$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/faf03c26-86cc-4b80-a160-2861ff66c03b.roa File: faf03c26-86cc-4b80-a160-2861ff66c03b.roa (raw, json) Hash identifier: uaeOQAkA3n2mWgPfJCe7mjQJ0wSuGElfluksHJo89hs= Subject key identifier: AA:E3:62:34:38:68:55:80:95:96:3B:58:2C:E4:F8:AD:DA:AD:B2:76 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4CA97C385167AE0FCEA415DF0051A37935C3B093 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/faf03c26-86cc-4b80-a160-2861ff66c03b.roa Signing time: Tue 13 May 2025 00:00:51 +0000 ROA not before: Tue 13 May 2025 00:00:51 +0000 ROA not after: Tue 17 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:c0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:a9:7c:38:51:67:ae:0f:ce:a4:15:df:00:51:a3:79:35:c3:b0:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:00:51 2025 GMT Not After : Jun 17 23:59:59 2025 GMT Subject: serialNumber=d62ec39b992b71e6ce58c61ad41c9667e477b0cba3d25e5653c3c27eab2cb928, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:01:62:5b:c3:73:ea:04:ed:d3:33:a9:a1:f5: 80:2d:65:41:03:c4:62:5d:c9:01:80:61:89:7e:c8: 87:d6:64:8d:ac:0e:09:65:c4:90:c8:2e:98:ec:ae: da:9c:fc:e3:be:3f:a1:81:6b:4c:b7:f2:9f:68:9c: 22:fc:8b:da:fe:33:63:fb:77:04:5f:5c:ab:ec:2e: bd:74:1f:20:03:1e:b9:58:ca:02:4f:8b:60:6b:9b: f7:da:90:84:35:7c:c6:aa:67:c1:31:ac:9d:81:c8: d4:60:ab:e4:43:7b:d0:76:1e:61:81:6d:4a:c9:4d: 3c:f7:97:8f:c4:ee:28:2e:ff:09:2e:8d:f5:3e:10: 29:4a:aa:ec:8a:08:d0:f8:a4:62:48:5d:4d:c3:40: 13:cb:d9:ad:2c:15:10:8b:52:cd:bc:d4:a0:0b:57: dd:0a:12:4b:65:d2:a1:59:62:93:19:81:91:ed:40: bf:40:32:85:b6:16:ab:e6:e1:9e:92:88:60:da:3b: 47:85:01:eb:dc:67:fe:90:32:b2:60:6e:6d:cb:05: 6f:49:80:6c:a1:ff:4c:74:ff:da:a9:65:c3:7d:77: 4b:02:44:a6:fa:d6:82:e7:25:e3:27:56:6a:54:81: 4b:f5:4f:9a:ed:4e:82:9e:17:6b:d7:75:b9:57:9c: 9f:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:E3:62:34:38:68:55:80:95:96:3B:58:2C:E4:F8:AD:DA:AD:B2:76 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/faf03c26-86cc-4b80-a160-2861ff66c03b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:c0c0::/48 Signature Algorithm: sha256WithRSAEncryption 97:4a:36:34:30:92:18:1f:09:fe:c8:82:7a:86:09:c4:5e:0b: d6:83:c4:5b:85:cf:46:80:93:48:d1:0e:2c:b2:c9:57:fa:2f: 91:53:53:b4:7d:d0:87:49:33:21:fd:e8:28:5f:6d:09:73:ea: 3f:ec:79:81:a7:63:b9:6b:67:10:d3:f9:57:07:6f:fa:79:c0: a9:6b:3e:de:69:e3:13:1a:02:d1:8b:e9:a4:01:a8:cd:0d:ce: 1a:ff:7f:42:03:81:dc:e5:81:61:1d:cc:ef:59:99:fe:07:04: 8b:8a:21:69:a0:d5:d9:9f:75:c0:12:fd:e6:e5:3d:f5:2a:cb: 6c:d4:b1:a7:ae:1b:e6:f3:98:7e:94:66:f9:30:17:d6:ad:01: cf:59:aa:82:85:1a:1f:ee:e4:d3:df:50:81:b5:27:b7:cf:af: 97:d2:13:bd:33:27:9a:27:12:84:93:b2:8a:a0:cc:41:7d:45: 08:21:da:09:9d:2a:75:0b:a5:8a:7e:52:fc:7f:ac:bc:96:cb: 38:65:5a:3b:6b:04:d7:9a:3e:b3:4c:a1:8d:5b:33:2a:a6:f0: 64:9d:9d:c1:db:bd:4b:3f:ea:87:cf:90:07:59:9a:d8:b4:7d: 70:38:f5:d9:7f:14:a1:f6:5f:8f:e3:9d:05:33:aa:8f:46:68: 08:02:b3:af -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUTKl8OFFnrg/OpBXfAFGjeTXDsJMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMzAwMDA1MVoX DTI1MDYxNzIzNTk1OVowejFJMEcGA1UEBRNAZDYyZWMzOWI5OTJiNzFlNmNlNThj NjFhZDQxYzk2NjdlNDc3YjBjYmEzZDI1ZTU2NTNjM2MyN2VhYjJjYjkyODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgFiW8Nz6gTt0zOpofWALWVBA8Ri XckBgGGJfsiH1mSNrA4JZcSQyC6Y7K7anPzjvj+hgWtMt/KfaJwi/Iva/jNj+3cE X1yr7C69dB8gAx65WMoCT4tga5v32pCENXzGqmfBMaydgcjUYKvkQ3vQdh5hgW1K yU0895ePxO4oLv8JLo31PhApSqrsigjQ+KRiSF1Nw0ATy9mtLBUQi1LNvNSgC1fd ChJLZdKhWWKTGYGR7UC/QDKFthar5uGekohg2jtHhQHr3Gf+kDKyYG5tywVvSYBs of9MdP/aqWXDfXdLAkSm+taC5yXjJ1ZqVIFL9U+a7U6Cnhdr13W5V5yflQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKrjYjQ4aFWAlZY7WCzk+K3arbJ2MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZhZjAzYzI2LTg2Y2MtNGI4MC1hMTYwLTI4NjFmZjY2YzAzYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYcDAMA0GCSqGSIb3DQEBCwUAA4IBAQCXSjY0MJIYHwn+yIJ6 hgnEXgvWg8Rbhc9GgJNI0Q4ssslX+i+RU1O0fdCHSTMh/egoX20Jc+o/7HmBp2O5 a2cQ0/lXB2/6ecCpaz7eaeMTGgLRi+mkAajNDc4a/39CA4Hc5YFhHczvWZn+BwSL iiFpoNXZn3XAEv3m5T31Ksts1LGnrhvm85h+lGb5MBfWrQHPWaqChRof7uTT31CB tSe3z6+X0hO9MyeaJxKEk7KKoMxBfUUIIdoJnSp1C6WKflL8f6y8lss4ZVo7awTX mj6zTKGNWzMqpvBknZ3B271LP+qHz5AHWZrYtH1wOPXZfxSh9l+P450FM6qPRmgI ArOv -----END CERTIFICATE-----Generated at Tue Jun 3 23:31:30 2025 by rpki-client