$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f87e20f6-9969-496b-826b-93811df4045b.roa File: f87e20f6-9969-496b-826b-93811df4045b.roa (raw, json) Hash identifier: 6P4pm4fN9TKxW/e4D0KjEAp9j3YMJbsY/YZ1iOaoqNw= Subject key identifier: CA:0E:2E:C3:11:46:CE:F4:4B:53:73:69:E8:D3:8A:3D:67:B0:43:14 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7323A8DCA90B55216DBF39E9E7DAC58A8D5AE46F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f87e20f6-9969-496b-826b-93811df4045b.roa Signing time: Mon 12 May 2025 15:01:19 +0000 ROA not before: Mon 12 May 2025 15:01:19 +0000 ROA not after: Mon 16 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:2880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:23:a8:dc:a9:0b:55:21:6d:bf:39:e9:e7:da:c5:8a:8d:5a:e4:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 12 15:01:19 2025 GMT Not After : Jun 16 23:59:59 2025 GMT Subject: serialNumber=20f4bddcfdbf89521ab724766ec057fb80cfbe0fe27f67fa36c4806d1651ea34, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:f1:19:62:17:c9:d6:ea:77:f0:f6:8a:e1:3e: 1d:d1:af:5b:07:ce:44:a9:71:7a:c5:9f:77:ea:3d: 50:e9:e5:96:0f:f7:8b:77:7b:2c:bd:da:52:4a:55: 27:08:a1:b0:0f:71:d8:06:50:56:e2:03:6d:0a:b7: 8f:fb:9b:98:34:0e:b2:24:81:27:5d:59:53:c3:b9: f6:9b:4b:8e:7b:38:85:aa:89:48:8f:9f:be:42:a3: 44:c6:8d:5e:78:43:7a:b6:03:8b:ae:9c:ca:55:f2: c8:3b:83:a9:c1:0c:18:56:4d:ef:03:75:1b:c0:97: 4d:ec:cc:60:41:f1:80:1a:43:14:f5:93:95:0e:f4: 13:e8:46:cc:36:4a:cd:15:7e:02:ba:7a:01:a9:c5: e7:1f:d0:3a:01:6c:9a:47:9d:6e:53:09:97:70:b2: b5:60:a1:d8:95:7d:ce:1e:60:cf:fd:de:dc:a1:6e: 29:12:46:c1:96:b4:ca:72:2c:00:48:47:4d:cf:06: 64:25:39:23:3f:d8:0b:e5:5c:f3:f5:40:bc:1b:c3: 03:12:e9:a2:14:d8:8e:d2:e0:34:b6:7f:99:0b:7a: 32:89:7b:23:4c:da:d2:96:94:92:42:b1:8f:06:d1: b5:54:2c:92:52:ea:79:49:c5:de:32:d5:b3:84:39: 5d:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:0E:2E:C3:11:46:CE:F4:4B:53:73:69:E8:D3:8A:3D:67:B0:43:14 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f87e20f6-9969-496b-826b-93811df4045b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:2880::/48 Signature Algorithm: sha256WithRSAEncryption 92:08:50:01:a5:95:37:c4:4c:c3:40:18:85:7b:dd:1d:ca:f4: 50:e7:3a:be:b4:e0:62:4b:a4:58:54:8a:d0:7f:48:39:8f:b5: 5b:58:86:ea:57:26:c0:8c:a2:96:02:fb:f0:48:ef:8a:e3:90: 9a:6e:88:d3:45:41:fe:ee:e1:c0:00:13:1c:1e:62:11:4e:c6: 66:37:25:10:a1:3c:d0:6b:45:4c:07:aa:f3:fc:2a:3d:a7:04: 7a:3c:32:e8:bc:74:ff:3d:10:a1:5e:03:bb:0d:54:e3:6a:81: f9:23:c9:bd:b4:e6:81:c1:ab:96:32:f8:e8:00:cf:99:9f:db: 54:ef:22:21:b2:ec:c6:46:28:0a:70:a9:d9:16:ed:2d:43:e2: 0c:97:39:b9:d6:f8:a9:96:09:a8:b7:de:91:ae:d0:67:57:1b: d5:42:93:09:cf:cf:ea:da:c8:dc:bb:9b:ff:c8:89:98:d0:82: 88:61:b3:0e:e7:f5:a2:07:c8:ff:dc:cf:73:80:42:b0:a4:69: a7:5c:e4:1d:da:b5:80:5f:3a:e3:03:30:ac:5f:83:72:97:f1: 75:1e:1d:f7:54:9e:34:84:f6:21:42:2c:1e:a9:54:29:4b:f1: b0:dd:a6:f7:45:fb:7a:11:61:cf:f4:ee:5c:45:3b:ce:3a:3c: 72:5b:09:09 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUcyOo3KkLVSFtvznp59rFio1a5G8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMjE1MDExOVoX DTI1MDYxNjIzNTk1OVowejFJMEcGA1UEBRNAMjBmNGJkZGNmZGJmODk1MjFhYjcy NDc2NmVjMDU3ZmI4MGNmYmUwZmUyN2Y2N2ZhMzZjNDgwNmQxNjUxZWEzNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfEZYhfJ1up38PaK4T4d0a9bB85E qXF6xZ936j1Q6eWWD/eLd3ssvdpSSlUnCKGwD3HYBlBW4gNtCreP+5uYNA6yJIEn XVlTw7n2m0uOeziFqolIj5++QqNExo1eeEN6tgOLrpzKVfLIO4OpwQwYVk3vA3Ub wJdN7MxgQfGAGkMU9ZOVDvQT6EbMNkrNFX4CunoBqcXnH9A6AWyaR51uUwmXcLK1 YKHYlX3OHmDP/d7coW4pEkbBlrTKciwASEdNzwZkJTkjP9gL5Vzz9UC8G8MDEumi FNiO0uA0tn+ZC3oyiXsjTNrSlpSSQrGPBtG1VCySUup5ScXeMtWzhDldKQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMoOLsMRRs70S1NzaejTij1nsEMUMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y4N2UyMGY2LTk5NjktNDk2Yi04MjZiLTkzODExZGY0MDQ1Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaACiAMA0GCSqGSIb3DQEBCwUAA4IBAQCSCFABpZU3xEzDQBiF e90dyvRQ5zq+tOBiS6RYVIrQf0g5j7VbWIbqVybAjKKWAvvwSO+K45CabojTRUH+ 7uHAABMcHmIRTsZmNyUQoTzQa0VMB6rz/Co9pwR6PDLovHT/PRChXgO7DVTjaoH5 I8m9tOaBwauWMvjoAM+Zn9tU7yIhsuzGRigKcKnZFu0tQ+IMlzm51viplgmot96R rtBnVxvVQpMJz8/q2sjcu5v/yImY0IKIYbMO5/WiB8j/3M9zgEKwpGmnXOQd2rWA XzrjAzCsX4Nyl/F1Hh33VJ40hPYhQiweqVQpS/Gw3ab3Rft6EWHP9O5cRTvOOjxy WwkJ -----END CERTIFICATE-----Generated at Tue Jun 3 23:15:09 2025 by rpki-client