$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ef9ddd9a-9ca9-428f-ac4f-d7f26d008249.roa File: ef9ddd9a-9ca9-428f-ac4f-d7f26d008249.roa (raw, json) Hash identifier: tjEjvjBfyDwxBATNNAgsaVYvTgKQIFGcLQzlnrGvYe8= Subject key identifier: 28:8F:DC:65:5A:52:F3:48:DC:5F:78:DD:14:11:60:90:CD:78:E1:3D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 48AAE939E98D99D12C7626FED4B1312B8A3D3DBC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ef9ddd9a-9ca9-428f-ac4f-d7f26d008249.roa Signing time: Fri 16 May 2025 00:50:46 +0000 ROA not before: Fri 16 May 2025 00:50:46 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:aa:e9:39:e9:8d:99:d1:2c:76:26:fe:d4:b1:31:2b:8a:3d:3d:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:50:46 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=230d5763a2183c782e6d7305c6fe9c735483aed92e89ce346d6cf93bc4067b63, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:d5:af:47:cf:5d:57:0d:97:97:8c:41:31:87: 59:49:1d:aa:f4:a0:aa:32:23:a6:70:f6:9f:db:a8: 98:df:aa:66:73:08:2c:77:60:ba:f2:b6:74:a3:8f: ab:63:88:ef:fa:ba:cc:fb:f9:b0:1f:28:c1:06:21: 40:41:3e:99:9e:b7:b3:50:51:62:2b:be:db:67:d6: d2:6a:3f:da:66:f4:2b:8f:b2:05:4c:64:87:ac:6d: 8d:e9:22:b0:8d:fe:7e:a4:e1:79:59:48:6f:c3:a8: d4:bc:d7:7a:d5:ed:08:66:6b:21:b2:ed:51:42:5e: 66:98:05:7b:cc:13:2c:32:0e:60:38:a8:90:40:50: 63:7b:e9:b4:30:69:a5:86:b9:41:13:59:98:b2:fe: 18:0e:55:cf:08:4a:31:e8:a3:f3:5b:7f:f3:42:5c: 96:05:64:c7:7c:de:65:57:89:e6:34:0a:98:72:55: ad:95:a0:b5:ba:5c:6d:e7:21:c5:17:c8:09:a5:16: 79:4d:26:23:82:24:a7:8e:ef:e6:cf:13:35:80:a7: cd:c8:9a:36:e3:0d:32:9a:5b:1d:bd:b9:8d:24:9d: e4:0e:5c:cc:64:1e:e6:18:98:ed:36:49:92:62:9b: 00:90:dc:9d:bd:ce:18:82:f5:70:35:33:cb:72:db: 7a:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:8F:DC:65:5A:52:F3:48:DC:5F:78:DD:14:11:60:90:CD:78:E1:3D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ef9ddd9a-9ca9-428f-ac4f-d7f26d008249.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:800::/40 Signature Algorithm: sha256WithRSAEncryption 8a:7f:83:0b:f2:00:3e:7b:ed:a2:d0:f4:70:87:94:db:71:b5: c9:df:8b:e3:50:6c:ca:d4:91:40:39:e4:56:e5:32:0a:5a:85: 5c:46:98:d8:33:ed:96:d3:c8:5d:f0:8f:13:1e:5c:23:e9:18: 94:02:c5:74:b3:96:ef:dc:12:be:a5:fe:7d:13:c0:3d:bd:51: b7:48:bc:20:1d:ef:49:86:08:f8:88:90:55:2c:71:29:42:ab: fd:d0:0a:90:8b:35:11:27:10:49:a1:ea:81:78:7f:7e:18:7a: df:1e:28:1f:aa:d6:4a:88:4f:74:17:36:8b:5b:94:d0:00:fc: 17:69:38:5c:05:12:08:03:90:bb:15:54:18:18:60:55:37:6e: 74:e3:e4:2e:4d:f8:c5:2f:9e:7b:e0:31:6f:93:15:06:f7:23: 70:86:db:70:42:3d:de:42:8f:f5:c0:5b:a9:64:cc:a9:24:63: 64:a6:bd:67:06:a9:9c:12:6a:54:e4:9b:70:d1:5e:bd:c7:44: 86:e3:9c:68:37:54:6f:f5:17:bc:f2:dc:ae:59:fb:bb:50:f0: 6b:06:c6:71:da:0e:66:39:79:2d:9b:e4:86:40:91:17:33:0c: 1d:63:aa:4c:57:7a:22:4d:04:46:8b:f0:d6:af:3b:b9:7d:50: bf:ba:f6:31 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSKrpOemNmdEsdib+1LExK4o9PbwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwNTA0NloX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAMjMwZDU3NjNhMjE4M2M3ODJlNmQ3 MzA1YzZmZTljNzM1NDgzYWVkOTJlODljZTM0NmQ2Y2Y5M2JjNDA2N2I2MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdWvR89dVw2Xl4xBMYdZSR2q9KCq MiOmcPaf26iY36pmcwgsd2C68rZ0o4+rY4jv+rrM+/mwHyjBBiFAQT6ZnrezUFFi K77bZ9bSaj/aZvQrj7IFTGSHrG2N6SKwjf5+pOF5WUhvw6jUvNd61e0IZmshsu1R Ql5mmAV7zBMsMg5gOKiQQFBje+m0MGmlhrlBE1mYsv4YDlXPCEox6KPzW3/zQlyW BWTHfN5lV4nmNAqYclWtlaC1ulxt5yHFF8gJpRZ5TSYjgiSnju/mzxM1gKfNyJo2 4w0ymlsdvbmNJJ3kDlzMZB7mGJjtNkmSYpsAkNydvc4YgvVwNTPLctt6rQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCiP3GVaUvNI3F943RQRYJDNeOE9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VmOWRkZDlhLTljYTktNDI4Zi1hYzRmLWQ3ZjI2ZDAwODI0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaQgwDQYJKoZIhvcNAQELBQADggEBAIp/gwvyAD577aLQ9HCH lNtxtcnfi+NQbMrUkUA55FblMgpahVxGmNgz7ZbTyF3wjxMeXCPpGJQCxXSzlu/c Er6l/n0TwD29UbdIvCAd70mGCPiIkFUscSlCq/3QCpCLNREnEEmh6oF4f34Yet8e KB+q1kqIT3QXNotblNAA/BdpOFwFEggDkLsVVBgYYFU3bnTj5C5N+MUvnnvgMW+T FQb3I3CG23BCPd5Cj/XAW6lkzKkkY2SmvWcGqZwSalTkm3DRXr3HRIbjnGg3VG/1 F7zy3K5Z+7tQ8GsGxnHaDmY5eS2b5IZAkRczDB1jqkxXeiJNBEaL8NavO7l9UL+6 9jE= -----END CERTIFICATE-----Generated at Tue Jun 3 23:17:19 2025 by rpki-client