$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cfb3ce63-3d0a-4724-acc7-374b5da711f1.roa File: cfb3ce63-3d0a-4724-acc7-374b5da711f1.roa (raw, json) Hash identifier: AIj3DvkT5kY8ysoeKQO+SWfuPRM7aZL4u9irpab4KEw= Subject key identifier: 3B:F3:7E:3E:83:46:1D:9E:07:BE:3D:F5:DB:58:74:8C:0D:11:B6:AB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0F850DF05D9210BE93F013B0D14942E752A6DEA5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cfb3ce63-3d0a-4724-acc7-374b5da711f1.roa Signing time: Tue 10 Jun 2025 15:20:59 +0000 ROA not before: Tue 10 Jun 2025 15:20:59 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 00:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:85:0d:f0:5d:92:10:be:93:f0:13:b0:d1:49:42:e7:52:a6:de:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:20:59 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=e6f74ee90b7154b1d12b358e74cc10b73c5b4a1f84f60394cf1702acc780b535, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:79:8e:a4:12:7c:98:b4:70:0e:60:b9:39:14: 93:d1:97:32:ef:63:49:e1:60:78:41:83:1b:50:6f: a0:9d:8d:fa:d5:11:e0:eb:73:ec:83:78:ae:07:d0: 3f:88:b9:d2:1f:80:53:4c:57:59:b4:7c:56:24:30: f5:72:6f:a0:a9:1d:46:cc:fa:52:e3:d3:1d:06:31: ae:d3:9d:5e:79:33:e1:06:41:2c:73:43:f3:38:ad: 5d:69:b9:b5:80:b0:68:17:ad:20:b2:e4:ea:f6:2a: f6:7a:a9:6d:3e:ca:fd:66:e2:e3:26:df:2f:f4:4e: 8f:25:ac:e4:f5:ad:a9:32:4e:eb:c5:eb:48:c7:89: 93:53:c9:db:f8:c6:da:b8:21:1b:de:5a:16:27:1e: 3e:ba:a3:81:43:e8:01:4f:05:f1:d6:d6:4b:c8:31: d6:6a:29:4b:36:04:42:ed:64:53:44:e6:44:25:82: 89:f0:ea:07:43:4e:78:5b:e7:38:42:2e:9e:03:c6: 09:76:e9:47:72:35:97:d3:97:f7:58:84:6a:8f:80: 55:8e:a3:4d:c9:d5:69:26:55:7c:2d:c3:7f:40:ab: d2:2f:18:39:2f:78:8b:07:01:8d:a1:28:a7:f8:6b: d8:ea:d8:ce:15:ed:1c:75:5d:5f:9d:6e:ca:fc:eb: 72:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:F3:7E:3E:83:46:1D:9E:07:BE:3D:F5:DB:58:74:8C:0D:11:B6:AB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cfb3ce63-3d0a-4724-acc7-374b5da711f1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:b000::/40 Signature Algorithm: sha256WithRSAEncryption 22:c4:40:4e:e3:a5:73:e2:14:2a:fb:7a:f8:e8:29:b1:05:fd: de:4d:54:35:b1:45:9b:41:5b:f4:ba:8d:70:42:34:62:43:c5: 39:e2:85:7b:fd:da:3d:c9:11:4b:5a:f9:fe:60:20:0b:4f:5e: 97:2b:ff:d2:b2:2a:2c:3b:32:92:74:50:ff:06:e3:a4:be:b3: 61:fb:c1:c3:db:73:46:20:f8:bf:72:25:49:b8:66:c6:a2:96: bf:b8:14:cb:15:dd:c6:d4:23:91:6b:6d:6a:a1:f4:78:07:27: 92:5d:61:6f:57:51:e8:30:09:7e:4a:fe:86:55:e8:43:fe:f9: 2e:08:43:a0:33:3f:c4:fa:be:28:1c:d0:6d:eb:d0:8c:2f:77: 19:9d:a9:63:9d:a3:b8:e9:a2:76:8f:cc:a0:34:46:38:1b:6d: 1c:a7:82:d1:b7:8d:95:bc:83:f6:33:9c:29:c1:10:a3:07:60: 15:34:f3:0a:c5:62:50:cb:1e:7b:38:51:33:3f:10:e8:cc:a1: 6d:80:bb:9b:71:22:fd:88:64:df:54:2e:24:ea:33:dd:b4:89: 19:bd:dc:b9:cf:32:4f:50:31:ba:03:8f:ab:f7:f1:58:cc:72: b6:47:61:53:1a:46:f3:a4:7a:f8:50:d9:aa:3e:d6:00:08:fa: bf:23:63:ea -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUD4UN8F2SEL6T8BOw0UlC51Km3qUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MjA1OVoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAZTZmNzRlZTkwYjcxNTRiMWQxMmIz NThlNzRjYzEwYjczYzViNGExZjg0ZjYwMzk0Y2YxNzAyYWNjNzgwYjUzNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnmOpBJ8mLRwDmC5ORST0Zcy72NJ 4WB4QYMbUG+gnY361RHg63Psg3iuB9A/iLnSH4BTTFdZtHxWJDD1cm+gqR1GzPpS 49MdBjGu051eeTPhBkEsc0PzOK1dabm1gLBoF60gsuTq9ir2eqltPsr9ZuLjJt8v 9E6PJazk9a2pMk7rxetIx4mTU8nb+MbauCEb3loWJx4+uqOBQ+gBTwXx1tZLyDHW ailLNgRC7WRTROZEJYKJ8OoHQ054W+c4Qi6eA8YJdulHcjWX05f3WIRqj4BVjqNN ydVpJlV8LcN/QKvSLxg5L3iLBwGNoSin+GvY6tjOFe0cdV1fnW7K/OtyKQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDvzfj6DRh2eB7499dtYdIwNEbarMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NmYjNjZTYzLTNkMGEtNDcyNC1hY2M3LTM3NGI1ZGE3MTFmMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOLAwDQYJKoZIhvcNAQELBQADggEBACLEQE7jpXPiFCr7evjo KbEF/d5NVDWxRZtBW/S6jXBCNGJDxTnihXv92j3JEUta+f5gIAtPXpcr/9KyKiw7 MpJ0UP8G46S+s2H7wcPbc0Yg+L9yJUm4Zsailr+4FMsV3cbUI5FrbWqh9HgHJ5Jd YW9XUegwCX5K/oZV6EP++S4IQ6AzP8T6vigc0G3r0IwvdxmdqWOdo7jponaPzKA0 RjgbbRyngtG3jZW8g/YznCnBEKMHYBU08wrFYlDLHns4UTM/EOjMoW2Au5txIv2I ZN9ULiTqM920iRm93LnPMk9QMboDj6v38VjMcrZHYVMaRvOkevhQ2ao+1gAI+r8j Y+o= -----END CERTIFICATE-----Generated at Sun Jun 15 21:44:16 2025 by rpki-client