$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d07df133-27a9-413c-9804-adb048f407f3.roa File: d07df133-27a9-413c-9804-adb048f407f3.roa (raw, json) Hash identifier: vOvFw/Oib49CLufxErSBkGOe/vlZejZOLjF0kxrOAYc= Subject key identifier: 5E:0E:66:74:64:58:6B:27:70:06:4A:B6:3C:6F:25:C7:D7:DB:70:DE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 130E4CA9B4C98A2EA263B826ABD57DAF28FE196E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d07df133-27a9-413c-9804-adb048f407f3.roa Signing time: Fri 16 May 2025 15:31:32 +0000 ROA not before: Fri 16 May 2025 15:31:32 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:0e:4c:a9:b4:c9:8a:2e:a2:63:b8:26:ab:d5:7d:af:28:fe:19:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:31:32 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=400bfb64490a56b64c1cec96aad570ddd1171a472438ee39f7cb3b38ec2896e7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:5a:66:20:0f:f0:ca:25:32:55:59:48:38:f8: 54:27:b7:09:92:57:1a:9e:ef:7c:63:ba:ee:3f:8b: 79:85:8c:03:fb:ff:cb:e4:6b:66:c9:73:a3:6e:58: 51:41:9f:57:18:d0:05:ed:1f:f5:fa:b8:5a:79:13: 78:81:10:68:f4:bc:9b:7c:73:96:71:7e:01:49:61: d1:d3:48:40:59:e2:87:a4:21:c3:24:47:80:da:cd: 34:b2:a5:bb:dc:90:0c:db:b7:d7:a1:31:78:12:4a: 98:56:fc:58:69:76:78:1e:f1:dd:b6:ed:9a:36:d5: 19:18:0a:42:d1:91:a4:f6:a4:f1:38:75:a8:14:37: 41:24:b3:c5:c8:26:65:f0:58:45:5e:da:3e:f6:bc: 41:3c:e8:d4:1c:ba:9f:de:1e:81:e5:a8:da:73:1e: 68:74:82:f9:c3:f1:ef:e3:73:91:a0:4f:57:e8:c1: d6:2b:20:9c:27:a6:3f:f6:c4:0c:af:f9:e1:6f:d8: cd:e7:40:d6:8c:ff:ce:bc:db:f0:fb:c0:85:29:41: cc:ce:09:75:67:14:80:14:ee:ea:33:52:3c:88:d9: ba:62:b5:c2:8c:77:aa:e4:e9:71:59:72:a4:c0:eb: 45:d1:0b:ba:74:77:0c:53:6d:ca:17:de:6e:ae:15: a4:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:0E:66:74:64:58:6B:27:70:06:4A:B6:3C:6F:25:C7:D7:DB:70:DE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d07df133-27a9-413c-9804-adb048f407f3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:2800::/40 Signature Algorithm: sha256WithRSAEncryption 1f:c8:c9:c1:4c:7d:1d:42:62:54:7b:89:c7:cd:ac:3a:a5:42: 54:d7:23:19:ee:f4:96:b8:43:68:e4:79:f3:e2:3a:d1:1d:f7: 94:75:ec:a8:7c:07:9f:d4:61:82:f5:87:bb:04:a2:c3:8e:eb: 02:26:89:56:dc:f3:9c:fb:f9:3a:29:32:68:af:b9:73:ea:b2: b1:7f:21:a5:d5:28:2a:1a:cc:98:a1:fe:5e:2a:82:97:67:a6: d4:26:fc:a1:3e:64:b2:34:f0:ba:e1:03:96:cb:5d:41:a9:0d: 04:87:e7:ae:86:1a:91:cd:a1:41:ff:b1:5b:be:ad:88:96:54: a1:87:49:78:53:c0:3c:e7:c1:e0:92:6a:8a:4a:5f:1c:9c:fd: c9:c3:d8:d4:a8:30:ae:42:37:3e:11:c4:49:35:94:a1:e0:73: 1d:e7:7b:8c:2a:3f:9c:21:c8:9f:71:d2:3d:0b:5f:f3:0f:0b: e5:e8:bd:1e:6f:a7:75:5f:5f:42:97:08:5b:2d:9d:21:e7:41: ed:24:71:59:b8:5e:53:dd:14:01:fc:fc:b0:df:be:ff:8f:10: fd:ba:6a:90:64:fb:48:4d:04:2c:82:a8:1f:0d:32:17:cd:10: 73:d7:ee:1b:13:be:8c:b5:e4:90:38:48:2f:4a:3f:19:8e:ee: 3e:a0:d4:7a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEw5MqbTJii6iY7gmq9V9ryj+GW4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MzEzMloX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANDAwYmZiNjQ0OTBhNTZiNjRjMWNl Yzk2YWFkNTcwZGRkMTE3MWE0NzI0MzhlZTM5ZjdjYjNiMzhlYzI4OTZlNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFpmIA/wyiUyVVlIOPhUJ7cJklca nu98Y7ruP4t5hYwD+//L5GtmyXOjblhRQZ9XGNAF7R/1+rhaeRN4gRBo9LybfHOW cX4BSWHR00hAWeKHpCHDJEeA2s00sqW73JAM27fXoTF4EkqYVvxYaXZ4HvHdtu2a NtUZGApC0ZGk9qTxOHWoFDdBJLPFyCZl8FhFXto+9rxBPOjUHLqf3h6B5ajacx5o dIL5w/Hv43ORoE9X6MHWKyCcJ6Y/9sQMr/nhb9jN50DWjP/OvNvw+8CFKUHMzgl1 ZxSAFO7qM1I8iNm6YrXCjHeq5OlxWXKkwOtF0Qu6dHcMU23KF95urhWksQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFF4OZnRkWGsncAZKtjxvJcfX23DeMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QwN2RmMTMzLTI3YTktNDEzYy05ODA0LWFkYjA0OGY0MDdmMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoCgwDQYJKoZIhvcNAQELBQADggEBAB/IycFMfR1CYlR7icfN rDqlQlTXIxnu9Ja4Q2jkefPiOtEd95R17Kh8B5/UYYL1h7sEosOO6wImiVbc85z7 +TopMmivuXPqsrF/IaXVKCoazJih/l4qgpdnptQm/KE+ZLI08LrhA5bLXUGpDQSH 566GGpHNoUH/sVu+rYiWVKGHSXhTwDznweCSaopKXxyc/cnD2NSoMK5CNz4RxEk1 lKHgcx3ne4wqP5whyJ9x0j0LX/MPC+XovR5vp3VfX0KXCFstnSHnQe0kcVm4XlPd FAH8/LDfvv+PEP26apBk+0hNBCyCqB8NMhfNEHPX7hsTvoy15JA4SC9KPxmO7j6g 1Ho= -----END CERTIFICATE-----Generated at Tue Jun 3 23:15:48 2025 by rpki-client