$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f7bcd12c-ac36-4797-a994-afe12b2516f6.roa File: f7bcd12c-ac36-4797-a994-afe12b2516f6.roa (raw, json) Hash identifier: xokRsybozNXZ3ZK4Dh2TJxqv1lG8Gh8YsZd4jUFQIC8= Subject key identifier: 04:45:2D:77:2F:FE:49:F5:2F:0C:D5:3A:4D:AC:AB:E3:66:BC:C2:33 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 30D4534222BD91C9C1D9E08CDFF6B206F06C217C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f7bcd12c-ac36-4797-a994-afe12b2516f6.roa Signing time: Thu 26 Jun 2025 20:09:26 +0000 ROA not before: Thu 26 Jun 2025 20:09:26 +0000 ROA not after: Thu 31 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:f040::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 15:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:d4:53:42:22:bd:91:c9:c1:d9:e0:8c:df:f6:b2:06:f0:6c:21:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 26 20:09:26 2025 GMT Not After : Jul 31 23:59:59 2025 GMT Subject: serialNumber=5eaea99e6f28475a1f67b00d31c8aa423930f0ec6d1e7f4891637ad5ba682ef4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:b3:60:37:70:61:93:ae:4a:6e:dc:c6:3e:61: 26:27:b6:fe:98:8f:22:d1:7f:cb:ec:dd:fa:f3:b2: c1:89:4e:cc:03:f7:0b:e4:a0:a1:b7:7c:fc:5d:7d: f2:3b:60:8f:0f:e4:e5:70:62:99:29:35:ef:f2:f3: 7a:19:c0:b5:04:2f:64:38:8e:9b:26:c2:7e:51:d7: bb:02:07:1d:09:7d:7c:1c:c1:0c:4a:58:37:05:0b: aa:64:a7:d6:ec:a2:ec:95:ab:f9:c2:fd:d2:5b:38: ea:59:31:c8:07:bb:51:4d:ce:8f:5c:c9:2e:9d:65: b3:0a:81:09:cb:dc:43:d0:d9:6b:f8:c1:4d:1f:f1: 8e:d3:ff:24:5a:2b:a8:da:02:1e:0e:1f:01:ca:57: 82:2e:1e:84:d0:8c:0b:be:58:ee:56:e3:e8:f7:22: fd:fc:b1:24:46:12:07:3f:8a:f8:1f:b1:6a:34:a5: 29:c0:1a:64:8e:90:b6:2d:12:2b:81:85:c1:bf:34: 65:95:d6:e8:a1:10:48:14:ab:54:4b:06:0d:dc:af: d5:28:03:fa:cb:d4:6a:c1:e8:8a:a2:db:e8:4c:8e: d1:f7:15:43:f3:0b:41:3f:f8:81:b5:ba:7d:ca:f9: ca:a0:3e:37:96:f6:7a:fe:16:45:da:35:5e:1f:87: 51:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:45:2D:77:2F:FE:49:F5:2F:0C:D5:3A:4D:AC:AB:E3:66:BC:C2:33 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f7bcd12c-ac36-4797-a994-afe12b2516f6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:f040::/46 Signature Algorithm: sha256WithRSAEncryption 66:a5:1e:1a:5c:c3:58:95:3a:eb:db:ad:ac:0b:aa:cd:75:40: a1:af:c1:73:15:23:a4:4f:88:60:c8:d3:70:e6:d4:9d:97:b9: a6:87:0b:ad:39:ab:d4:f2:1b:fc:0b:50:9a:d5:81:5f:ea:e3: 28:f3:66:3c:fc:df:9c:a0:65:0c:24:c9:aa:ec:65:e3:bf:1e: 32:0a:ab:a2:80:e7:92:50:71:35:28:6d:ec:fc:d3:41:f9:64: 11:48:af:55:0a:b5:8c:2f:6d:20:72:4b:20:4b:9c:83:ec:50: d2:b7:60:55:82:fe:a9:42:33:37:03:12:1f:24:24:c0:be:42: bc:b7:47:ca:86:62:28:78:7f:71:62:1f:92:3e:19:43:65:cb: 88:bb:1f:0f:9c:89:f4:2c:79:6e:04:63:cf:33:6e:9f:19:83: 62:c4:e7:3d:1b:9d:fd:a2:b6:96:4a:77:f1:df:94:ba:9b:2c: 7d:8a:81:a4:1d:b5:c6:fa:c1:75:91:d9:f0:26:a7:01:be:9d: 3c:8b:de:ea:01:21:7f:b4:ef:f0:25:63:53:9b:76:9b:1c:bc: 19:62:cf:12:09:89:75:38:12:21:9f:09:5f:b9:51:ce:c4:84: 29:ca:87:8f:a4:bd:8f:5d:6e:b6:28:3f:d2:56:58:59:29:28: ec:86:4b:b6 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUMNRTQiK9kcnB2eCM3/ayBvBsIXwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyNjIwMDkyNloX DTI1MDczMTIzNTk1OVowejFJMEcGA1UEBRNANWVhZWE5OWU2ZjI4NDc1YTFmNjdi MDBkMzFjOGFhNDIzOTMwZjBlYzZkMWU3ZjQ4OTE2MzdhZDViYTY4MmVmNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7NgN3Bhk65KbtzGPmEmJ7b+mI8i 0X/L7N3687LBiU7MA/cL5KCht3z8XX3yO2CPD+TlcGKZKTXv8vN6GcC1BC9kOI6b JsJ+Ude7AgcdCX18HMEMSlg3BQuqZKfW7KLslav5wv3SWzjqWTHIB7tRTc6PXMku nWWzCoEJy9xD0Nlr+MFNH/GO0/8kWiuo2gIeDh8ByleCLh6E0IwLvljuVuPo9yL9 /LEkRhIHP4r4H7FqNKUpwBpkjpC2LRIrgYXBvzRlldbooRBIFKtUSwYN3K/VKAP6 y9RqweiKotvoTI7R9xVD8wtBP/iBtbp9yvnKoD43lvZ6/hZF2jVeH4dRAwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFARFLXcv/kn1LwzVOk2sq+NmvMIzMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y3YmNkMTJjLWFjMzYtNDc5Ny1hOTk0LWFmZTEyYjI1MTZmNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba8/BAMA0GCSqGSIb3DQEBCwUAA4IBAQBmpR4aXMNYlTrr262s C6rNdUChr8FzFSOkT4hgyNNw5tSdl7mmhwutOavU8hv8C1Ca1YFf6uMo82Y8/N+c oGUMJMmq7GXjvx4yCquigOeSUHE1KG3s/NNB+WQRSK9VCrWML20gcksgS5yD7FDS t2BVgv6pQjM3AxIfJCTAvkK8t0fKhmIoeH9xYh+SPhlDZcuIux8PnIn0LHluBGPP M26fGYNixOc9G539oraWSnfx35S6myx9ioGkHbXG+sF1kdnwJqcBvp08i97qASF/ tO/wJWNTm3abHLwZYs8SCYl1OBIhnwlfuVHOxIQpyoePpL2PXW62KD/SVlhZKSjs hku2 -----END CERTIFICATE-----Generated at Mon Jun 30 23:42:46 2025 by rpki-client