$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbe226c2-aed5-404b-b74e-3b543fc887f0.roa File: cbe226c2-aed5-404b-b74e-3b543fc887f0.roa (raw, json) Hash identifier: t4OURZSRkJ7M8GJoUxTiv1n05Tj3zY+4haSMX+vwta4= Subject key identifier: 8B:19:44:48:C4:29:10:94:3C:43:A2:42:83:C8:9A:D9:17:6B:E5:3A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 51C585596E6EA0B076BA9A169E80448F31D0DD55 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbe226c2-aed5-404b-b74e-3b543fc887f0.roa Signing time: Fri 16 May 2025 00:41:28 +0000 ROA not before: Fri 16 May 2025 00:41:28 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:f0c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:c5:85:59:6e:6e:a0:b0:76:ba:9a:16:9e:80:44:8f:31:d0:dd:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:41:28 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=7bb1d64405a74886861c7424bffec9fdfdb1dc7e80b1bc44ffd3ef3d10e0a3e7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:35:9c:20:01:73:75:c4:34:76:59:79:77:01: 4e:ae:83:c4:53:b6:b9:00:bd:f8:7c:ed:2f:2b:21: d1:b7:aa:db:85:bc:c1:ba:c0:8c:37:95:d1:95:9b: ea:cb:20:ef:e9:3f:63:39:0e:16:e0:0c:ab:03:b4: 68:8e:d9:bd:9e:b9:36:23:c4:e6:aa:d5:a1:00:84: 37:e3:f0:81:71:d9:f5:97:1c:cf:f4:ca:88:49:99: 7d:40:e8:24:7a:ae:34:23:88:34:e7:99:85:35:e5: 33:28:ee:01:82:6e:61:b0:11:a4:f7:ea:0d:61:45: 49:22:92:39:3a:92:6d:ca:08:16:04:5c:28:f3:48: f0:49:60:08:d3:a7:eb:07:0b:71:76:08:bf:a6:62: ad:6f:97:8d:5d:2b:d5:f3:b5:9c:56:6c:82:dd:c2: c5:46:6b:5a:59:ff:4d:d4:bf:a0:54:b2:b2:54:c1: 98:ac:5c:f0:c3:42:0e:70:ce:62:09:64:2c:79:84: f0:2e:32:06:0f:5b:85:8c:92:8b:7a:d9:43:af:48: f5:7e:84:0f:43:a9:ac:40:c6:b0:c4:a4:e0:15:84: db:ba:b3:91:84:99:e7:35:84:02:0c:f2:16:f4:8c: a4:10:cf:48:73:bf:0a:4b:e5:d9:82:49:c6:16:7b: 6c:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:19:44:48:C4:29:10:94:3C:43:A2:42:83:C8:9A:D9:17:6B:E5:3A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbe226c2-aed5-404b-b74e-3b543fc887f0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:f0c0::/46 Signature Algorithm: sha256WithRSAEncryption a8:14:bf:68:8a:aa:a1:0d:54:67:fb:04:3e:c9:d7:e6:4d:77: fc:fb:41:3d:cb:74:fb:c1:01:35:bb:e1:67:03:d4:40:d7:ee: e9:73:e5:27:11:6f:c1:a5:72:6b:d9:f0:59:05:5c:78:b4:9a: 16:7d:70:aa:0f:8b:e0:5a:76:a3:a3:a1:9a:d6:c3:20:59:66: f4:ff:a2:1c:05:ed:5c:90:34:ef:62:4e:9f:11:af:c6:ea:aa: 25:78:e2:3f:e4:e0:73:ea:62:bd:aa:30:8c:80:a3:3d:b4:21: 68:bf:04:6a:39:26:31:e3:ac:36:f9:7a:5c:0c:fa:85:ae:f8: b1:04:2a:e3:2b:e7:5d:a5:bd:b0:15:c3:82:e4:b2:16:b9:0a: f5:58:b1:d2:ff:03:4b:0b:16:89:4c:ad:c1:0c:33:fc:82:14: 00:2c:ae:9c:a3:fd:fb:10:60:8a:33:68:22:56:03:b9:41:43: 92:85:38:40:d4:1f:5d:44:d1:91:a0:f6:8a:a7:a8:85:ad:1c: d3:b0:5c:1c:ec:5b:1e:f1:6d:2f:45:11:d9:27:28:00:76:50: 6f:84:ea:3e:24:31:99:36:ea:a5:30:33:c2:11:f6:52:ce:5f: d0:30:82:08:bc:95:ab:f4:c3:af:0f:3e:1e:bd:ef:01:03:20: 82:2f:f4:73 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUUcWFWW5uoLB2upoWnoBEjzHQ3VUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwNDEyOFoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAN2JiMWQ2NDQwNWE3NDg4Njg2MWM3 NDI0YmZmZWM5ZmRmZGIxZGM3ZTgwYjFiYzQ0ZmZkM2VmM2QxMGUwYTNlNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzWcIAFzdcQ0dll5dwFOroPEU7a5 AL34fO0vKyHRt6rbhbzBusCMN5XRlZvqyyDv6T9jOQ4W4AyrA7Rojtm9nrk2I8Tm qtWhAIQ34/CBcdn1lxzP9MqISZl9QOgkeq40I4g055mFNeUzKO4Bgm5hsBGk9+oN YUVJIpI5OpJtyggWBFwo80jwSWAI06frBwtxdgi/pmKtb5eNXSvV87WcVmyC3cLF RmtaWf9N1L+gVLKyVMGYrFzww0IOcM5iCWQseYTwLjIGD1uFjJKLetlDr0j1foQP Q6msQMawxKTgFYTburORhJnnNYQCDPIW9IykEM9Ic78KS+XZgknGFntsLQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIsZREjEKRCUPEOiQoPImtkXa+U6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NiZTIyNmMyLWFlZDUtNDA0Yi1iNzRlLTNiNTQzZmM4ODdmMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAbaafDAMA0GCSqGSIb3DQEBCwUAA4IBAQCoFL9oiqqhDVRn+wQ+ ydfmTXf8+0E9y3T7wQE1u+FnA9RA1+7pc+UnEW/BpXJr2fBZBVx4tJoWfXCqD4vg Wnajo6Ga1sMgWWb0/6IcBe1ckDTvYk6fEa/G6qoleOI/5OBz6mK9qjCMgKM9tCFo vwRqOSYx46w2+XpcDPqFrvixBCrjK+ddpb2wFcOC5LIWuQr1WLHS/wNLCxaJTK3B DDP8ghQALK6co/37EGCKM2giVgO5QUOShThA1B9dRNGRoPaKp6iFrRzTsFwc7Fse 8W0vRRHZJygAdlBvhOo+JDGZNuqlMDPCEfZSzl/QMIIIvJWr9MOvDz4eve8BAyCC L/Rz -----END CERTIFICATE-----Generated at Tue Jun 3 23:14:42 2025 by rpki-client