$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d73c0a51-ab7b-4878-bdff-e08b6181edbd.roa File: d73c0a51-ab7b-4878-bdff-e08b6181edbd.roa (raw, json) Hash identifier: th3laVjJgqDJSIrqSo6H244riBVutqfzAKEYB7zLFb0= Subject key identifier: 60:87:9A:26:6A:09:53:8F:3C:81:E9:28:12:F1:63:F0:67:8B:EC:93 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0D6C666016AB0A636494B844F8E00BA3DED6F6D6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d73c0a51-ab7b-4878-bdff-e08b6181edbd.roa Signing time: Tue 03 Jun 2025 00:00:07 +0000 ROA not before: Tue 03 Jun 2025 00:00:07 +0000 ROA not after: Tue 08 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da20::/28 maxlen: 28 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:6c:66:60:16:ab:0a:63:64:94:b8:44:f8:e0:0b:a3:de:d6:f6:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 3 00:00:07 2025 GMT Not After : Jul 8 23:59:59 2025 GMT Subject: serialNumber=989477b99ed5655040a32e4455d5b5ba3702c5b25319ac1f33b3c1b87214dd67, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:3e:08:3b:96:f8:ce:0d:d8:d7:23:bd:6b:a0: c6:ff:5a:bf:8b:cb:77:b8:5b:78:fd:af:c8:2f:fc: 6b:64:6e:78:a1:77:79:1d:d4:e0:98:f9:21:e5:eb: 65:4a:8c:73:19:d4:91:91:3d:1e:d0:9b:67:a2:81: 9a:df:b2:55:a1:92:cb:1d:2c:26:a8:50:1e:cd:92: 6d:46:10:ed:bc:97:82:4a:df:4d:ca:4c:c6:97:7d: 9b:6a:a7:8d:27:b6:cd:76:98:77:35:f3:6b:3a:2d: a6:85:28:d3:f1:a4:97:bf:b3:bd:58:c0:e6:ac:50: 28:16:90:7e:30:c9:10:c3:47:22:9c:ff:3d:5c:80: 0c:73:54:ae:35:16:7a:20:ed:06:a3:88:4f:0a:b3: 80:78:23:5b:3e:64:bb:97:4b:bc:36:10:5f:04:40: 18:cc:73:13:dd:ec:22:41:37:a8:22:54:9c:d1:dc: e7:1e:7d:c5:10:df:34:b5:d0:e1:88:70:1a:8a:76: ed:ae:38:33:26:fa:33:56:04:58:57:69:be:22:d4: cd:00:5e:89:5a:b8:4a:14:5b:ab:02:f3:6c:1a:8f: bb:c5:e1:df:87:c6:4b:c4:a2:71:5a:fa:cf:e8:c0: b0:2f:87:ca:d6:25:fc:aa:58:13:23:45:8a:95:3f: f6:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:87:9A:26:6A:09:53:8F:3C:81:E9:28:12:F1:63:F0:67:8B:EC:93 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d73c0a51-ab7b-4878-bdff-e08b6181edbd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da20::/28 Signature Algorithm: sha256WithRSAEncryption 5e:57:67:9e:14:89:4c:d3:f7:66:ec:41:85:85:b3:ee:53:49: a9:3f:86:60:29:6a:43:91:9f:2d:c8:25:4d:ce:66:ab:a7:98: f0:c7:3c:a8:fc:51:05:1f:b7:0c:ac:b1:2f:72:44:86:1c:cc: b6:46:ed:3b:a0:d4:78:4c:a8:c6:b6:4f:4a:70:3b:82:72:0a: 3c:da:8a:ba:b1:c1:c8:07:d9:5c:ef:f3:fd:fd:ca:60:9d:68: 86:07:a1:95:0a:29:f7:5d:b3:23:4c:0c:56:0a:b5:1d:43:41: 61:ca:e3:73:ff:f0:f1:80:ea:a5:75:c1:81:d3:48:16:ff:d9: ca:69:12:a1:8a:fc:61:60:c1:a9:a7:55:3f:0b:8d:dd:5a:a4: 76:93:87:04:2c:b4:d3:73:2e:65:12:c6:10:94:ec:48:6d:70: 1a:26:57:6b:96:73:1c:26:6e:73:b8:83:68:e1:2d:fc:05:dd: d5:72:6f:c6:24:cd:96:2a:7e:68:56:97:a3:30:8b:fd:f5:6f: 34:30:24:40:83:04:d2:07:5d:a0:5b:52:52:a4:1e:38:84:6a: 1e:0e:61:2b:36:da:65:20:f4:72:ef:fd:b1:26:08:61:6c:0d: 8a:88:e2:e5:26:bc:0a:ec:60:2c:72:54:89:34:83:3f:ee:e5: 0a:1d:25:6d -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUDWxmYBarCmNklLhE+OALo97W9tYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwMzAwMDAwN1oX DTI1MDcwODIzNTk1OVowejFJMEcGA1UEBRNAOTg5NDc3Yjk5ZWQ1NjU1MDQwYTMy ZTQ0NTVkNWI1YmEzNzAyYzViMjUzMTlhYzFmMzNiM2MxYjg3MjE0ZGQ2NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxz4IO5b4zg3Y1yO9a6DG/1q/i8t3 uFt4/a/IL/xrZG54oXd5HdTgmPkh5etlSoxzGdSRkT0e0JtnooGa37JVoZLLHSwm qFAezZJtRhDtvJeCSt9NykzGl32baqeNJ7bNdph3NfNrOi2mhSjT8aSXv7O9WMDm rFAoFpB+MMkQw0cinP89XIAMc1SuNRZ6IO0Go4hPCrOAeCNbPmS7l0u8NhBfBEAY zHMT3ewiQTeoIlSc0dznHn3FEN80tdDhiHAainbtrjgzJvozVgRYV2m+ItTNAF6J WrhKFFurAvNsGo+7xeHfh8ZLxKJxWvrP6MCwL4fK1iX8qlgTI0WKlT/2iwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFGCHmiZqCVOPPIHpKBLxY/Bni+yTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q3M2MwYTUxLWFiN2ItNDg3OC1iZGZmLWUwOGI2MTgxZWRiZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUEJAbaIDANBgkqhkiG9w0BAQsFAAOCAQEAXldnnhSJTNP3ZuxBhYWz 7lNJqT+GYClqQ5GfLcglTc5mq6eY8Mc8qPxRBR+3DKyxL3JEhhzMtkbtO6DUeEyo xrZPSnA7gnIKPNqKurHByAfZXO/z/f3KYJ1ohgehlQop912zI0wMVgq1HUNBYcrj c//w8YDqpXXBgdNIFv/ZymkSoYr8YWDBqadVPwuN3VqkdpOHBCy003MuZRLGEJTs SG1wGiZXa5ZzHCZuc7iDaOEt/AXd1XJvxiTNlip+aFaXozCL/fVvNDAkQIME0gdd oFtSUqQeOIRqHg5hKzbaZSD0cu/9sSYIYWwNioji5Sa8CuxgLHJUiTSDP+7lCh0l bQ== -----END CERTIFICATE-----Generated at Tue Jun 3 23:26:40 2025 by rpki-client