$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e32899b9-14c3-4649-a1dc-82fec0214193.roa File: e32899b9-14c3-4649-a1dc-82fec0214193.roa (raw, json) Hash identifier: FzY2UEmI3lSQT/3jwpHQnyoF2c10mDB5UIgKDmE+074= Subject key identifier: C5:E0:F6:30:6E:D6:40:A1:10:6C:19:A3:A6:E6:03:31:39:EE:C0:CF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 118F1431C260CD9A05016E9E7604559CDCAC2B54 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e32899b9-14c3-4649-a1dc-82fec0214193.roa Signing time: Tue 13 May 2025 00:00:13 +0000 ROA not before: Tue 13 May 2025 00:00:13 +0000 ROA not after: Tue 17 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:e080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:8f:14:31:c2:60:cd:9a:05:01:6e:9e:76:04:55:9c:dc:ac:2b:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:00:13 2025 GMT Not After : Jun 17 23:59:59 2025 GMT Subject: serialNumber=ac3f841f7ae20a307e6b4088b8cd30c9b10eae89cccc21b760e7a0c122f44953, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:83:a0:e6:28:d4:68:15:cc:8c:48:98:97:a1: 55:28:dc:79:ff:83:8a:fd:20:55:c6:1c:45:9e:5f: 54:6f:d4:aa:f8:c2:1f:87:87:24:46:f0:d3:f1:22: 73:b2:5d:cc:89:ac:52:55:be:43:25:8e:c8:00:e8: 8e:dd:12:3e:43:f0:f7:9c:87:90:d2:ca:f5:aa:0b: 30:f0:4a:fc:b8:fd:d0:21:78:12:03:f9:e2:8c:eb: 6b:31:a8:0a:58:61:63:b3:1d:ce:d4:3e:6e:9d:17: 47:ad:17:42:2d:5d:75:ea:43:ee:be:db:4b:f5:42: 57:8c:2c:b3:0f:07:a2:41:b6:58:b3:c1:02:ce:94: d8:c4:89:63:7d:4b:c9:b8:6a:71:05:dc:a8:db:04: 03:2f:c6:dc:59:6e:06:82:ee:75:2e:80:86:f6:cf: 56:22:06:7a:8c:0c:d5:96:33:c2:ed:c3:2a:bd:d4: 48:5b:90:69:b8:89:db:67:bc:6f:c4:c9:bd:f0:8e: 0f:a6:b5:66:09:27:62:ec:29:ff:49:21:4a:50:0d: e9:bd:ca:6d:f7:f9:b8:9c:66:e9:f3:dc:93:31:ee: 00:ff:69:0b:6c:17:fe:0e:56:28:f0:47:b0:29:36: 24:84:aa:dc:8e:42:e4:e3:65:29:35:04:78:a2:ec: 78:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:E0:F6:30:6E:D6:40:A1:10:6C:19:A3:A6:E6:03:31:39:EE:C0:CF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e32899b9-14c3-4649-a1dc-82fec0214193.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:e080::/48 Signature Algorithm: sha256WithRSAEncryption 43:0e:dd:a5:93:3c:b4:e0:20:ce:ac:be:5f:07:23:cc:00:82: 35:74:e2:17:19:69:20:fa:dd:be:8a:59:32:61:cc:a6:d6:c5: d0:87:cd:40:49:b2:28:0a:60:a4:52:e9:33:00:f6:50:63:39: cc:37:d5:25:51:f7:6d:ee:86:10:6f:d3:83:7f:a7:d5:4b:97: dd:c7:07:0f:38:5e:57:69:d5:a6:68:4b:51:a1:a1:98:19:7c: e8:5f:7a:18:28:6a:00:c5:05:bd:a1:df:29:36:cb:27:59:dc: fb:09:4d:1b:12:19:b5:1a:3c:c2:2c:f8:32:20:03:b0:ce:86: c8:d1:5f:1a:56:b1:c2:24:2a:2f:e6:f3:90:f2:85:40:d6:30: 74:19:1a:e8:89:9d:30:b6:5e:3f:71:93:39:42:11:2c:fd:90: 8b:95:df:31:0d:ad:75:cc:ff:5e:d6:ef:37:12:6d:1a:20:d4: a0:a8:f0:c8:f7:56:07:b9:c1:7c:33:b1:55:17:f5:45:c5:30: b3:dc:35:d0:f7:d7:66:e9:6e:64:6c:c3:0b:a9:b2:05:b9:64: a7:6a:95:ac:33:cc:b9:67:62:0c:82:7c:c3:06:0f:71:5a:ef: 4b:ac:bb:a6:65:ac:56:87:93:d6:6c:6b:9d:ab:32:0f:73:6f: 51:c6:3d:5a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUEY8UMcJgzZoFAW6edgRVnNysK1QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMzAwMDAxM1oX DTI1MDYxNzIzNTk1OVowejFJMEcGA1UEBRNAYWMzZjg0MWY3YWUyMGEzMDdlNmI0 MDg4YjhjZDMwYzliMTBlYWU4OWNjY2MyMWI3NjBlN2EwYzEyMmY0NDk1MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2IOg5ijUaBXMjEiYl6FVKNx5/4OK /SBVxhxFnl9Ub9Sq+MIfh4ckRvDT8SJzsl3MiaxSVb5DJY7IAOiO3RI+Q/D3nIeQ 0sr1qgsw8Er8uP3QIXgSA/nijOtrMagKWGFjsx3O1D5unRdHrRdCLV116kPuvttL 9UJXjCyzDweiQbZYs8ECzpTYxIljfUvJuGpxBdyo2wQDL8bcWW4Ggu51LoCG9s9W IgZ6jAzVljPC7cMqvdRIW5BpuInbZ7xvxMm98I4PprVmCSdi7Cn/SSFKUA3pvcpt 9/m4nGbp89yTMe4A/2kLbBf+DlYo8EewKTYkhKrcjkLk42UpNQR4oux4nwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMXg9jBu1kChEGwZo6bmAzE57sDPMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UzMjg5OWI5LTE0YzMtNDY0OS1hMWRjLTgyZmVjMDIxNDE5My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAOCAMA0GCSqGSIb3DQEBCwUAA4IBAQBDDt2lkzy04CDOrL5f ByPMAII1dOIXGWkg+t2+ilkyYcym1sXQh81ASbIoCmCkUukzAPZQYznMN9UlUfdt 7oYQb9ODf6fVS5fdxwcPOF5XadWmaEtRoaGYGXzoX3oYKGoAxQW9od8pNssnWdz7 CU0bEhm1GjzCLPgyIAOwzobI0V8aVrHCJCov5vOQ8oVA1jB0GRroiZ0wtl4/cZM5 QhEs/ZCLld8xDa11zP9e1u83Em0aINSgqPDI91YHucF8M7FVF/VFxTCz3DXQ99dm 6W5kbMMLqbIFuWSnapWsM8y5Z2IMgnzDBg9xWu9LrLumZaxWh5PWbGudqzIPc29R xj1a -----END CERTIFICATE-----Generated at Tue Jun 3 23:31:51 2025 by rpki-client