$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea66f72f-02a5-49e5-86f6-bd91534d2929.roa File: ea66f72f-02a5-49e5-86f6-bd91534d2929.roa (raw, json) Hash identifier: jITqWLUwpcYEetvQJPhkMREzg4Cs1W3ELUW0G4khBgA= Subject key identifier: F8:85:12:C5:E7:4E:F9:70:E8:24:E2:8E:1A:C1:56:C0:08:86:BC:C2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 53AC3C804F27532597C87C5E8BF6CDC02D669FCB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea66f72f-02a5-49e5-86f6-bd91534d2929.roa Signing time: Fri 16 May 2025 00:01:44 +0000 ROA not before: Fri 16 May 2025 00:01:44 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf7:b0c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:ac:3c:80:4f:27:53:25:97:c8:7c:5e:8b:f6:cd:c0:2d:66:9f:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:01:44 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=8e05655511b56b9a46da5b3ae3fb809f963e05c833cc1281cef2fc44922ebf3f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:90:bd:a6:8b:85:75:9d:f0:7e:be:ef:3c:bb: c2:45:05:62:de:b3:13:df:60:22:ab:ca:92:b7:ed: 03:a9:45:55:00:02:2a:3a:64:2d:6f:fd:87:d2:5d: 68:7b:63:5f:f5:c9:7a:a9:7a:5e:c5:8b:b5:8e:c8: 81:8d:74:72:80:12:7f:c9:80:2a:ca:0e:10:22:1d: 2b:fc:0c:e2:af:26:1a:37:9a:8c:5c:42:9c:53:31: 3e:d4:c7:02:86:bc:d2:f1:a1:40:37:70:6e:53:b7: a8:26:8e:5c:28:1a:3d:69:21:57:72:41:dd:7d:2a: eb:7e:ba:e5:76:30:4c:dd:85:3d:94:0f:e4:c2:f8: ab:33:51:b3:31:76:65:84:be:f8:9f:cf:b7:17:80: 9f:1f:f9:8e:bd:cf:02:42:17:67:aa:e6:08:e8:b6: 6f:9b:5d:b2:9a:ad:78:39:61:30:b7:7f:47:aa:3a: 6b:de:e6:f4:97:7f:bf:1d:08:89:57:c8:49:53:3b: 3f:03:58:7c:1a:7f:f3:b3:65:65:56:0c:43:09:7e: ed:e2:00:5f:84:91:e8:c8:fd:0f:f1:4f:4f:e7:7a: 10:c9:a7:2d:10:f5:b7:d3:ec:aa:c1:34:b7:f7:e5: 9b:2e:ce:3d:56:fa:98:aa:08:dd:f1:c5:16:34:55: 30:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:85:12:C5:E7:4E:F9:70:E8:24:E2:8E:1A:C1:56:C0:08:86:BC:C2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea66f72f-02a5-49e5-86f6-bd91534d2929.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf7:b0c0::/46 Signature Algorithm: sha256WithRSAEncryption 96:eb:6f:f4:9d:1b:bd:4e:eb:e3:e5:12:af:96:d2:3e:5d:65: aa:fb:da:a1:e3:47:c6:cb:ea:aa:c7:21:3e:57:68:69:4d:08: ba:7d:b4:a3:66:64:a0:0b:49:d6:49:f4:e1:a7:bd:fe:13:34: cd:5c:80:31:cf:64:39:07:44:5f:f5:12:81:7c:b4:8b:b7:e7: e9:36:5f:23:9d:40:e9:57:58:4f:cb:c9:07:b5:e2:bd:db:79: cf:fa:78:38:e6:d5:3c:68:9a:98:69:e6:2a:21:fa:3b:34:66: af:8b:41:2d:50:7d:ea:56:97:82:fe:5e:48:91:88:6e:b9:5f: 65:2d:9f:c3:bb:63:46:fa:07:df:8e:c7:82:54:56:57:e7:da: fb:df:99:78:f5:c1:b4:a7:05:eb:2c:1a:c3:6a:e7:64:1c:14: 87:32:09:db:70:fa:50:12:78:ed:8c:2f:46:19:66:ca:26:80: 5b:ed:57:be:5c:da:57:59:af:1b:42:c8:14:8a:14:49:6a:17: 8e:3e:eb:77:63:94:16:1a:bb:a3:98:29:85:fa:2a:bd:09:0e: a4:9c:55:7f:b9:b7:10:00:3c:5c:22:0c:32:19:99:c7:c5:e3: 10:30:a6:38:83:d1:83:00:63:ec:3d:ba:9c:61:1a:3b:a8:bb: 4b:1e:bc:5f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUU6w8gE8nUyWXyHxei/bNwC1mn8swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMDE0NFoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAOGUwNTY1NTUxMWI1NmI5YTQ2ZGE1 YjNhZTNmYjgwOWY5NjNlMDVjODMzY2MxMjgxY2VmMmZjNDQ5MjJlYmYzZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JC9pouFdZ3wfr7vPLvCRQVi3rMT 32Aiq8qSt+0DqUVVAAIqOmQtb/2H0l1oe2Nf9cl6qXpexYu1jsiBjXRygBJ/yYAq yg4QIh0r/AziryYaN5qMXEKcUzE+1McChrzS8aFAN3BuU7eoJo5cKBo9aSFXckHd fSrrfrrldjBM3YU9lA/kwvirM1GzMXZlhL74n8+3F4CfH/mOvc8CQhdnquYI6LZv m12ymq14OWEwt39Hqjpr3ub0l3+/HQiJV8hJUzs/A1h8Gn/zs2VlVgxDCX7t4gBf hJHoyP0P8U9P53oQyactEPW30+yqwTS39+WbLs49VvqYqgjd8cUWNFUwrQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPiFEsXnTvlw6CTijhrBVsAIhrzCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VhNjZmNzJmLTAyYTUtNDllNS04NmY2LWJkOTE1MzRkMjkyOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba97DAMA0GCSqGSIb3DQEBCwUAA4IBAQCW62/0nRu9Tuvj5RKv ltI+XWWq+9qh40fGy+qqxyE+V2hpTQi6fbSjZmSgC0nWSfThp73+EzTNXIAxz2Q5 B0Rf9RKBfLSLt+fpNl8jnUDpV1hPy8kHteK923nP+ng45tU8aJqYaeYqIfo7NGav i0EtUH3qVpeC/l5IkYhuuV9lLZ/Du2NG+gffjseCVFZX59r735l49cG0pwXrLBrD audkHBSHMgnbcPpQEnjtjC9GGWbKJoBb7Ve+XNpXWa8bQsgUihRJaheOPut3Y5QW GrujmCmF+iq9CQ6knFV/ubcQADxcIgwyGZnHxeMQMKY4g9GDAGPsPbqcYRo7qLtL Hrxf -----END CERTIFICATE-----Generated at Tue Jun 3 23:11:56 2025 by rpki-client