$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa File: c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa (raw, json) Hash identifier: tuWLmRzCIUOur0vx7HEZ04iha8oj8ZFTMxTMsSDiAWw= Subject key identifier: 97:94:AD:4D:C9:6F:15:64:17:5F:6F:B9:45:19:F0:85:78:AA:B0:00 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 650A98D82A239E32B97B8ED8B99537855349A32A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa Signing time: Tue 13 May 2025 00:11:15 +0000 ROA not before: Tue 13 May 2025 00:11:15 +0000 ROA not after: Tue 17 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:a040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:0a:98:d8:2a:23:9e:32:b9:7b:8e:d8:b9:95:37:85:53:49:a3:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:11:15 2025 GMT Not After : Jun 17 23:59:59 2025 GMT Subject: serialNumber=6c91d4f731ae125dec60bf144dcb6e3efa3178bcd0b3c74f6b4716cbf185c286, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:c9:1f:bd:65:a0:7a:0b:e7:65:5b:84:b1:21: 8f:15:c3:d2:a5:5a:3a:11:ee:fb:11:ed:7f:f2:ae: 1b:70:94:9c:87:1e:ea:8d:fa:cc:7a:ff:09:57:eb: 44:d7:9b:6f:36:13:21:44:95:65:2b:d3:0f:d3:ce: dc:63:a1:b7:cd:ab:4e:d6:ad:a4:f5:52:e8:0b:02: 62:f3:4a:3f:d3:2f:fd:16:e7:15:46:db:04:b2:00: 71:54:26:71:3b:ec:bd:34:85:48:1d:7a:21:05:20: fa:f2:f4:75:49:d0:66:70:0f:e4:2d:58:a5:1d:6c: 35:62:41:dc:be:b2:4b:23:30:a7:39:8d:61:f3:78: 40:f3:71:82:16:d3:f5:30:3f:23:09:97:2c:44:3b: d5:81:97:b4:ac:37:06:46:9e:62:16:67:2f:e8:e4: 30:3c:e0:f1:99:60:72:92:ef:41:69:c8:f8:13:e4: 6c:5f:50:50:2f:4d:ea:69:3c:f1:ee:71:df:09:40: 03:ee:c9:b4:e0:d1:42:29:73:b4:dd:b9:9c:73:20: 51:9c:f2:42:87:08:6a:53:cb:8c:af:94:54:4d:19: eb:1b:44:7d:f1:18:60:f6:7b:da:14:c6:03:15:79: 41:09:43:73:1e:87:85:b8:28:56:c2:e9:ea:2c:af: b7:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:94:AD:4D:C9:6F:15:64:17:5F:6F:B9:45:19:F0:85:78:AA:B0:00 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:a040::/48 Signature Algorithm: sha256WithRSAEncryption 6b:ae:f0:27:28:79:ed:e4:e6:1d:1c:2f:5a:fa:d4:b2:85:13: a9:5e:00:5b:17:af:ba:d2:5b:a4:af:5f:6c:f6:ce:bf:ca:67: e2:a4:a6:34:ea:a3:55:8f:c6:e4:11:fe:e8:bc:04:cc:a1:e6: 0f:33:e9:1a:49:77:12:88:75:4b:d3:c9:0c:15:7b:7f:8d:5c: 8c:f8:39:79:d0:98:e4:e2:42:2d:4d:0e:4c:71:e4:7b:44:a4: 45:97:ff:53:41:a3:06:89:50:17:25:d8:42:12:97:da:ac:e6: 7b:dd:92:7a:8f:55:cb:b7:aa:2c:6e:8c:d8:c7:f9:9d:8e:f9: 64:03:db:7c:04:4e:9f:a9:7e:38:97:98:50:4b:d1:6b:39:aa: 91:da:25:b6:d3:49:06:4a:e4:79:9a:a3:be:45:7c:46:47:48: dc:3a:d4:c8:bc:2e:ad:ae:9e:fd:69:51:8a:6b:b7:e6:3d:5a: 67:a8:1e:8d:27:a3:0a:f3:a6:d4:18:2f:7e:1d:5d:a8:5c:2b: b4:8c:a3:eb:13:3f:ec:da:68:29:52:0e:0e:7d:fe:ec:65:52: 8a:dc:80:2b:86:38:b5:62:05:c5:a7:df:4b:48:6f:9e:b7:f8: 5a:c2:0a:d0:7e:60:45:3a:93:75:ae:0e:ea:de:e4:98:3b:9a: fd:e4:88:ed -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZQqY2CojnjK5e47YuZU3hVNJoyowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMzAwMTExNVoX DTI1MDYxNzIzNTk1OVowejFJMEcGA1UEBRNANmM5MWQ0ZjczMWFlMTI1ZGVjNjBi ZjE0NGRjYjZlM2VmYTMxNzhiY2QwYjNjNzRmNmI0NzE2Y2JmMTg1YzI4NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxskfvWWgegvnZVuEsSGPFcPSpVo6 Ee77Ee1/8q4bcJSchx7qjfrMev8JV+tE15tvNhMhRJVlK9MP087cY6G3zatO1q2k 9VLoCwJi80o/0y/9FucVRtsEsgBxVCZxO+y9NIVIHXohBSD68vR1SdBmcA/kLVil HWw1YkHcvrJLIzCnOY1h83hA83GCFtP1MD8jCZcsRDvVgZe0rDcGRp5iFmcv6OQw PODxmWByku9Bacj4E+RsX1BQL03qaTzx7nHfCUAD7sm04NFCKXO03bmccyBRnPJC hwhqU8uMr5RUTRnrG0R98Rhg9nvaFMYDFXlBCUNzHoeFuChWwunqLK+3aQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJeUrU3JbxVkF19vuUUZ8IV4qrAAMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M3YTFhM2ViLTQ2ZmItNDM0OS1iZWI0LWRiYWRlZjkwN2UyYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAKBAMA0GCSqGSIb3DQEBCwUAA4IBAQBrrvAnKHnt5OYdHC9a +tSyhROpXgBbF6+60lukr19s9s6/ymfipKY06qNVj8bkEf7ovATMoeYPM+kaSXcS iHVL08kMFXt/jVyM+Dl50Jjk4kItTQ5MceR7RKRFl/9TQaMGiVAXJdhCEpfarOZ7 3ZJ6j1XLt6osbozYx/mdjvlkA9t8BE6fqX44l5hQS9FrOaqR2iW200kGSuR5mqO+ RXxGR0jcOtTIvC6trp79aVGKa7fmPVpnqB6NJ6MK86bUGC9+HV2oXCu0jKPrEz/s 2mgpUg4Off7sZVKK3IArhji1YgXFp99LSG+et/hawgrQfmBFOpN1rg7q3uSYO5r9 5Ijt -----END CERTIFICATE-----Generated at Tue Jun 3 23:08:29 2025 by rpki-client