$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7b1c1ce-ca99-4712-96c8-2e4dc35d25f1.roa File: c7b1c1ce-ca99-4712-96c8-2e4dc35d25f1.roa (raw, json) Hash identifier: dRAI1Z4hHD05jWEknLcpItIDW3G0+ZzoHsrVWWI7Li8= Subject key identifier: 3A:D0:02:6D:15:8E:9D:9B:86:51:03:4B:99:98:52:FB:69:E1:36:4D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5F68828EC212E8675AF2967796646D86243AE3BD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7b1c1ce-ca99-4712-96c8-2e4dc35d25f1.roa Signing time: Mon 12 May 2025 15:00:54 +0000 ROA not before: Mon 12 May 2025 15:00:54 +0000 ROA not after: Mon 16 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:68:82:8e:c2:12:e8:67:5a:f2:96:77:96:64:6d:86:24:3a:e3:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 12 15:00:54 2025 GMT Not After : Jun 16 23:59:59 2025 GMT Subject: serialNumber=ceea7dbb5b1f6e463ffba25fc091a94cbd112bab4c7023899dc841eccdb96307, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:09:fc:cf:24:92:ac:3c:bc:59:31:90:71:a9: cc:6e:df:09:e5:5f:f1:5c:2d:ca:16:00:68:f3:ed: de:d5:55:e9:bb:8b:7e:f3:46:16:37:88:e6:a6:08: 5e:22:5e:0e:c6:e3:ff:b2:20:f6:5b:4c:63:3b:35: 37:40:cc:bd:17:88:37:90:4d:6c:37:d6:0b:76:f8: 04:b5:2d:85:14:b8:bd:cd:a9:ff:28:80:e3:c7:b9: fc:0e:4a:1f:a7:2f:1e:73:d6:cd:86:f4:0e:4f:d7: 21:16:c5:b4:07:84:98:a4:8b:9a:e7:56:7e:10:56: 55:bc:8d:23:e9:f3:1c:5d:b1:28:94:4e:61:66:d2: 35:bf:74:38:83:46:e5:37:33:81:09:eb:9e:fc:03: 3c:93:77:65:5c:b7:d6:df:64:aa:ff:1d:58:91:d9: 11:d7:4e:aa:f0:96:5b:ce:1b:88:ea:63:85:05:57: e9:87:22:72:eb:47:a9:8c:1d:21:94:35:c3:d6:66: be:01:f3:df:9c:ae:d4:36:b2:47:a3:19:dd:26:64: 9d:14:a2:ae:8d:5a:5d:16:32:23:4d:3b:e3:90:c6: a9:55:bd:be:db:3b:bf:00:12:62:ba:71:61:45:d3: 90:48:da:ae:77:00:6b:d1:3e:0d:a2:ca:68:26:22: ea:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:D0:02:6D:15:8E:9D:9B:86:51:03:4B:99:98:52:FB:69:E1:36:4D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7b1c1ce-ca99-4712-96c8-2e4dc35d25f1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:a000::/40 Signature Algorithm: sha256WithRSAEncryption a0:fa:b6:1d:fa:dc:e7:66:11:ab:29:00:75:c9:ca:e1:fb:5c: 5f:aa:e2:bc:af:ed:aa:50:99:10:4f:db:6c:97:23:ed:df:a2: ba:3c:65:48:f1:9b:20:9a:b6:d9:5e:e2:a9:7f:a8:2a:00:06: 19:15:c9:b5:0c:49:40:93:8b:b0:5f:e5:20:f2:e2:25:32:01: 95:38:c6:04:b5:7c:12:2d:3e:9c:8a:b6:5f:8b:c6:29:18:2d: 23:17:e1:55:be:26:d8:13:84:0b:57:13:5a:53:35:02:23:3f: fc:1c:5e:5d:bd:e6:1c:2a:51:99:a2:bc:40:28:ad:e0:de:56: 98:5f:a7:d5:8e:96:59:24:de:9d:05:2b:e0:0c:05:81:4e:41: f7:57:ce:99:34:7d:9a:17:b0:37:df:4c:0a:32:71:0f:45:83: b3:41:d1:8d:9d:71:b2:ea:89:df:5c:ee:8e:16:65:bf:40:7a: 5b:7e:3c:a0:1a:bf:9b:61:4c:ce:8d:47:78:30:ef:28:20:a3: 28:ad:09:47:a9:e2:0f:be:5e:50:1a:62:e0:33:fc:c6:14:4f: c4:15:7e:5c:8f:ef:0a:25:f7:34:c2:7f:c7:d3:88:30:fb:ed: 9f:ad:c9:f1:ea:5c:56:f5:92:e1:9b:9d:3c:02:3a:bb:07:20: d0:e5:48:fe -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUX2iCjsIS6Gda8pZ3lmRthiQ6470wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMjE1MDA1NFoX DTI1MDYxNjIzNTk1OVowejFJMEcGA1UEBRNAY2VlYTdkYmI1YjFmNmU0NjNmZmJh MjVmYzA5MWE5NGNiZDExMmJhYjRjNzAyMzg5OWRjODQxZWNjZGI5NjMwNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAn8zySSrDy8WTGQcanMbt8J5V/x XC3KFgBo8+3e1VXpu4t+80YWN4jmpgheIl4OxuP/siD2W0xjOzU3QMy9F4g3kE1s N9YLdvgEtS2FFLi9zan/KIDjx7n8Dkofpy8ec9bNhvQOT9chFsW0B4SYpIua51Z+ EFZVvI0j6fMcXbEolE5hZtI1v3Q4g0blNzOBCeue/AM8k3dlXLfW32Sq/x1YkdkR 106q8JZbzhuI6mOFBVfphyJy60epjB0hlDXD1ma+AfPfnK7UNrJHoxndJmSdFKKu jVpdFjIjTTvjkMapVb2+2zu/ABJiunFhRdOQSNqudwBr0T4NospoJiLqnQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDrQAm0Vjp2bhlEDS5mYUvtp4TZNMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M3YjFjMWNlLWNhOTktNDcxMi05NmM4LTJlNGRjMzVkMjVmMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9KAwDQYJKoZIhvcNAQELBQADggEBAKD6th363OdmEaspAHXJ yuH7XF+q4ryv7apQmRBP22yXI+3foro8ZUjxmyCattle4ql/qCoABhkVybUMSUCT i7Bf5SDy4iUyAZU4xgS1fBItPpyKtl+LxikYLSMX4VW+JtgThAtXE1pTNQIjP/wc Xl295hwqUZmivEAoreDeVphfp9WOllkk3p0FK+AMBYFOQfdXzpk0fZoXsDffTAoy cQ9Fg7NB0Y2dcbLqid9c7o4WZb9Aelt+PKAav5thTM6NR3gw7yggoyitCUep4g++ XlAaYuAz/MYUT8QVflyP7wol9zTCf8fTiDD77Z+tyfHqXFb1kuGbnTwCOrsHINDl SP4= -----END CERTIFICATE-----Generated at Tue Jun 3 23:12:22 2025 by rpki-client