$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f0035674-15ff-434e-b4d2-44fc6010a1aa.roa File: f0035674-15ff-434e-b4d2-44fc6010a1aa.roa (raw, json) Hash identifier: RGKNaUOkgRJ+wIT4vLeJX8Z2lICaRFEwRXWPim2GLGI= Subject key identifier: 55:3F:3C:2E:0B:29:D8:DC:61:46:92:96:FF:3B:D0:6E:1F:40:00:B8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 30E9A3D61DD05231F647AED0D8EABC15FEF35F78 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f0035674-15ff-434e-b4d2-44fc6010a1aa.roa Signing time: Tue 10 Jun 2025 15:02:20 +0000 ROA not before: Tue 10 Jun 2025 15:02:20 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 15:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:e9:a3:d6:1d:d0:52:31:f6:47:ae:d0:d8:ea:bc:15:fe:f3:5f:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:02:20 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=223b9f7c95266206655a0d0e504a577cbbdd5be290adbeaab6aac1f0520f99a7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:f6:85:b6:af:52:d5:6b:d3:02:ae:aa:88:ac: 96:2c:57:c3:8c:c4:18:99:3f:3f:cb:dc:ce:14:25: b9:46:7c:48:15:60:9d:91:c1:31:29:00:4d:ae:89: 53:38:36:54:2d:15:e2:f6:c4:dc:36:37:00:4d:63: 30:95:e5:bb:25:92:fa:74:55:d0:4a:99:0f:4a:f3: 53:4d:99:a3:b4:3b:72:c6:72:f4:0d:13:07:a9:d1: b0:f9:71:9c:68:1f:44:08:52:39:2e:82:9c:ee:4e: bc:e7:dc:3b:ab:0b:56:e8:49:94:66:9a:1e:3e:f6: fe:7e:66:42:3b:93:36:04:ba:90:50:ae:a3:06:db: ae:f5:a1:81:11:bc:99:49:6a:50:1f:2a:a6:8a:c8: 3b:0e:0a:d5:76:8d:02:fc:16:66:78:eb:04:35:6d: 5f:6b:e8:b1:04:81:0c:71:23:c3:49:a3:11:4e:7c: 1a:04:a4:a4:f9:9f:f6:6d:15:8a:0d:79:b3:2b:cf: cb:76:19:ea:3d:2a:79:e1:c9:1f:e6:e4:f8:49:25: 14:e0:c6:96:48:49:86:d3:96:46:4c:b5:41:f7:4d: 78:6b:b7:ac:ff:7d:39:7f:ed:ca:a7:83:ac:ce:81: 10:7e:ca:61:58:84:65:02:0f:5f:77:6b:97:d8:58: e7:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:3F:3C:2E:0B:29:D8:DC:61:46:92:96:FF:3B:D0:6E:1F:40:00:B8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f0035674-15ff-434e-b4d2-44fc6010a1aa.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:e000::/40 Signature Algorithm: sha256WithRSAEncryption 45:de:49:b7:ba:e3:97:be:15:5f:76:fe:ed:a1:18:24:0e:41: 47:bc:3b:08:de:0b:3e:e5:22:cc:fe:40:bf:a5:14:c8:d3:a7: 9f:57:26:f2:8a:6e:62:fd:39:ec:63:73:0a:fe:af:d9:5c:6a: bb:6e:3d:7a:36:1f:2a:9e:52:86:fe:ba:2c:32:82:fb:fd:df: ab:8e:81:87:29:7d:8d:6b:07:76:bd:cc:92:0d:49:15:fe:d6: 98:57:0f:9b:87:5e:e2:36:4c:dd:81:90:13:0d:41:7d:7a:09: 69:60:9c:87:ce:76:db:04:3c:ca:06:49:38:01:ff:8c:9e:f8: 7a:b0:03:9e:85:c8:f6:96:12:da:76:21:ec:96:c4:a5:c5:da: bc:8e:70:9c:2e:69:7a:4c:4b:5b:0f:e0:3d:ba:f7:35:4d:27: 68:61:e7:8c:16:0b:c9:26:2d:6d:de:ed:6a:0d:9d:ff:49:ac: 53:d6:db:ad:87:84:f8:64:0f:52:02:9b:63:f8:90:4a:b2:ae: 72:7a:a4:e9:2e:37:84:0d:3b:56:8f:d1:99:a9:56:f3:1a:b6: a2:94:88:85:31:83:45:53:f0:19:af:64:cc:b4:2c:df:eb:2a: 94:1a:d5:b9:4b:52:b6:bc:3a:b4:47:f1:ab:25:23:f7:0c:0a: a2:39:69:25 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUMOmj1h3QUjH2R67Q2Oq8Ff7zX3gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MDIyMFoX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAMjIzYjlmN2M5NTI2NjIwNjY1NWEw ZDBlNTA0YTU3N2NiYmRkNWJlMjkwYWRiZWFhYjZhYWMxZjA1MjBmOTlhNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfaFtq9S1WvTAq6qiKyWLFfDjMQY mT8/y9zOFCW5RnxIFWCdkcExKQBNrolTODZULRXi9sTcNjcATWMwleW7JZL6dFXQ SpkPSvNTTZmjtDtyxnL0DRMHqdGw+XGcaB9ECFI5LoKc7k6859w7qwtW6EmUZpoe Pvb+fmZCO5M2BLqQUK6jBtuu9aGBEbyZSWpQHyqmisg7DgrVdo0C/BZmeOsENW1f a+ixBIEMcSPDSaMRTnwaBKSk+Z/2bRWKDXmzK8/LdhnqPSp54ckf5uT4SSUU4MaW SEmG05ZGTLVB9014a7es/305f+3Kp4OszoEQfsphWIRlAg9fd2uX2FjnIwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFU/PC4LKdjcYUaSlv870G4fQAC4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YwMDM1Njc0LTE1ZmYtNDM0ZS1iNGQyLTQ0ZmM2MDEwYTFhYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaOAwDQYJKoZIhvcNAQELBQADggEBAEXeSbe645e+FV92/u2h GCQOQUe8OwjeCz7lIsz+QL+lFMjTp59XJvKKbmL9Oexjcwr+r9lcartuPXo2Hyqe Uob+uiwygvv936uOgYcpfY1rB3a9zJINSRX+1phXD5uHXuI2TN2BkBMNQX16CWlg nIfOdtsEPMoGSTgB/4ye+HqwA56FyPaWEtp2IeyWxKXF2ryOcJwuaXpMS1sP4D26 9zVNJ2hh54wWC8kmLW3e7WoNnf9JrFPW262HhPhkD1ICm2P4kEqyrnJ6pOkuN4QN O1aP0ZmpVvMatqKUiIUxg0VT8BmvZMy0LN/rKpQa1blLUra8OrRH8aslI/cMCqI5 aSU= -----END CERTIFICATE-----Generated at Mon Jun 30 20:38:45 2025 by rpki-client