$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3435dbb-5d1e-4948-8027-e6433f72bfc1.roa File: d3435dbb-5d1e-4948-8027-e6433f72bfc1.roa (raw, json) Hash identifier: +qEbLZLRyG+JQE3qEo9PITkOpXjYhGJjZVZNh14gndw= Subject key identifier: 7D:A0:26:8D:6F:A9:D1:E0:6E:27:33:2C:1D:B3:29:A7:1C:99:F8:11 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 15C2E6CAFEAEF80921BA5942A7C70B882E033CEC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3435dbb-5d1e-4948-8027-e6433f72bfc1.roa Signing time: Wed 14 May 2025 00:01:23 +0000 ROA not before: Wed 14 May 2025 00:01:23 +0000 ROA not after: Wed 18 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:c0a0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:c2:e6:ca:fe:ae:f8:09:21:ba:59:42:a7:c7:0b:88:2e:03:3c:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 14 00:01:23 2025 GMT Not After : Jun 18 23:59:59 2025 GMT Subject: serialNumber=4397198b7b98da04c60408b756dfc0913448c3ccca91868ba5558968f91b27b0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:e1:ba:81:61:c8:7e:27:3b:51:ee:43:d4:5d: 5f:44:d3:0b:e0:8f:12:10:ca:b0:e0:99:27:c1:5c: 14:bb:d4:cf:23:a4:22:2d:31:da:2d:4e:98:45:54: c1:f0:30:f4:9f:55:d0:90:9f:13:21:9c:56:f4:f9: c7:ca:a5:8b:5a:ef:2a:89:72:4a:68:98:3d:98:0c: 2f:2c:40:ce:10:22:de:f9:74:0c:c0:29:2a:21:6c: b4:a7:40:ec:33:ec:19:fb:49:1d:02:5f:e6:5c:97: 06:9d:a4:80:8b:ad:83:09:21:71:3e:60:b3:99:6a: a7:d0:55:51:58:45:16:55:ad:b3:15:0f:4e:ab:b1: 27:1f:d3:97:70:4b:78:00:5f:c4:0d:dc:00:4e:2d: 54:4c:ca:59:84:e9:86:34:b9:5b:20:e6:5f:40:b8: 09:05:1b:75:b0:79:ab:4d:04:4e:d8:d6:e3:dd:d0: a8:81:15:9f:6e:fa:1e:ba:39:0d:fc:c3:fd:31:fd: 60:6c:2a:7a:2a:27:7d:4f:43:ee:63:a4:d6:00:af: 0c:f6:4c:c2:64:30:10:44:44:5e:d4:7b:a9:22:d6: c1:98:a7:1b:cb:11:fa:71:85:e1:dc:07:98:df:e3: 83:d2:df:2e:2b:4d:39:0b:f3:be:44:8f:ca:38:7d: 25:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:A0:26:8D:6F:A9:D1:E0:6E:27:33:2C:1D:B3:29:A7:1C:99:F8:11 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3435dbb-5d1e-4948-8027-e6433f72bfc1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:c0a0::/48 Signature Algorithm: sha256WithRSAEncryption 2b:ca:78:86:05:9c:c2:ce:dc:39:cf:b7:10:60:78:31:d9:da: 40:c9:c8:58:34:92:6d:46:99:79:1f:3d:d1:ed:ec:1e:76:40: f6:f1:30:d3:bc:fd:32:22:23:88:7c:6f:c0:db:29:9d:95:6b: 8c:e9:0b:7d:e4:10:e7:d0:d1:dc:b9:b9:4a:b9:59:86:1e:a4: 16:dc:a2:7e:2d:eb:b9:b1:aa:f0:c5:77:4e:f9:ac:20:80:56: a1:8e:be:75:5b:32:f4:a5:65:af:b5:e6:87:07:c7:72:2c:2c: b4:ea:d9:62:24:87:68:41:2a:d4:23:38:c0:8e:bf:ab:18:f5: 79:74:eb:32:06:e9:c7:73:8c:9d:fa:9f:2b:dd:2f:4e:e6:2e: 55:ca:2e:38:ef:0d:fd:5a:1e:93:35:0b:9a:c5:5f:35:6d:3a: 05:e4:99:35:5a:e1:c8:55:fd:57:9c:03:0f:d8:75:90:e6:89: ab:a7:e3:bc:88:e2:5f:ae:04:65:1b:36:5b:a1:29:86:d8:68: 94:2a:14:cf:f0:a0:43:21:11:05:f7:56:fa:48:28:bc:2f:34: a2:c6:b3:78:f9:86:ea:4e:57:02:af:82:16:0f:9c:02:1a:47: 7d:80:7d:12:71:04:29:e4:63:bc:fe:35:a0:09:3b:3a:6a:52: c8:c7:3b:ab -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUFcLmyv6u+AkhullCp8cLiC4DPOwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNDAwMDEyM1oX DTI1MDYxODIzNTk1OVowejFJMEcGA1UEBRNANDM5NzE5OGI3Yjk4ZGEwNGM2MDQw OGI3NTZkZmMwOTEzNDQ4YzNjY2NhOTE4NjhiYTU1NTg5NjhmOTFiMjdiMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuG6gWHIfic7Ue5D1F1fRNML4I8S EMqw4JknwVwUu9TPI6QiLTHaLU6YRVTB8DD0n1XQkJ8TIZxW9PnHyqWLWu8qiXJK aJg9mAwvLEDOECLe+XQMwCkqIWy0p0DsM+wZ+0kdAl/mXJcGnaSAi62DCSFxPmCz mWqn0FVRWEUWVa2zFQ9Oq7EnH9OXcEt4AF/EDdwATi1UTMpZhOmGNLlbIOZfQLgJ BRt1sHmrTQRO2Nbj3dCogRWfbvoeujkN/MP9Mf1gbCp6Kid9T0PuY6TWAK8M9kzC ZDAQRERe1HupItbBmKcbyxH6cYXh3AeY3+OD0t8uK005C/O+RI/KOH0lvwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFH2gJo1vqdHgbiczLB2zKaccmfgRMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QzNDM1ZGJiLTVkMWUtNDk0OC04MDI3LWU2NDMzZjcyYmZjMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/8CgMA0GCSqGSIb3DQEBCwUAA4IBAQAryniGBZzCztw5z7cQ YHgx2dpAychYNJJtRpl5Hz3R7ewedkD28TDTvP0yIiOIfG/A2ymdlWuM6Qt95BDn 0NHcublKuVmGHqQW3KJ+Leu5sarwxXdO+awggFahjr51WzL0pWWvteaHB8dyLCy0 6tliJIdoQSrUIzjAjr+rGPV5dOsyBunHc4yd+p8r3S9O5i5Vyi447w39Wh6TNQua xV81bToF5Jk1WuHIVf1XnAMP2HWQ5omrp+O8iOJfrgRlGzZboSmG2GiUKhTP8KBD IREF91b6SCi8LzSixrN4+YbqTlcCr4IWD5wCGkd9gH0ScQQp5GO8/jWgCTs6alLI xzur -----END CERTIFICATE-----Generated at Tue Jun 3 23:16:50 2025 by rpki-client