$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e2dd8ffd-5ddf-4d66-8796-87f096579505.roa File: e2dd8ffd-5ddf-4d66-8796-87f096579505.roa (raw, json) Hash identifier: owsSySNtVutX24jQBkh3SOiUB4C16VuNrXZsaD5UWcE= Subject key identifier: B4:75:A4:4B:DF:2D:D8:8C:24:06:7C:16:85:16:0F:0F:8C:15:05:54 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 267E76958A3B7A5FDDD2E5AF57CA3D8BD9A1CF9D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e2dd8ffd-5ddf-4d66-8796-87f096579505.roa Signing time: Wed 28 May 2025 00:00:13 +0000 ROA not before: Wed 28 May 2025 00:00:13 +0000 ROA not after: Wed 02 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da30::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:7e:76:95:8a:3b:7a:5f:dd:d2:e5:af:57:ca:3d:8b:d9:a1:cf:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 28 00:00:13 2025 GMT Not After : Jul 2 23:59:59 2025 GMT Subject: serialNumber=218454caa2f63c90e9ce8f94a842031ea9485518e4e3731ca666e799929e8240, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:67:1d:3c:7e:e8:71:70:55:dd:b1:cd:56:d8: 52:bb:97:a0:4b:79:a9:08:44:73:28:d8:d5:4b:57: 75:af:8d:6b:0a:85:2c:e6:7d:66:d2:ed:19:85:97: 5a:76:be:32:c6:32:19:ee:7b:4d:7b:17:fb:20:fd: 52:c2:33:74:c7:ec:ad:a8:61:44:d7:9e:c1:4b:7d: 02:4e:f0:e6:29:a1:1d:1f:2e:eb:39:3c:db:e7:a8: 28:c2:5e:89:c8:e1:7b:47:8c:d9:8d:39:65:44:1a: 1e:5e:b2:8c:91:62:41:11:a0:e3:09:fb:03:da:a9: 17:b0:b5:9c:4f:30:40:6a:5b:ad:9a:f0:9b:5b:35: 34:04:25:5b:41:9b:d2:32:19:d6:3e:be:e8:87:27: 7f:89:6d:2a:84:cc:77:09:68:86:f9:5c:7f:6b:56: 9a:74:26:2d:c1:51:d2:9d:68:45:c7:32:4c:0c:3c: 76:09:03:8b:9b:a0:aa:c2:6d:fc:90:de:b4:20:11: 26:9d:af:59:42:25:26:2a:ac:4b:31:3a:b3:78:61: d1:0c:7d:8c:f2:e0:bc:19:ec:5e:a0:56:3f:45:db: c8:86:73:18:fb:3f:81:eb:84:59:6c:b1:eb:c1:02: 38:9f:6c:b5:fa:ab:44:60:7f:4d:6f:59:79:0c:ff: 14:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:75:A4:4B:DF:2D:D8:8C:24:06:7C:16:85:16:0F:0F:8C:15:05:54 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e2dd8ffd-5ddf-4d66-8796-87f096579505.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da30::/32 Signature Algorithm: sha256WithRSAEncryption 93:f0:99:94:1e:4a:b9:b0:3f:a4:cb:36:51:39:d8:fb:2f:e1: 0a:46:c1:02:70:7d:32:71:c5:82:65:db:1d:69:46:c1:40:12: 16:3f:16:48:b4:7b:e7:d2:b5:ce:58:f8:31:89:ff:4f:52:94: 9c:65:c1:2a:e0:d5:b3:41:f2:44:c1:e8:46:81:58:d3:35:f5: ee:31:1a:44:dc:f7:51:09:f8:c5:87:7a:03:1d:63:ab:1f:e7: 7a:5a:c8:e8:4c:e6:41:a0:97:3f:96:50:30:be:f6:d0:b9:10: c9:6f:97:09:12:ec:29:15:d2:28:b3:bb:ba:0c:c0:4c:40:5c: ef:ae:dc:6a:d4:16:f9:cd:b1:ab:b3:bc:d1:d2:14:2b:2e:34: 75:e9:81:72:b7:d4:ab:7f:3e:b4:95:e3:e8:0a:dc:bc:8f:1c: 86:10:9f:6f:85:30:df:27:43:3e:af:97:29:8d:f6:2b:23:ef: d7:6d:d1:c7:69:af:23:99:54:52:66:5e:12:dc:be:67:41:39: 41:04:b2:44:c3:4f:43:78:06:06:37:20:8b:61:28:fb:25:a1: 4c:07:b1:ec:7e:23:49:5b:2e:50:62:7d:a8:11:82:1d:9a:93: 03:46:32:7d:73:9e:f1:da:e6:75:f4:43:a5:85:de:a1:f5:42: a9:a9:b9:62 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUJn52lYo7el/d0uWvV8o9i9mhz50wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUyODAwMDAxM1oX DTI1MDcwMjIzNTk1OVowejFJMEcGA1UEBRNAMjE4NDU0Y2FhMmY2M2M5MGU5Y2U4 Zjk0YTg0MjAzMWVhOTQ4NTUxOGU0ZTM3MzFjYTY2NmU3OTk5MjllODI0MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2cdPH7ocXBV3bHNVthSu5egS3mp CERzKNjVS1d1r41rCoUs5n1m0u0ZhZdadr4yxjIZ7ntNexf7IP1SwjN0x+ytqGFE 157BS30CTvDmKaEdHy7rOTzb56gowl6JyOF7R4zZjTllRBoeXrKMkWJBEaDjCfsD 2qkXsLWcTzBAalutmvCbWzU0BCVbQZvSMhnWPr7ohyd/iW0qhMx3CWiG+Vx/a1aa dCYtwVHSnWhFxzJMDDx2CQOLm6Cqwm38kN60IBEmna9ZQiUmKqxLMTqzeGHRDH2M 8uC8GexeoFY/RdvIhnMY+z+B64RZbLHrwQI4n2y1+qtEYH9Nb1l5DP8ULQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFLR1pEvfLdiMJAZ8FoUWDw+MFQVUMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UyZGQ4ZmZkLTVkZGYtNGQ2Ni04Nzk2LTg3ZjA5NjU3OTUwNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbaMDANBgkqhkiG9w0BAQsFAAOCAQEAk/CZlB5KubA/pMs2UTnY +y/hCkbBAnB9MnHFgmXbHWlGwUASFj8WSLR759K1zlj4MYn/T1KUnGXBKuDVs0Hy RMHoRoFY0zX17jEaRNz3UQn4xYd6Ax1jqx/nelrI6EzmQaCXP5ZQML720LkQyW+X CRLsKRXSKLO7ugzATEBc767catQW+c2xq7O80dIUKy40demBcrfUq38+tJXj6Arc vI8chhCfb4Uw3ydDPq+XKY32KyPv123Rx2mvI5lUUmZeEty+Z0E5QQSyRMNPQ3gG Bjcgi2Eo+yWhTAex7H4jSVsuUGJ9qBGCHZqTA0YyfXOe8drmdfRDpYXeofVCqam5 Yg== -----END CERTIFICATE-----Generated at Mon Jun 2 06:22:10 2025 by rpki-client