$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa File: bffbf7d3-f229-458a-8400-7dc848730d21.roa (raw, json) Hash identifier: 3m5Ewx1GFA66on0YK3ku6deETRtrmjp4t2vqOJ8tasc= Subject key identifier: 04:94:01:66:44:25:0A:90:29:A5:61:DB:76:27:D5:3E:D2:8D:DB:1B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 378EBEDB97AC3DC08B2C4F1FEB8EDB495B87279F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa Signing time: Tue 13 May 2025 00:00:20 +0000 ROA not before: Tue 13 May 2025 00:00:20 +0000 ROA not after: Tue 17 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:c080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:8e:be:db:97:ac:3d:c0:8b:2c:4f:1f:eb:8e:db:49:5b:87:27:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:00:20 2025 GMT Not After : Jun 17 23:59:59 2025 GMT Subject: serialNumber=0a0aea320476577a3b078128e645ad10ad90af92c432d13ab68449cf6c474263, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:f0:3d:f3:ee:21:f5:e0:21:be:67:59:aa:c7: c7:25:d7:71:2e:3d:f7:bd:dc:a9:14:92:a3:4e:73: be:1e:86:e9:7a:30:a9:25:df:5f:b7:7c:3f:30:e3: ee:a2:eb:eb:04:44:cc:7a:5b:3d:41:11:4c:8d:28: e8:29:92:c4:06:20:4e:16:0d:0b:51:f1:0e:96:de: d1:2d:bf:c9:ac:55:04:2b:91:50:27:76:25:d5:6c: c8:5e:24:dc:78:f2:5e:38:83:39:aa:f6:48:24:80: 74:2a:78:4e:42:4b:7b:9f:7c:2c:72:07:2f:7a:7b: d5:74:41:6e:e1:bb:aa:ec:ff:f7:6a:99:59:b7:24: 6b:24:18:c4:81:5f:08:87:a4:40:31:64:84:a0:8f: 91:64:be:f2:d4:a6:cb:be:19:12:70:2a:c3:19:c3: 27:a9:bf:fe:5b:6d:6c:c4:16:e1:6b:7b:2d:a1:bc: a8:37:51:9a:f0:8d:41:19:43:7e:78:d8:de:25:cb: a9:d0:1a:7c:73:36:86:e5:05:5a:67:6d:fe:b0:44: 52:ab:e3:78:71:96:09:87:c3:ee:56:82:4c:bf:e8: 2a:d2:ea:9f:b8:c8:de:9d:eb:49:96:4f:66:5a:75: 74:d7:6b:1d:b0:e3:eb:4e:57:17:de:7f:40:3b:db: d2:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:94:01:66:44:25:0A:90:29:A5:61:DB:76:27:D5:3E:D2:8D:DB:1B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:c080::/48 Signature Algorithm: sha256WithRSAEncryption 66:62:5b:1b:39:ea:ce:66:ad:0d:1e:ef:03:9c:de:4e:4a:6f: 8a:a2:e3:92:3d:3b:a8:20:93:53:7e:e9:6f:30:85:89:80:72: ce:61:90:92:7f:ba:aa:43:5d:a2:d5:fa:d5:e6:f5:2d:59:8c: 5d:2c:28:b1:56:36:8b:a9:2d:13:9a:c0:0a:c7:30:db:54:94: 38:45:17:39:5b:50:e2:c8:e4:7d:64:e8:59:5d:2b:20:5f:3a: 99:5d:9a:d6:b2:0c:47:e2:24:08:54:67:63:79:fe:1d:54:0f: 54:1f:10:84:cb:5d:c5:0b:4c:6d:d6:3d:4b:0d:14:b9:5a:05: c3:6f:7f:cb:be:30:99:d2:b8:d9:1d:5b:96:ed:39:c3:6a:57: 88:1f:00:78:06:69:94:0f:2b:ba:2a:fd:6b:c2:31:ba:af:d3: 09:be:70:a9:59:00:17:65:2e:73:c5:a9:4f:70:4b:67:43:d1: d3:df:87:66:49:31:a2:da:ed:d5:06:85:53:dd:fb:51:a5:fe: 98:87:f9:be:17:d8:3e:b2:72:f7:15:c3:83:b3:20:1a:c6:1b: ff:3b:a4:9d:b9:55:50:7b:ef:1c:13:e9:26:db:6d:97:29:b1: da:37:45:c5:97:ed:d2:d2:c9:66:6a:82:a3:39:40:ae:03:ef: c9:7f:6a:ca -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUN46+25esPcCLLE8f647bSVuHJ58wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMzAwMDAyMFoX DTI1MDYxNzIzNTk1OVowejFJMEcGA1UEBRNAMGEwYWVhMzIwNDc2NTc3YTNiMDc4 MTI4ZTY0NWFkMTBhZDkwYWY5MmM0MzJkMTNhYjY4NDQ5Y2Y2YzQ3NDI2MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/A98+4h9eAhvmdZqsfHJddxLj33 vdypFJKjTnO+HobpejCpJd9ft3w/MOPuouvrBETMels9QRFMjSjoKZLEBiBOFg0L UfEOlt7RLb/JrFUEK5FQJ3Yl1WzIXiTcePJeOIM5qvZIJIB0KnhOQkt7n3wscgcv envVdEFu4buq7P/3aplZtyRrJBjEgV8Ih6RAMWSEoI+RZL7y1KbLvhkScCrDGcMn qb/+W21sxBbha3stobyoN1Ga8I1BGUN+eNjeJcup0Bp8czaG5QVaZ23+sERSq+N4 cZYJh8PuVoJMv+gq0uqfuMjenetJlk9mWnV012sdsOPrTlcX3n9AO9vS7QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFASUAWZEJQqQKaVh23Yn1T7SjdsbMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JmZmJmN2QzLWYyMjktNDU4YS04NDAwLTdkYzg0ODczMGQyMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8sCAMA0GCSqGSIb3DQEBCwUAA4IBAQBmYlsbOerOZq0NHu8D nN5OSm+KouOSPTuoIJNTfulvMIWJgHLOYZCSf7qqQ12i1frV5vUtWYxdLCixVjaL qS0TmsAKxzDbVJQ4RRc5W1DiyOR9ZOhZXSsgXzqZXZrWsgxH4iQIVGdjef4dVA9U HxCEy13FC0xt1j1LDRS5WgXDb3/LvjCZ0rjZHVuW7TnDaleIHwB4BmmUDyu6Kv1r wjG6r9MJvnCpWQAXZS5zxalPcEtnQ9HT34dmSTGi2u3VBoVT3ftRpf6Yh/m+F9g+ snL3FcODsyAaxhv/O6SduVVQe+8cE+km222XKbHaN0XFl+3S0slmaoKjOUCuA+/J f2rK -----END CERTIFICATE-----Generated at Mon Jun 2 06:35:43 2025 by rpki-client