$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d2fd8734-3950-4090-9359-e2baa68e90e6.roa File: d2fd8734-3950-4090-9359-e2baa68e90e6.roa (raw, json) Hash identifier: TUCP1ikcf7R82mZs8KgVkWvVK3hM5/sV+w2CH7vueIQ= Subject key identifier: 9B:AC:F0:DD:13:2D:C6:E9:F4:85:00:58:02:8D:A5:72:5E:CD:F9:C8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 477C9B13E4EA7CD5CD29379264E5E7BE5C227416 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d2fd8734-3950-4090-9359-e2baa68e90e6.roa Signing time: Fri 16 May 2025 00:51:19 +0000 ROA not before: Fri 16 May 2025 00:51:19 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:4840::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:7c:9b:13:e4:ea:7c:d5:cd:29:37:92:64:e5:e7:be:5c:22:74:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:51:19 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=74e0db548ae2eceffcbdb77117d644ba7f644c95f23ef1f9e7377f63a8aac922, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:88:40:f1:d1:2f:57:a8:d4:40:c9:04:c9:28: 2c:03:59:5d:96:f7:0c:b9:c1:08:5c:d2:ea:11:92: 06:58:b9:00:5d:b1:52:84:16:18:3e:aa:49:1e:72: ad:22:84:ff:f6:03:8a:21:c6:24:4a:fb:e5:2b:a6: e2:c7:4e:da:fc:1a:54:e8:28:87:0a:a3:e7:f2:c1: 42:81:cb:ba:36:53:8b:b8:6b:64:94:4c:09:9d:ae: 4c:50:10:be:d9:a8:fc:c2:41:a6:b1:ad:b8:60:bf: c2:19:0c:7d:9e:af:9d:52:32:92:75:ab:f2:a1:63: 72:2c:85:a9:d7:de:a4:0b:53:37:8d:10:0f:50:c2: cd:e6:d3:6a:d9:e3:9f:ad:f8:6e:0b:ce:70:63:c0: eb:40:31:16:f6:a8:43:ba:6b:2e:32:17:23:fd:22: 4a:56:12:30:d5:b7:01:6f:98:d3:dc:fc:e7:9c:a8: 89:bb:f0:b9:5e:0b:8b:82:9a:a4:f9:a2:7a:64:bd: 65:7d:09:76:90:4e:b6:1e:97:7c:32:8c:5d:00:c9: c3:c8:e1:dc:ab:75:19:1d:21:58:c2:17:a6:cd:4c: 49:49:7f:a8:9d:7a:21:a7:6b:40:ac:f5:d1:1c:ea: f6:c3:fc:75:82:71:f8:b3:83:90:50:5e:16:42:59: eb:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:AC:F0:DD:13:2D:C6:E9:F4:85:00:58:02:8D:A5:72:5E:CD:F9:C8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d2fd8734-3950-4090-9359-e2baa68e90e6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:4840::/46 Signature Algorithm: sha256WithRSAEncryption 48:58:31:5c:25:2f:ab:bc:53:71:97:7e:a6:d5:90:33:a9:12: 52:a0:4f:46:22:51:98:44:20:09:76:16:ee:28:9f:62:85:95: de:cd:b6:70:5b:64:8b:ea:2f:e0:29:df:67:e6:3e:eb:af:3f: 5c:f8:8a:00:21:56:f7:8b:2c:bb:bd:e0:36:c7:0b:43:0f:18: 04:ca:fc:ef:46:e6:d4:fb:ac:37:8d:05:1a:64:75:fc:32:1a: 3f:e7:25:c0:16:e2:ce:83:1f:f6:96:23:b7:e3:94:42:e3:d3: 66:a3:ee:4d:23:8b:96:03:55:14:fc:de:65:8c:20:9d:44:ce: 27:46:d6:47:1c:e0:8e:cd:b1:ad:44:93:72:e5:85:49:dc:67: d2:88:db:19:da:33:7c:fa:e1:af:76:25:e2:18:97:0d:f8:a7: 4a:db:78:6d:aa:41:d4:90:b9:b1:93:87:83:f6:78:a0:5f:99: df:ab:2f:e0:21:75:13:d0:94:f0:31:64:64:c8:f7:e1:84:fd: ee:62:f1:57:77:c6:46:05:0a:50:af:f0:6a:12:5a:3e:42:30: b1:f3:f5:42:2d:d9:c0:71:51:72:2d:70:48:7a:12:b9:86:a5: 17:02:b7:d9:6a:a0:86:4a:38:96:af:00:51:69:0e:1b:9d:99: 7c:20:1d:5d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUR3ybE+TqfNXNKTeSZOXnvlwidBYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwNTExOVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANzRlMGRiNTQ4YWUyZWNlZmZjYmRi NzcxMTdkNjQ0YmE3ZjY0NGM5NWYyM2VmMWY5ZTczNzdmNjNhOGFhYzkyMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7IhA8dEvV6jUQMkEySgsA1ldlvcM ucEIXNLqEZIGWLkAXbFShBYYPqpJHnKtIoT/9gOKIcYkSvvlK6bix07a/BpU6CiH CqPn8sFCgcu6NlOLuGtklEwJna5MUBC+2aj8wkGmsa24YL/CGQx9nq+dUjKSdavy oWNyLIWp196kC1M3jRAPUMLN5tNq2eOfrfhuC85wY8DrQDEW9qhDumsuMhcj/SJK VhIw1bcBb5jT3PznnKiJu/C5XguLgpqk+aJ6ZL1lfQl2kE62Hpd8MoxdAMnDyOHc q3UZHSFYwhemzUxJSX+onXohp2tArPXRHOr2w/x1gnH4s4OQUF4WQlnrJwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJus8N0TLcbp9IUAWAKNpXJezfnIMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QyZmQ4NzM0LTM5NTAtNDA5MC05MzU5LWUyYmFhNjhlOTBlNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba+0hAMA0GCSqGSIb3DQEBCwUAA4IBAQBIWDFcJS+rvFNxl36m 1ZAzqRJSoE9GIlGYRCAJdhbuKJ9ihZXezbZwW2SL6i/gKd9n5j7rrz9c+IoAIVb3 iyy7veA2xwtDDxgEyvzvRubU+6w3jQUaZHX8Mho/5yXAFuLOgx/2liO345RC49Nm o+5NI4uWA1UU/N5ljCCdRM4nRtZHHOCOzbGtRJNy5YVJ3GfSiNsZ2jN8+uGvdiXi GJcN+KdK23htqkHUkLmxk4eD9nigX5nfqy/gIXUT0JTwMWRkyPfhhP3uYvFXd8ZG BQpQr/BqElo+QjCx8/VCLdnAcVFyLXBIehK5hqUXArfZaqCGSjiWrwBRaQ4bnZl8 IB1d -----END CERTIFICATE-----Generated at Tue Jun 3 23:39:18 2025 by rpki-client