$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d877f905-a5ae-4729-96f2-03659354b7bc.roa File: d877f905-a5ae-4729-96f2-03659354b7bc.roa (raw, json) Hash identifier: uKHJmazN6vsWfSDmEha/MvnuObRG6X3cb5jTU9/tEh4= Subject key identifier: C2:0B:EB:90:4A:C1:72:9B:C1:46:3A:B2:98:20:2E:F7:C9:EE:55:8F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5FECE65A5ABCA41AC6750C49CAB37111A44C8E5A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d877f905-a5ae-4729-96f2-03659354b7bc.roa Signing time: Fri 16 May 2025 00:20:08 +0000 ROA not before: Fri 16 May 2025 00:20:08 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:2840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:ec:e6:5a:5a:bc:a4:1a:c6:75:0c:49:ca:b3:71:11:a4:4c:8e:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:20:08 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=7e67b323d50c10e759624a851c008235bacbab59c60c3a93af29214cac014ad3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:64:af:63:0d:48:73:69:56:9b:a7:88:28:7c: d0:d4:8b:c7:40:57:e4:44:2a:65:26:dd:46:89:d2: b7:16:49:ae:8b:bb:58:21:1c:ca:f1:af:b0:7c:05: 7e:18:92:91:4c:92:85:54:0f:03:3c:d6:6c:76:89: 07:8e:61:39:6f:6f:6d:99:f4:4d:1a:00:7c:b8:3f: db:22:7d:fc:51:6b:06:e3:5b:da:c8:53:45:4d:f2: 88:96:91:fe:5f:78:f6:36:c5:95:c6:f4:a2:bc:f7: c7:df:7e:de:35:f0:e7:2c:c9:45:ca:98:25:5a:4e: 79:22:74:11:6e:5f:8b:f4:bf:5e:cd:2a:32:66:7d: a6:b0:fb:45:37:a2:9b:e2:a8:19:2a:1a:46:06:df: cf:fb:b5:82:92:40:ab:4d:47:ca:c9:ce:fb:11:c2: 5f:5f:52:25:50:4e:45:6a:7b:43:0e:37:79:34:ae: ab:a7:02:6a:5a:43:bc:4f:5f:0c:fc:a4:e1:01:23: 39:e8:9b:20:0e:f5:09:40:a4:12:da:ed:e4:df:f3: 0b:0e:5b:df:f0:da:c6:39:cd:fb:08:c1:79:fe:64: 31:4c:19:b6:4a:c2:99:5d:81:0a:e0:9c:9e:df:cc: 9f:4d:63:31:b1:73:55:35:8b:b2:e4:7c:e9:1e:1d: 77:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:0B:EB:90:4A:C1:72:9B:C1:46:3A:B2:98:20:2E:F7:C9:EE:55:8F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d877f905-a5ae-4729-96f2-03659354b7bc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:2840::/48 Signature Algorithm: sha256WithRSAEncryption 50:da:3a:1d:c8:f4:97:44:7d:d7:ac:44:99:67:fd:a2:9f:83: c0:fe:54:0d:44:6f:22:e4:ed:8a:04:c0:e7:3e:7d:98:6e:b0: 9e:12:4b:a3:28:d8:94:35:d7:23:53:72:e5:c9:94:54:64:e5: 3f:d7:73:59:0b:14:9e:4d:32:4b:99:a2:ad:2d:c1:d7:cb:09: 26:f8:67:b6:1d:64:23:1c:0e:18:eb:18:01:0e:e9:07:48:d9: 89:59:52:c2:13:6e:60:ec:30:0e:82:a0:10:9e:1f:2a:3a:8b: 21:45:5d:84:ff:ec:ac:08:20:93:6b:79:80:1d:6b:d0:49:3a: 7a:ac:3b:57:71:13:27:ec:d4:8b:9a:1f:60:66:2e:b0:5d:c7: 7e:63:d9:f2:e8:27:06:fe:fa:db:68:0e:45:f7:21:fa:b7:11: 6b:95:84:fb:dd:5b:90:a4:85:d0:53:12:58:c0:da:16:be:b8: 8c:44:86:cd:92:2c:0a:f1:b7:4c:a4:98:d3:4d:3c:89:5b:d2: c3:ce:85:05:fa:87:00:7e:33:79:d2:15:26:06:bf:b0:6e:b0: ff:8e:ac:7e:f4:54:c2:9b:a8:4f:6c:52:e4:c9:59:ce:fd:0e: 21:c5:c4:7e:1f:bd:fc:b2:7e:17:e9:b4:90:2f:e1:7a:f9:08: 38:b0:7d:3d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUX+zmWlq8pBrGdQxJyrNxEaRMjlowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMjAwOFoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAN2U2N2IzMjNkNTBjMTBlNzU5NjI0 YTg1MWMwMDgyMzViYWNiYWI1OWM2MGMzYTkzYWYyOTIxNGNhYzAxNGFkMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2SvYw1Ic2lWm6eIKHzQ1IvHQFfk RCplJt1GidK3Fkmui7tYIRzK8a+wfAV+GJKRTJKFVA8DPNZsdokHjmE5b29tmfRN GgB8uD/bIn38UWsG41vayFNFTfKIlpH+X3j2NsWVxvSivPfH337eNfDnLMlFypgl Wk55InQRbl+L9L9ezSoyZn2msPtFN6Kb4qgZKhpGBt/P+7WCkkCrTUfKyc77EcJf X1IlUE5FantDDjd5NK6rpwJqWkO8T18M/KThASM56JsgDvUJQKQS2u3k3/MLDlvf 8NrGOc37CMF5/mQxTBm2SsKZXYEK4Jye38yfTWMxsXNVNYuy5HzpHh132wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMIL65BKwXKbwUY6spggLvfJ7lWPMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q4NzdmOTA1LWE1YWUtNDcyOS05NmYyLTAzNjU5MzU0YjdiYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9ChAMA0GCSqGSIb3DQEBCwUAA4IBAQBQ2jodyPSXRH3XrESZ Z/2in4PA/lQNRG8i5O2KBMDnPn2YbrCeEkujKNiUNdcjU3LlyZRUZOU/13NZCxSe TTJLmaKtLcHXywkm+Ge2HWQjHA4Y6xgBDukHSNmJWVLCE25g7DAOgqAQnh8qOosh RV2E/+ysCCCTa3mAHWvQSTp6rDtXcRMn7NSLmh9gZi6wXcd+Y9ny6CcG/vrbaA5F 9yH6txFrlYT73VuQpIXQUxJYwNoWvriMRIbNkiwK8bdMpJjTTTyJW9LDzoUF+ocA fjN50hUmBr+wbrD/jqx+9FTCm6hPbFLkyVnO/Q4hxcR+H738sn4X6bSQL+F6+Qg4 sH09 -----END CERTIFICATE-----Generated at Mon Jun 2 06:29:37 2025 by rpki-client