$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d8b275c7-67dd-41a5-a6c7-6668e32899fe.roa File: d8b275c7-67dd-41a5-a6c7-6668e32899fe.roa (raw, json) Hash identifier: 2+MBIlfxwQz80zAfmFSPUekKgXGvbkDbkPadTAWYsSU= Subject key identifier: BC:8B:D8:DD:B0:E5:A9:61:6A:2F:82:24:32:C0:32:05:B1:10:9C:43 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1E21D280C9FD31739455083BBFA096B7DF83E744 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d8b275c7-67dd-41a5-a6c7-6668e32899fe.roa Signing time: Wed 14 May 2025 00:11:14 +0000 ROA not before: Wed 14 May 2025 00:11:14 +0000 ROA not after: Wed 18 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:4090::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:21:d2:80:c9:fd:31:73:94:55:08:3b:bf:a0:96:b7:df:83:e7:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 14 00:11:14 2025 GMT Not After : Jun 18 23:59:59 2025 GMT Subject: serialNumber=3cbb4b3fd2440b13e39c628eeed6040f9a83af914a7f98947b3fb0e1aa5bc37f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:c8:b2:db:09:5d:c7:7c:80:c6:4a:e0:7b:d8: 3c:e8:df:18:97:46:1b:a6:a3:64:47:5c:fd:41:0f: a1:90:f7:bf:2a:4c:82:f0:1f:af:e1:57:08:30:72: a9:93:48:9c:b1:33:03:d0:86:38:66:52:a0:25:f0: b6:87:4d:a8:77:10:52:73:87:1a:be:75:4a:17:9a: a1:2f:92:41:14:f7:7d:95:67:e7:55:bf:da:b5:8f: 03:9f:bc:04:7e:d9:c4:e1:cf:5a:2e:82:0f:be:c1: 2f:51:9d:31:c7:b4:b3:84:15:92:c8:0e:20:c0:b6: 5c:73:4c:68:ad:b7:e4:15:36:7a:c1:b4:4b:d7:1e: c5:e3:1d:5a:fa:c2:39:df:aa:1d:5a:78:e4:c7:c2: 01:be:e2:11:ee:b2:f2:35:db:a0:69:17:42:80:34: 46:90:77:52:86:cd:63:0a:47:09:34:1b:45:23:fb: 1a:e6:aa:36:25:95:b0:e6:2e:82:f5:b5:b8:a2:0d: c6:a9:5c:0e:55:a4:3e:50:23:2e:eb:2e:a9:5b:ed: 7a:92:f2:21:98:1a:14:ca:ed:50:56:53:fc:d0:09: 5d:7e:ae:92:af:f6:f4:f7:08:34:76:a5:41:49:27: af:84:38:83:aa:67:22:34:c7:32:dc:3d:74:e6:50: 29:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:8B:D8:DD:B0:E5:A9:61:6A:2F:82:24:32:C0:32:05:B1:10:9C:43 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d8b275c7-67dd-41a5-a6c7-6668e32899fe.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:4090::/48 Signature Algorithm: sha256WithRSAEncryption 5b:3e:ee:cd:25:44:57:2a:96:f8:b6:62:59:10:23:63:8b:72: 94:95:dc:fb:e6:cf:cd:fe:a0:c4:a0:b6:3e:c0:db:41:6c:a7: 93:22:cf:4b:38:08:31:d7:8e:0a:a0:b6:9e:7d:48:12:7b:32: d9:70:9a:e6:17:e1:84:d2:cc:ed:c2:3b:6b:74:f3:d3:b7:bd: b4:75:ab:d8:ad:6d:fa:11:44:e0:7a:ae:ff:ba:98:44:79:a1: 4f:c9:a6:3b:78:1a:e4:9f:df:68:04:df:84:48:9c:42:46:0c: f0:0b:a8:f6:b4:c3:75:68:1a:18:84:32:ff:fa:96:62:48:c3: be:56:7e:9f:89:9e:fc:8c:8b:61:12:41:77:7f:18:34:a0:01: 51:79:b5:38:c1:03:4d:48:44:4c:8e:a4:57:f4:9f:87:9c:9d: 8d:68:ec:8e:f2:52:0d:6c:63:bb:2c:98:c8:f7:6f:3f:12:cd: 50:0f:b6:90:fe:9b:8b:eb:2f:26:d9:de:1b:ea:01:74:b5:7f: da:31:e8:07:ff:15:cd:ad:80:d8:a5:db:29:a0:58:c7:0d:d1: af:a0:14:c4:a6:49:b5:71:1e:71:b1:8c:80:1c:6b:d9:8e:c6: 55:fa:91:96:de:32:18:f3:96:3f:25:cf:3c:c0:94:87:22:fb: c8:35:31:a5 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUHiHSgMn9MXOUVQg7v6CWt9+D50QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNDAwMTExNFoX DTI1MDYxODIzNTk1OVowejFJMEcGA1UEBRNAM2NiYjRiM2ZkMjQ0MGIxM2UzOWM2 MjhlZWVkNjA0MGY5YTgzYWY5MTRhN2Y5ODk0N2IzZmIwZTFhYTViYzM3ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsiy2wldx3yAxkrge9g86N8Yl0Yb pqNkR1z9QQ+hkPe/KkyC8B+v4VcIMHKpk0icsTMD0IY4ZlKgJfC2h02odxBSc4ca vnVKF5qhL5JBFPd9lWfnVb/atY8Dn7wEftnE4c9aLoIPvsEvUZ0xx7SzhBWSyA4g wLZcc0xorbfkFTZ6wbRL1x7F4x1a+sI536odWnjkx8IBvuIR7rLyNdugaRdCgDRG kHdShs1jCkcJNBtFI/sa5qo2JZWw5i6C9bW4og3GqVwOVaQ+UCMu6y6pW+16kvIh mBoUyu1QVlP80Aldfq6Sr/b09wg0dqVBSSevhDiDqmciNMcy3D105lAppQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLyL2N2w5alhai+CJDLAMgWxEJxDMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q4YjI3NWM3LTY3ZGQtNDFhNS1hNmM3LTY2NjhlMzI4OTlmZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAECQMA0GCSqGSIb3DQEBCwUAA4IBAQBbPu7NJURXKpb4tmJZ ECNji3KUldz75s/N/qDEoLY+wNtBbKeTIs9LOAgx144KoLaefUgSezLZcJrmF+GE 0sztwjtrdPPTt720davYrW36EUTgeq7/uphEeaFPyaY7eBrkn99oBN+ESJxCRgzw C6j2tMN1aBoYhDL/+pZiSMO+Vn6fiZ78jIthEkF3fxg0oAFRebU4wQNNSERMjqRX 9J+HnJ2NaOyO8lINbGO7LJjI928/Es1QD7aQ/puL6y8m2d4b6gF0tX/aMegH/xXN rYDYpdspoFjHDdGvoBTEpkm1cR5xsYyAHGvZjsZV+pGW3jIY85Y/Jc88wJSHIvvI NTGl -----END CERTIFICATE-----Generated at Tue Jun 3 23:20:44 2025 by rpki-client