$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb33c78e-80e8-48d7-8941-7ac54859b50c.roa File: fb33c78e-80e8-48d7-8941-7ac54859b50c.roa (raw, json) Hash identifier: KuXGEV5j8dYxZcRvlQSO0NuovvNogkYo2kMAD3KOHuw= Subject key identifier: 20:D8:6B:BA:7F:EE:59:BC:39:43:A2:01:AC:43:40:57:20:79:16:5B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1B7B47354747CBFC924E02BB86EEC51736B0DDC2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb33c78e-80e8-48d7-8941-7ac54859b50c.roa Signing time: Fri 16 May 2025 00:11:25 +0000 ROA not before: Fri 16 May 2025 00:11:25 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:4080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:7b:47:35:47:47:cb:fc:92:4e:02:bb:86:ee:c5:17:36:b0:dd:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:11:25 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=48558767dee2e6af3f1f90551a28db7861e53d1b4f75d3dfdcbc0ea4ce7c13ab, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:4b:d8:b5:e4:31:66:56:94:06:ee:f1:33:86: 93:5d:03:15:63:c8:42:e8:a0:22:ba:fd:fd:a7:43: 91:25:45:88:10:aa:6e:e2:3e:e9:54:bd:ea:3a:e8: 79:db:fb:db:b9:71:b2:47:32:c2:ae:90:73:e8:b0: af:80:f1:f1:2b:14:8c:b2:ea:b7:b0:92:3e:66:59: 21:c2:de:3b:54:f8:15:e3:c1:21:28:64:e6:a5:08: e9:99:6c:db:71:11:e5:a5:47:e5:67:f7:db:de:85: 1f:a4:f8:3b:12:16:b6:63:31:85:fd:ee:83:f4:56: f0:73:7b:cd:70:82:cb:7a:11:24:05:01:8e:50:4d: 87:ef:c0:63:ed:98:b7:b7:72:3a:a0:3b:ef:44:ca: 4b:be:89:a6:55:38:1d:28:54:93:c2:60:65:9b:c5: c2:02:31:67:69:ff:21:ec:ea:02:78:12:37:5d:da: 77:8f:5c:12:69:01:9b:7a:31:98:7b:c8:d0:82:7d: e4:df:52:f3:e6:cf:99:0f:02:37:a1:fc:f1:6d:b9: 28:54:2b:47:c5:8d:bf:2d:e3:14:30:d6:b1:56:9a: 0e:45:5b:ea:ff:db:ec:35:ca:ca:64:cc:52:00:41: 2b:39:06:13:c2:46:e0:c3:a4:ab:5b:9b:93:14:a0: 81:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:D8:6B:BA:7F:EE:59:BC:39:43:A2:01:AC:43:40:57:20:79:16:5B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb33c78e-80e8-48d7-8941-7ac54859b50c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:4080::/46 Signature Algorithm: sha256WithRSAEncryption b4:b5:46:0f:1d:31:56:d0:04:fc:f3:9d:a7:98:93:ca:4f:ac: a8:43:02:97:32:3b:b9:e8:ed:9d:46:ad:f6:48:75:8c:28:47: a9:9f:3d:e3:a5:e6:97:97:5d:a3:e5:9c:53:c9:7a:48:b8:fb: 62:54:fc:23:58:a8:3a:ea:17:8f:36:ed:85:4c:db:d7:73:d0: 0a:09:11:43:cc:1b:10:7b:6d:d1:3b:71:36:1b:0f:95:a2:95: 43:b2:3a:06:1e:45:16:26:f5:47:18:c6:64:5a:55:93:66:17: f0:0e:93:f1:36:7a:2a:f4:35:08:47:3f:83:8f:96:fc:01:97: 80:20:c3:f0:58:7d:8f:cd:46:86:69:85:85:64:26:16:b2:a6: 2d:3e:2f:09:6b:9c:38:31:64:2b:ff:ac:ce:ad:80:46:9a:7c: f6:3a:06:d7:5a:a9:2c:15:18:f8:39:e1:c8:13:8d:0d:37:c6: 09:3a:6d:28:df:22:3c:df:82:e1:f4:d8:a1:4d:34:ac:a7:04: c4:f9:e0:9f:78:6e:ee:c2:7a:04:0c:33:5c:af:f3:70:6d:82: 3a:5d:3c:06:ba:2e:de:77:26:75:3d:77:94:ad:5b:55:02:94: 30:c2:02:24:6f:ec:ce:42:23:86:7b:fc:73:9c:d9:15:21:8e: ae:c4:73:a3 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUG3tHNUdHy/ySTgK7hu7FFzaw3cIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwMTEyNVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNANDg1NTg3NjdkZWUyZTZhZjNmMWY5 MDU1MWEyOGRiNzg2MWU1M2QxYjRmNzVkM2RmZGNiYzBlYTRjZTdjMTNhYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEvYteQxZlaUBu7xM4aTXQMVY8hC 6KAiuv39p0ORJUWIEKpu4j7pVL3qOuh52/vbuXGyRzLCrpBz6LCvgPHxKxSMsuq3 sJI+Zlkhwt47VPgV48EhKGTmpQjpmWzbcRHlpUflZ/fb3oUfpPg7Eha2YzGF/e6D 9Fbwc3vNcILLehEkBQGOUE2H78Bj7Zi3t3I6oDvvRMpLvommVTgdKFSTwmBlm8XC AjFnaf8h7OoCeBI3Xdp3j1wSaQGbejGYe8jQgn3k31Lz5s+ZDwI3ofzxbbkoVCtH xY2/LeMUMNaxVpoORVvq/9vsNcrKZMxSAEErOQYTwkbgw6SrW5uTFKCBTQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCDYa7p/7lm8OUOiAaxDQFcgeRZbMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZiMzNjNzhlLTgwZTgtNDhkNy04OTQxLTdhYzU0ODU5YjUwYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba+0CAMA0GCSqGSIb3DQEBCwUAA4IBAQC0tUYPHTFW0AT8852n mJPKT6yoQwKXMju56O2dRq32SHWMKEepnz3jpeaXl12j5ZxTyXpIuPtiVPwjWKg6 6hePNu2FTNvXc9AKCRFDzBsQe23RO3E2Gw+VopVDsjoGHkUWJvVHGMZkWlWTZhfw DpPxNnoq9DUIRz+Dj5b8AZeAIMPwWH2PzUaGaYWFZCYWsqYtPi8Ja5w4MWQr/6zO rYBGmnz2OgbXWqksFRj4OeHIE40NN8YJOm0o3yI834Lh9NihTTSspwTE+eCfeG7u wnoEDDNcr/NwbYI6XTwGui7edyZ1PXeUrVtVApQwwgIkb+zOQiOGe/xznNkVIY6u xHOj -----END CERTIFICATE-----Generated at Mon Jun 2 06:13:58 2025 by rpki-client