2f:84:be:9b:89:d3:52:59:ce:53:e9:9a:d4:96:4d: 6c:dc:49:d8:73:04:7d:f0:4e:2b:b4:16:a1:ed:e5: 03:a0:0c:a8:7e:da:24:59:bb:71:dd:06:6f:9e:f0: 0f:95:9a:36:29:68:0e:c5:67:fc:68:85:91:5e:7a: 67:cc:b8:f0:18:ef:40:b0:cf:75:55:18:2a:58:38: 05:e8:bc:6b:8b:71:7d:8b:10:2e:a6:d5:41:2d:3c: c4:25:c4:cc:95:d9:0f:c3:48:53:fc:96:24:2d:34: ce:75:c4:94:03:bd:3c:d0:e6:45:37:8f:e0:18:78: 55:c0:1f:fa:ab:57:ed:78:f7:f6:b6:1b:6d:b6:f5: b9:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:AE:FE:A5:56:93:73:F8:B6:01:46:29:7D:D4:29:57:4C:FF:EF:A0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb43d920-c136-469d-a403-965ad7c2d9d2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:a000::/40 Signature Algorithm: sha256WithRSAEncryption 6c:ff:7f:7d:7a:fe:2a:54:a0:e7:4c:f4:aa:a5:52:48:12:b6: de:d2:8d:64:39:9b:b3:46:04:7c:e8:1f:4f:dd:9a:d3:82:de: 1f:12:c1:26:e9:70:e9:76:84:4b:fe:8e:56:45:a3:78:9f:6e: 38:f5:37:84:ca:e2:42:0b:0b:a1:d4:f1:15:68:5d:a3:5b:71: 90:ef:92:2a:34:58:fc:88:3e:69:06:7f:47:84:b9:b4:b2:bd: 21:81:cb:70:bb:33:98:48:e3:ba:80:77:49:07:de:4d:95:af: bc:b8:5c:fd:0c:d2:d7:7a:67:ff:22:7d:19:8a:62:5b:0c:bc: 8d:96:82:4c:fb:89:d3:52:36:a4:55:9d:a1:06:38:d2:c3:d9: c7:c3:3d:03:ea:2a:a7:19:7d:40:a5:6e:c2:d2:b0:72:6a:db: 50:b6:9e:e3:50:88:af:80:10:4f:f5:d9:46:81:46:95:ae:33: 43:f0:39:a8:5d:0a:3d:58:60:3c:1c:1b:71:45:1d:52:19:d5: eb:ff:d2:a3:11:48:77:2c:36:6f:56:12:88:ce:aa:fb:fa:fe: 98:7b:66:15:1c:dc:fb:de:f1:3e:82:d2:95:c3:1b:44:ba:84: 62:93:61:01:d3:e1:c1:b0:6f:e9:a2:07:3c:ba:f8:80:2d:eb: 84:c8:b0:fd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPumAt3UYnIt2t2GD5UaL/PBdUcYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwNDAxOFoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAZTA5MzMzZmY3OWFiNzI5YmZkY2U4 ODYzNTFlMGE2N2U3NWJjYzBmYWViMDQzNzI0ZWVlYWRhMjE2ZWY4OTIzMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3V2vtHqscqtjvX845Xe34EuTBQz3 gBhp9ORKhxU98CdqlTO8SikEdQg9930jvHAtu943BZmXZKruUvZzcOGal3XmIUvd ABe79Woax+O2Q9loZP1vE3obToTrPTzgIlOT9fdddyEYIM44o5AM6eabKlrlAtrU R80vhL6bidNSWc5T6ZrUlk1s3EnYcwR98E4rtBah7eUDoAyoftokWbtx3QZvnvAP lZo2KWgOxWf8aIWRXnpnzLjwGO9AsM91VRgqWDgF6Lxri3F9ixAuptVBLTzEJcTM ldkPw0hT/JYkLTTOdcSUA7080OZFN4/gGHhVwB/6q1ftePf2thtttvW5wQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOCu/qVWk3P4tgFGKX3UKVdM/++gMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JiNDNkOTIwLWMxMzYtNDY5ZC1hNDAzLTk2NWFkN2MyZDlkMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaaAwDQYJKoZIhvcNAQELBQADggEBAGz/f316/ipUoOdM9Kql UkgStt7SjWQ5m7NGBHzoH0/dmtOC3h8SwSbpcOl2hEv+jlZFo3ifbjj1N4TK4kIL C6HU8RVoXaNbcZDvkio0WPyIPmkGf0eEubSyvSGBy3C7M5hI47qAd0kH3k2Vr7y4 XP0M0td6Z/8ifRmKYlsMvI2Wgkz7idNSNqRVnaEGONLD2cfDPQPqKqcZfUClbsLS sHJq21C2nuNQiK+AEE/12UaBRpWuM0PwOahdCj1YYDwcG3FFHVIZ1ev/0qMRSHcs Nm9WEojOqvv6/ph7ZhUc3Pve8T6C0pXDG0S6hGKTYQHT4cGwb+miBzy6+IAt64TI sP0= -----END CERTIFICATE-----Generated at Tue Jun 3 23:16:00 2025 by rpki-client