$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/da029f34-cd38-4756-993f-704db5aee20c.roa File: da029f34-cd38-4756-993f-704db5aee20c.roa (raw, json) Hash identifier: +6nPAYd3xuAcLC4uooart30cd9ArEOqc8YjmFXqubuo= Subject key identifier: 03:81:35:8F:F4:12:56:C5:54:0E:25:46:73:ED:22:73:5A:E4:33:62 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 67625FAD1B5073FFB5FE131EEA6B040D042246B8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/da029f34-cd38-4756-993f-704db5aee20c.roa Signing time: Fri 16 May 2025 00:01:39 +0000 ROA not before: Fri 16 May 2025 00:01:39 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:4840::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:62:5f:ad:1b:50:73:ff:b5:fe:13:1e:ea:6b:04:0d:04:22:46:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:01:39 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=01a784461ec6a20be41446c8e4320aba5bbbdf70a84ea676c1d07e91a744da3e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:ce:f9:ce:56:a0:9b:b6:f6:05:f4:9d:c1:c6: a9:8a:fb:9c:32:e1:73:54:e9:14:4b:cc:1e:04:26: a3:38:33:35:65:31:87:5b:84:46:70:45:06:74:99: fd:df:8e:2f:45:9c:49:6c:a8:a1:fc:f8:8a:64:23: 59:70:f0:f6:ad:df:8c:f0:b3:95:7b:51:a7:3b:c0: 58:a8:20:da:b0:47:ac:42:ff:5b:64:e0:7c:bb:6a: f9:5b:0a:1d:c1:e8:01:d6:9f:98:6a:08:fb:df:04: 61:4f:15:59:99:c6:17:df:98:55:c9:bf:92:6e:39: 1f:79:63:a5:c8:b2:a4:e3:93:01:95:c3:4e:55:1f: 60:03:fe:c8:3c:eb:07:02:dd:c4:80:93:ca:58:7a: 77:01:02:df:1d:3c:9c:42:f6:7f:c4:e6:92:87:1e: 9b:e0:8a:82:12:90:28:26:0e:7f:b2:7d:61:cb:a4: 94:61:ed:a1:a6:cf:03:b7:1f:6b:da:13:9c:24:45: 39:6d:80:fb:ea:ff:5d:98:09:42:82:6e:47:15:70: d2:2e:3e:6f:52:99:66:22:d4:76:c0:eb:10:f2:1f: 47:3f:12:44:0a:3d:3c:06:65:0b:bf:ac:79:b9:97: 75:90:11:83:44:60:83:eb:36:67:00:a2:1f:a8:eb: f3:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:81:35:8F:F4:12:56:C5:54:0E:25:46:73:ED:22:73:5A:E4:33:62 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/da029f34-cd38-4756-993f-704db5aee20c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:4840::/46 Signature Algorithm: sha256WithRSAEncryption 91:d1:aa:18:78:75:a5:74:b0:bc:97:be:cf:10:bd:7b:5d:ee: a9:cc:24:1c:a4:5a:70:40:ba:22:5f:3e:7f:6e:21:db:d5:30: 98:bb:3a:04:74:ec:66:0b:77:d0:57:a1:df:36:6b:f0:5f:55: b6:5a:43:37:5e:fc:82:e1:74:77:97:40:65:15:41:83:df:c4: d4:51:06:20:06:28:60:3c:a2:3a:7b:61:81:f4:3b:3e:e5:eb: 05:fa:bb:51:b9:a7:98:d4:b1:01:90:04:a4:5e:00:d8:10:ee: 66:01:16:b3:62:f1:c7:4b:86:b0:18:ad:39:03:c4:5c:1f:c6: 6d:ab:c6:92:ac:7f:3a:ab:7f:30:9e:ff:d8:d8:5d:92:f2:11: 83:3d:ab:f3:31:8e:76:3d:03:8c:3e:1a:f1:49:90:8d:cf:6d: b3:a4:82:1f:6a:76:8c:c6:91:62:66:46:81:bc:21:89:c6:b0: e7:d9:c0:b3:37:82:e3:d9:11:35:3b:7c:f6:77:0b:c6:c1:f1: 6a:ed:ad:d6:0b:7b:ba:91:13:c1:91:e9:7d:a7:57:e9:22:ca: 34:31:2e:19:a5:ea:8f:1c:84:22:d3:0b:45:b1:f4:b5:7e:73: 2c:08:61:67:ec:0b:3f:8b:fd:ee:1d:9f:cc:3e:d9:b8:eb:91: 11:14:1d:c6 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZ2JfrRtQc/+1/hMe6msEDQQiRrgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMDEzOVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAMDFhNzg0NDYxZWM2YTIwYmU0MTQ0 NmM4ZTQzMjBhYmE1YmJiZGY3MGE4NGVhNjc2YzFkMDdlOTFhNzQ0ZGEzZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6M75zlagm7b2BfSdwcapivucMuFz VOkUS8weBCajODM1ZTGHW4RGcEUGdJn9344vRZxJbKih/PiKZCNZcPD2rd+M8LOV e1GnO8BYqCDasEesQv9bZOB8u2r5WwodwegB1p+Yagj73wRhTxVZmcYX35hVyb+S bjkfeWOlyLKk45MBlcNOVR9gA/7IPOsHAt3EgJPKWHp3AQLfHTycQvZ/xOaShx6b 4IqCEpAoJg5/sn1hy6SUYe2hps8Dtx9r2hOcJEU5bYD76v9dmAlCgm5HFXDSLj5v UplmItR2wOsQ8h9HPxJECj08BmULv6x5uZd1kBGDRGCD6zZnAKIfqOvzlQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAOBNY/0ElbFVA4lRnPtInNa5DNiMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RhMDI5ZjM0LWNkMzgtNDc1Ni05OTNmLTcwNGRiNWFlZTIwYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba90hAMA0GCSqGSIb3DQEBCwUAA4IBAQCR0aoYeHWldLC8l77P EL17Xe6pzCQcpFpwQLoiXz5/biHb1TCYuzoEdOxmC3fQV6HfNmvwX1W2WkM3XvyC 4XR3l0BlFUGD38TUUQYgBihgPKI6e2GB9Ds+5esF+rtRuaeY1LEBkASkXgDYEO5m ARazYvHHS4awGK05A8RcH8Ztq8aSrH86q38wnv/Y2F2S8hGDPavzMY52PQOMPhrx SZCNz22zpIIfanaMxpFiZkaBvCGJxrDn2cCzN4Lj2RE1O3z2dwvGwfFq7a3WC3u6 kRPBkel9p1fpIso0MS4ZpeqPHIQi0wtFsfS1fnMsCGFn7As/i/3uHZ/MPtm465ER FB3G -----END CERTIFICATE-----Generated at Tue Jun 3 23:35:50 2025 by rpki-client