$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e34a1112-42b9-4563-9cde-de9af887a3d6.roa File: e34a1112-42b9-4563-9cde-de9af887a3d6.roa (raw, json) Hash identifier: fBKku+yuGDJ96ahFMnLFunXXTacl23s2zTRhZPnoy7o= Subject key identifier: 8B:63:98:B5:A8:BB:5F:9C:12:43:C6:A0:D4:14:FA:DE:83:6E:75:3F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5615DC0A06C2120DDF6A3F85D0B1274EC973D34F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e34a1112-42b9-4563-9cde-de9af887a3d6.roa Signing time: Fri 16 May 2025 15:20:13 +0000 ROA not before: Fri 16 May 2025 15:20:13 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:15:dc:0a:06:c2:12:0d:df:6a:3f:85:d0:b1:27:4e:c9:73:d3:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:20:13 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=5063b8bfd9947caf96d8f428f1484721b6c499640a70d45c79726b5a454b975d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:65:9e:ee:97:1f:ea:ec:58:3e:1b:2d:f4:5c: 1c:ba:db:6c:e5:05:06:a5:04:8d:fd:3c:d8:ae:a3: 5c:80:07:d5:a7:56:3a:25:f6:58:8a:56:af:e0:61: da:74:29:13:a0:bb:4e:b3:80:39:4f:c6:d3:88:0d: ea:2d:cb:88:12:6f:e0:6c:3d:94:ef:99:06:7e:dd: 78:41:5b:20:af:5e:6b:c1:41:52:7d:18:c4:14:e5: d9:53:2f:2b:61:57:73:80:4d:72:17:a3:ce:01:3d: f9:44:94:da:fe:b3:e4:65:01:70:7d:d2:53:ec:21: ae:46:be:73:2e:49:c8:d5:56:83:76:f1:f2:95:89: ed:ec:f8:95:c1:06:76:d2:4d:f0:d8:bf:a4:fd:e0: a6:78:2a:d7:4c:e6:1a:ba:52:d4:f0:41:73:42:f8: 82:ac:db:f1:e9:0d:af:2f:d5:f6:c7:d2:5c:cf:11: 1f:5a:1a:5a:a4:5b:c0:ab:04:be:6f:2f:03:2e:83: 68:60:41:c7:7e:b2:3f:44:d9:9f:c6:ce:5a:7c:09: f7:53:5e:ca:a9:6f:74:7a:69:69:ab:8a:86:71:03: b0:05:8e:d0:27:6f:d8:dd:60:c5:3e:b7:fe:54:4f: 99:8a:d0:1c:88:4a:4b:75:8a:fd:23:99:8d:54:52: 34:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:63:98:B5:A8:BB:5F:9C:12:43:C6:A0:D4:14:FA:DE:83:6E:75:3F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e34a1112-42b9-4563-9cde-de9af887a3d6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:2000::/40 Signature Algorithm: sha256WithRSAEncryption 29:2f:7f:2e:66:3c:ee:92:f6:ca:79:66:e3:05:98:48:ad:d7: 0a:b0:ac:28:65:45:fe:a5:23:59:9b:d4:aa:9a:96:91:23:bc: 24:95:54:57:93:34:92:0d:aa:b1:39:23:17:f4:b2:ad:c9:33: 82:ab:65:29:c3:f6:51:30:6b:bb:31:97:d5:75:01:0c:6b:eb: 21:e8:2c:f5:3d:e6:a2:67:bc:83:55:00:57:c9:c2:8d:8d:70: fd:29:17:22:cf:df:a4:ce:61:5c:50:fe:29:b8:51:2a:4a:17: b9:c6:e6:4a:22:a8:8d:a5:a2:7c:f3:27:b8:a1:69:3a:1a:1f: f3:dc:f1:aa:dd:6e:da:ff:3f:e5:e7:e3:93:11:87:a4:89:a1: ba:3c:35:28:b0:4a:8f:66:5b:e3:5e:34:7c:15:cd:e0:cd:86: 62:45:fb:e2:25:e5:0d:3a:3f:96:b7:c0:88:6c:01:0c:82:42: 40:c4:cd:cc:17:8b:20:e1:53:4a:59:34:a4:f7:04:82:96:86: f5:cc:d7:7f:92:18:73:fa:9d:51:51:f1:7e:26:bd:dd:16:fd: c4:84:a0:ae:e4:50:ec:4c:6d:02:48:bf:8c:fa:c7:87:b3:87: 55:86:7a:42:ce:c2:1b:d2:5f:29:36:4f:7c:17:df:e2:1f:ec: 39:49:39:3a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVhXcCgbCEg3faj+F0LEnTslz008wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MjAxM1oX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANTA2M2I4YmZkOTk0N2NhZjk2ZDhm NDI4ZjE0ODQ3MjFiNmM0OTk2NDBhNzBkNDVjNzk3MjZiNWE0NTRiOTc1ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGWe7pcf6uxYPhst9Fwcutts5QUG pQSN/TzYrqNcgAfVp1Y6JfZYilav4GHadCkToLtOs4A5T8bTiA3qLcuIEm/gbD2U 75kGft14QVsgr15rwUFSfRjEFOXZUy8rYVdzgE1yF6POAT35RJTa/rPkZQFwfdJT 7CGuRr5zLknI1VaDdvHylYnt7PiVwQZ20k3w2L+k/eCmeCrXTOYaulLU8EFzQviC rNvx6Q2vL9X2x9JczxEfWhpapFvAqwS+by8DLoNoYEHHfrI/RNmfxs5afAn3U17K qW90emlpq4qGcQOwBY7QJ2/Y3WDFPrf+VE+ZitAciEpLdYr9I5mNVFI0JwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFItjmLWou1+cEkPGoNQU+t6DbnU/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UzNGExMTEyLTQyYjktNDU2My05Y2RlLWRlOWFmODg3YTNkNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOCAwDQYJKoZIhvcNAQELBQADggEBACkvfy5mPO6S9sp5ZuMF mEit1wqwrChlRf6lI1mb1KqalpEjvCSVVFeTNJINqrE5Ixf0sq3JM4KrZSnD9lEw a7sxl9V1AQxr6yHoLPU95qJnvINVAFfJwo2NcP0pFyLP36TOYVxQ/im4USpKF7nG 5koiqI2lonzzJ7ihaToaH/Pc8ardbtr/P+Xn45MRh6SJobo8NSiwSo9mW+NeNHwV zeDNhmJF++Il5Q06P5a3wIhsAQyCQkDEzcwXiyDhU0pZNKT3BIKWhvXM13+SGHP6 nVFR8X4mvd0W/cSEoK7kUOxMbQJIv4z6x4ezh1WGekLOwhvSXyk2T3wX3+If7DlJ OTo= -----END CERTIFICATE-----Generated at Tue Jun 3 23:17:18 2025 by rpki-client