$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e3647b30-15b8-4dd3-8527-ddb9634cb404.roa File: e3647b30-15b8-4dd3-8527-ddb9634cb404.roa (raw, json) Hash identifier: 8/w4FScXKygGzShaUY4waiZqVHfnAD9OmuPIOJ7ku6A= Subject key identifier: 7F:A9:C2:D3:6D:78:50:71:B8:A9:00:95:F6:C3:2A:B0:2A:96:5C:A8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 045EA0276D7A86C89923E2DB316C2876BA0C8786 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e3647b30-15b8-4dd3-8527-ddb9634cb404.roa Signing time: Wed 14 May 2025 00:30:51 +0000 ROA not before: Wed 14 May 2025 00:30:51 +0000 ROA not after: Wed 18 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:c840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:5e:a0:27:6d:7a:86:c8:99:23:e2:db:31:6c:28:76:ba:0c:87:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 14 00:30:51 2025 GMT Not After : Jun 18 23:59:59 2025 GMT Subject: serialNumber=7b1639f58a4dc340f916b585eaea13d3e98b9923485703a06178f38a3508c81b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:c5:25:c5:ef:fa:3a:ac:e9:b0:85:bf:97:99: 20:cc:a0:50:bd:cf:d9:15:96:ef:e1:21:51:08:04: 3e:50:e7:3d:62:43:21:af:3c:96:38:c7:6f:c6:98: 43:2e:d3:05:15:d9:a8:a7:28:6d:b6:8a:96:12:7f: a5:48:08:35:a8:61:fd:68:d8:f5:25:1c:4f:ae:33: 37:2c:58:7c:7a:b9:de:b6:3c:ee:4b:d2:35:4a:2e: be:0d:8a:cb:c8:c1:8a:da:83:47:8d:bf:0a:a0:df: 35:78:bb:b1:72:7d:89:77:9a:e1:da:11:67:9c:23: 7e:ee:52:4f:ec:34:fe:ae:2b:b7:1e:60:f3:22:5e: 3d:a5:52:24:a2:1c:2d:27:cf:6e:8b:79:10:4c:1c: 8f:f4:67:25:18:7e:35:8e:a0:22:2b:3b:9b:8a:f1: c9:88:49:51:8d:7b:c9:5e:9f:65:21:93:da:26:3d: 17:bc:9f:25:81:04:86:b4:7d:07:2a:4e:25:77:9e: 43:d6:ad:50:69:43:dc:e2:d6:d9:a7:0d:a7:a6:be: ff:81:61:de:14:d8:11:32:d9:6e:9e:1d:b8:9e:df: 59:07:59:28:79:b2:32:84:2d:63:b7:a8:55:13:0e: 2b:93:22:bd:82:52:fa:d3:9d:6c:0d:32:42:f2:e7: 6b:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:A9:C2:D3:6D:78:50:71:B8:A9:00:95:F6:C3:2A:B0:2A:96:5C:A8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e3647b30-15b8-4dd3-8527-ddb9634cb404.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:c840::/48 Signature Algorithm: sha256WithRSAEncryption 03:01:24:6a:a6:43:19:f7:f8:eb:74:ec:0c:ad:91:dd:55:3a: 42:c3:72:0e:63:cb:da:b1:c6:c4:d6:f7:15:6c:4d:4b:27:10: 25:0b:1e:fd:98:9a:09:5e:99:87:69:29:91:3d:9d:70:2d:aa: c3:36:37:23:a9:3c:76:18:2f:95:69:01:50:9c:16:9a:17:01: 7a:a9:d1:58:aa:2f:a3:72:4e:f2:9b:40:63:81:e2:03:8a:54: e5:16:66:ee:4e:e3:d2:24:4c:53:52:e7:af:f8:a0:33:be:e3: 8c:4b:be:59:dd:de:84:16:16:a9:a5:ea:b8:63:e4:33:38:e8: 8c:0d:05:ce:c1:2d:88:86:11:2b:17:2e:4b:83:dc:bb:36:38: c0:c9:d9:ea:8c:81:03:bd:83:a1:35:74:ef:fd:54:14:46:bf: 75:a9:f9:06:07:72:4d:17:24:f6:c3:f1:d2:8e:4f:bb:5d:29: 2e:85:ec:76:e4:c8:76:45:83:3e:ae:3b:aa:b5:92:b7:3d:13: 19:0c:af:a4:05:d0:1d:12:c8:1f:af:82:e0:1f:c0:69:6c:a1: ca:98:5a:20:94:ed:6b:2d:0e:6d:42:98:91:88:7f:85:3f:82: eb:44:2a:00:82:e7:89:26:df:18:52:e4:8f:d2:0c:dd:49:eb: dd:cc:10:83 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUBF6gJ216hsiZI+LbMWwodroMh4YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNDAwMzA1MVoX DTI1MDYxODIzNTk1OVowejFJMEcGA1UEBRNAN2IxNjM5ZjU4YTRkYzM0MGY5MTZi NTg1ZWFlYTEzZDNlOThiOTkyMzQ4NTcwM2EwNjE3OGYzOGEzNTA4YzgxYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsUlxe/6OqzpsIW/l5kgzKBQvc/Z FZbv4SFRCAQ+UOc9YkMhrzyWOMdvxphDLtMFFdmopyhttoqWEn+lSAg1qGH9aNj1 JRxPrjM3LFh8ernetjzuS9I1Si6+DYrLyMGK2oNHjb8KoN81eLuxcn2Jd5rh2hFn nCN+7lJP7DT+riu3HmDzIl49pVIkohwtJ89ui3kQTByP9GclGH41jqAiKzubivHJ iElRjXvJXp9lIZPaJj0XvJ8lgQSGtH0HKk4ld55D1q1QaUPc4tbZpw2npr7/gWHe FNgRMtlunh24nt9ZB1koebIyhC1jt6hVEw4rkyK9glL6051sDTJC8udrqwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFH+pwtNteFBxuKkAlfbDKrAqllyoMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UzNjQ3YjMwLTE1YjgtNGRkMy04NTI3LWRkYjk2MzRjYjQwNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOMhAMA0GCSqGSIb3DQEBCwUAA4IBAQADASRqpkMZ9/jrdOwM rZHdVTpCw3IOY8vascbE1vcVbE1LJxAlCx79mJoJXpmHaSmRPZ1wLarDNjcjqTx2 GC+VaQFQnBaaFwF6qdFYqi+jck7ym0BjgeIDilTlFmbuTuPSJExTUuev+KAzvuOM S75Z3d6EFhappeq4Y+QzOOiMDQXOwS2IhhErFy5Lg9y7NjjAydnqjIEDvYOhNXTv /VQURr91qfkGB3JNFyT2w/HSjk+7XSkuhex25Mh2RYM+rjuqtZK3PRMZDK+kBdAd Esgfr4LgH8BpbKHKmFoglO1rLQ5tQpiRiH+FP4LrRCoAgueJJt8YUuSP0gzdSevd zBCD -----END CERTIFICATE-----Generated at Tue Jun 3 23:28:57 2025 by rpki-client