$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/eb147b0a-93ac-4ab7-8c40-1df2c88725a7.roa File: eb147b0a-93ac-4ab7-8c40-1df2c88725a7.roa (raw, json) Hash identifier: hOYXDOMkK4jlze1Z2JsEs99Paeh5qWoiCasN1/b+L/s= Subject key identifier: A7:D9:63:65:07:80:9D:01:5E:8C:25:5B:94:27:8E:90:E9:63:77:E1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6712D91B47CDA8CFF64BFA68CC8B296763C0BD52 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/eb147b0a-93ac-4ab7-8c40-1df2c88725a7.roa Signing time: Fri 16 May 2025 15:01:03 +0000 ROA not before: Fri 16 May 2025 15:01:03 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:12:d9:1b:47:cd:a8:cf:f6:4b:fa:68:cc:8b:29:67:63:c0:bd:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 15:01:03 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=074574fb4e5e4f73e47a0062394a330bf00f7cee1e6e8d3f9ae28338553f8ec1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:8b:00:22:60:8c:8e:67:2b:48:09:b5:55:1a: 99:e2:e1:28:58:32:01:95:17:b4:04:1e:79:95:22: ca:66:8a:b3:88:95:26:3c:b0:f8:16:45:f7:f0:b9: 7f:43:c3:1a:ed:7f:53:07:ee:23:c7:14:69:f4:0a: d3:8f:78:d2:48:74:fc:8b:1b:a0:41:2d:8d:70:ff: b6:2e:b5:29:87:bb:35:c4:8b:b2:0a:14:63:3c:5a: ad:0f:2a:88:ac:5e:bd:fc:43:cf:84:74:94:b1:90: 2d:49:c9:30:b7:d0:6b:8a:37:45:91:95:21:f9:34: 3b:43:be:64:6f:cc:bc:59:5c:45:09:62:89:d9:24: 13:95:e8:97:26:b1:dd:f1:d9:d5:b2:f1:3d:24:a4: 39:9d:fa:95:6f:70:68:05:3b:a3:df:a3:05:b1:3d: d4:9e:b6:2a:e9:98:5e:0b:06:d3:b6:90:77:92:5f: 4f:42:29:dd:e5:1d:d5:e5:bd:05:eb:13:5e:e6:24: 9e:63:cd:86:f1:db:20:ad:69:94:49:8f:ac:92:f4: 02:ba:e1:ad:20:42:7c:2d:b6:4d:28:05:f0:b0:76: c0:21:64:d0:35:bd:57:1c:cd:2c:0e:68:3f:c3:a2: 7b:75:30:bc:89:2b:7c:07:d4:69:67:82:6d:a6:e6: 6e:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:D9:63:65:07:80:9D:01:5E:8C:25:5B:94:27:8E:90:E9:63:77:E1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/eb147b0a-93ac-4ab7-8c40-1df2c88725a7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:4000::/40 Signature Algorithm: sha256WithRSAEncryption a4:73:6b:b7:e3:80:97:de:70:58:ab:7f:2f:92:41:c4:7b:21: ef:77:f6:61:f4:e5:a8:e3:91:af:89:da:0a:2c:04:7b:1d:8e: 7e:fe:de:6b:75:bd:2d:3f:73:69:48:bb:33:df:ed:6a:f3:f8: b2:6e:2a:0b:6a:5c:e4:a6:63:a0:ab:05:ce:99:36:78:6c:62: b5:35:64:31:49:33:d6:6d:1b:9d:67:b9:de:68:d5:dc:a5:0f: f2:21:ec:07:a1:62:04:c9:a0:f6:ba:e5:c7:54:79:41:7a:86: de:e4:1b:36:18:31:73:74:e1:ee:1f:1b:2d:0d:4a:e2:78:42: 08:ce:80:06:78:3a:ec:f5:1c:22:d6:ce:a9:00:de:bd:cf:75: 19:f6:ba:39:4b:f6:b8:3d:00:df:5d:69:e8:58:fd:00:c6:ef: 4e:4e:92:6b:87:f3:21:95:d6:ac:44:a9:91:e8:8a:31:55:f2: 16:38:db:30:c0:63:2e:49:a2:87:b1:48:ca:b6:7a:bf:86:f4: 86:f3:6d:bc:73:cf:72:c1:86:36:bb:36:c2:af:8f:ce:28:1a: 31:76:4c:3a:f3:5a:97:8c:9b:18:bc:c6:e1:0f:40:1d:6c:96: 76:e6:aa:f0:0b:3b:de:ac:0e:ad:ba:4c:e2:88:88:23:c7:6e: d1:91:d0:2c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZxLZG0fNqM/2S/pozIspZ2PAvVIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MDEwM1oX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAMDc0NTc0ZmI0ZTVlNGY3M2U0N2Ew MDYyMzk0YTMzMGJmMDBmN2NlZTFlNmU4ZDNmOWFlMjgzMzg1NTNmOGVjMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYsAImCMjmcrSAm1VRqZ4uEoWDIB lRe0BB55lSLKZoqziJUmPLD4FkX38Ll/Q8Ma7X9TB+4jxxRp9ArTj3jSSHT8ixug QS2NcP+2LrUph7s1xIuyChRjPFqtDyqIrF69/EPPhHSUsZAtSckwt9BrijdFkZUh +TQ7Q75kb8y8WVxFCWKJ2SQTleiXJrHd8dnVsvE9JKQ5nfqVb3BoBTuj36MFsT3U nrYq6ZheCwbTtpB3kl9PQind5R3V5b0F6xNe5iSeY82G8dsgrWmUSY+skvQCuuGt IEJ8LbZNKAXwsHbAIWTQNb1XHM0sDmg/w6J7dTC8iSt8B9RpZ4JtpuZuPwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKfZY2UHgJ0BXowlW5QnjpDpY3fhMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ViMTQ3YjBhLTkzYWMtNGFiNy04YzQwLTFkZjJjODg3MjVhNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8UAwDQYJKoZIhvcNAQELBQADggEBAKRza7fjgJfecFirfy+S QcR7Ie939mH05ajjka+J2gosBHsdjn7+3mt1vS0/c2lIuzPf7Wrz+LJuKgtqXOSm Y6CrBc6ZNnhsYrU1ZDFJM9ZtG51nud5o1dylD/Ih7AehYgTJoPa65cdUeUF6ht7k GzYYMXN04e4fGy0NSuJ4QgjOgAZ4Ouz1HCLWzqkA3r3PdRn2ujlL9rg9AN9daehY /QDG705OkmuH8yGV1qxEqZHoijFV8hY42zDAYy5JooexSMq2er+G9Ibzbbxzz3LB hja7NsKvj84oGjF2TDrzWpeMmxi8xuEPQB1slnbmqvALO96sDq26TOKIiCPHbtGR 0Cw= -----END CERTIFICATE-----Generated at Tue Jun 3 23:27:35 2025 by rpki-client