$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bbddded6-dcdb-4e7d-afd3-a45288409de7.roa File: bbddded6-dcdb-4e7d-afd3-a45288409de7.roa (raw, json) Hash identifier: j9aLYe09AFbPe+GSzuIGttl1s2tc5mKQ+WtE6724Irk= Subject key identifier: DD:35:02:BB:3C:F5:8A:79:C8:A1:3B:6A:86:67:DC:98:8D:85:58:F8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 489DA2D5E2F272B6600F1A367531CC56A1BB9EE4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bbddded6-dcdb-4e7d-afd3-a45288409de7.roa Signing time: Fri 16 May 2025 00:00:24 +0000 ROA not before: Fri 16 May 2025 00:00:24 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:e0c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:9d:a2:d5:e2:f2:72:b6:60:0f:1a:36:75:31:cc:56:a1:bb:9e:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:00:24 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=e0ee8816c1cafeebe75da60901d8a8a8a7b4775e2371cb9108c50787c162dc0e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:44:6d:e4:f5:ce:de:ae:b0:02:fc:9d:d5:f2: 18:89:8e:bc:7c:97:95:03:8f:70:7a:10:84:eb:3f: 65:c0:c7:08:19:27:1a:7a:f1:56:34:1b:6d:09:b1: b5:64:35:b5:00:ce:58:4f:56:9a:9d:14:e7:91:bb: 09:07:67:f1:7f:5f:9f:d2:f0:c7:dc:ff:f7:49:66: 44:59:8f:44:d5:4d:2a:11:0c:00:49:3f:9e:b6:e1: e3:e7:76:28:c0:0b:47:5d:24:88:43:1f:9b:a4:25: cc:de:82:b4:1d:9c:3a:d8:b5:c8:d0:53:54:1f:c4: 89:7b:39:a0:1d:f7:ec:4c:42:d2:95:6b:96:08:72: 56:e4:0f:08:2b:6f:60:ab:98:99:ff:03:85:b8:70: 50:e5:f0:44:c1:6a:b4:e1:c8:49:fc:b9:30:89:d6: d1:17:91:8d:97:bb:7f:a4:00:2c:c0:c8:aa:6c:84: aa:49:c0:cc:16:59:06:03:a3:86:f0:ec:bc:38:64: 65:fd:71:08:d5:c2:9c:42:38:7e:58:c4:1a:7e:c5: 07:9d:91:7d:8b:3d:80:63:6b:c7:b8:5c:b1:b4:bc: cc:b7:93:af:97:c3:30:03:45:8b:b1:1e:d7:f9:77: ec:08:73:92:6a:60:3c:0e:3e:71:09:76:aa:3f:d3: ab:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:35:02:BB:3C:F5:8A:79:C8:A1:3B:6A:86:67:DC:98:8D:85:58:F8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bbddded6-dcdb-4e7d-afd3-a45288409de7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:e0c0::/46 Signature Algorithm: sha256WithRSAEncryption 04:c5:32:53:1c:e0:0d:14:20:16:8f:cf:b1:be:7a:db:11:13: 3a:90:17:40:49:89:24:fc:ef:a0:66:9f:95:97:3f:5c:04:eb: a4:0e:77:1b:4d:a8:6d:12:26:75:63:19:4a:92:6a:5f:1c:8f: f9:e8:8a:7d:be:c3:64:d3:ce:3a:b5:d4:bc:1b:39:81:0c:41: 8b:6f:6c:65:3c:dc:9c:cf:2b:6a:f0:4f:ce:c7:6c:e6:38:5d: a0:5d:03:d6:89:9c:9f:c0:b4:df:9e:04:a0:ac:ee:e4:f2:1f: 21:0f:de:e7:6d:ae:2d:28:4e:42:71:c3:d9:09:60:ca:f0:99: ac:3b:61:b3:bd:2f:b7:e9:af:1d:e6:91:87:28:35:dc:bf:e1: 65:c9:41:29:a6:38:fe:6e:9d:fd:1c:e7:70:4e:bc:4a:91:4a: 1b:13:5d:ba:af:8a:97:74:94:fc:39:6f:8a:9b:2e:6e:42:49: 9b:d0:3a:d0:72:56:32:73:50:a6:79:79:10:28:ac:ee:fc:84: 15:88:ad:42:b1:21:1f:2d:4f:2f:4e:f3:1a:57:87:95:27:be: 8d:96:20:2e:38:c1:bd:ff:8d:ae:16:45:43:4f:64:67:52:08: 31:df:bb:c1:04:35:e6:24:4a:60:e7:84:36:96:08:1a:d8:42: 5b:ac:b6:87 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUSJ2i1eLycrZgDxo2dTHMVqG7nuQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMDAyNFoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAZTBlZTg4MTZjMWNhZmVlYmU3NWRh NjA5MDFkOGE4YThhN2I0Nzc1ZTIzNzFjYjkxMDhjNTA3ODdjMTYyZGMwZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiERt5PXO3q6wAvyd1fIYiY68fJeV A49wehCE6z9lwMcIGScaevFWNBttCbG1ZDW1AM5YT1aanRTnkbsJB2fxf1+f0vDH 3P/3SWZEWY9E1U0qEQwAST+etuHj53YowAtHXSSIQx+bpCXM3oK0HZw62LXI0FNU H8SJezmgHffsTELSlWuWCHJW5A8IK29gq5iZ/wOFuHBQ5fBEwWq04chJ/LkwidbR F5GNl7t/pAAswMiqbISqScDMFlkGA6OG8Oy8OGRl/XEI1cKcQjh+WMQafsUHnZF9 iz2AY2vHuFyxtLzMt5Ovl8MwA0WLsR7X+XfsCHOSamA8Dj5xCXaqP9Or3wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFN01Ars89Yp5yKE7aoZn3JiNhVj4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JiZGRkZWQ2LWRjZGItNGU3ZC1hZmQzLWE0NTI4ODQwOWRlNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba9+DAMA0GCSqGSIb3DQEBCwUAA4IBAQAExTJTHOANFCAWj8+x vnrbERM6kBdASYkk/O+gZp+Vlz9cBOukDncbTahtEiZ1YxlKkmpfHI/56Ip9vsNk 0846tdS8GzmBDEGLb2xlPNyczytq8E/Ox2zmOF2gXQPWiZyfwLTfngSgrO7k8h8h D97nba4tKE5CccPZCWDK8JmsO2GzvS+36a8d5pGHKDXcv+FlyUEppjj+bp39HOdw TrxKkUobE126r4qXdJT8OW+Kmy5uQkmb0DrQclYyc1CmeXkQKKzu/IQViK1CsSEf LU8vTvMaV4eVJ76NliAuOMG9/42uFkVDT2RnUggx37vBBDXmJEpg54Q2lgga2EJb rLaH -----END CERTIFICATE-----Generated at Tue Jun 3 23:09:27 2025 by rpki-client