$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/feddcef0-1c49-4db6-b667-d3a813db2a74.roa File: feddcef0-1c49-4db6-b667-d3a813db2a74.roa (raw, json) Hash identifier: qvzWqOHhyMGwDgeIu+nUB+ytKoL3G0sSM3tPu8cUTrU= Subject key identifier: A9:43:9D:F7:23:C9:24:01:14:B1:70:7E:A2:C8:67:87:9D:EA:5B:3C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 75D739E3580459E02C1B2F62535C508914A0E7CF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/feddcef0-1c49-4db6-b667-d3a813db2a74.roa Signing time: Tue 10 Jun 2025 15:10:13 +0000 ROA not before: Tue 10 Jun 2025 15:10:13 +0000 ROA not after: Tue 15 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 00:31:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:d7:39:e3:58:04:59:e0:2c:1b:2f:62:53:5c:50:89:14:a0:e7:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 10 15:10:13 2025 GMT Not After : Jul 15 23:59:59 2025 GMT Subject: serialNumber=1aafbd2a78c17cca10465d268d3e4c17430f9f3b01b4740ae78fb2057885d32a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:3e:79:b7:8a:74:3c:d4:77:20:38:9f:19:2a: fb:d1:0c:6a:c0:33:c0:35:79:22:3b:75:fb:50:56: 51:7a:a7:46:a4:9b:3a:9f:e2:41:01:a8:91:91:fa: 3e:78:38:a4:28:d7:fa:c4:d6:e6:6d:e5:99:b7:7b: 65:58:15:d6:ee:da:9c:b0:95:e8:d3:8e:d0:ec:23: fa:17:9d:46:21:8f:bc:2d:41:ea:11:8f:4d:5c:f4: 22:aa:a9:a0:4f:e3:ac:05:79:68:8f:99:1d:18:d3: 04:8e:49:27:e8:75:d9:50:d7:0f:d6:bb:e4:28:79: eb:6a:3c:42:fb:69:39:fe:ba:21:cc:0b:a8:25:5c: 0a:9c:75:1f:64:8c:6c:aa:ad:31:63:d2:57:21:54: 61:92:a8:88:65:37:e2:cb:50:50:64:43:31:03:e0: a9:1a:7e:50:3c:7b:b8:59:80:6a:8c:49:fd:bb:7c: 93:7d:32:9f:b7:52:74:d9:27:81:5e:61:d8:d1:68: f1:90:91:67:9e:c4:40:db:70:5c:2e:b7:ae:92:6e: ef:38:15:94:49:a4:1e:b0:e7:f5:9f:61:ec:97:8b: ed:63:aa:fd:41:e9:46:6b:ae:c0:db:4f:8e:67:04: 94:cf:1d:11:e6:33:0d:4c:fa:ef:3f:f2:6f:aa:dd: 28:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:43:9D:F7:23:C9:24:01:14:B1:70:7E:A2:C8:67:87:9D:EA:5B:3C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/feddcef0-1c49-4db6-b667-d3a813db2a74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:1000::/40 Signature Algorithm: sha256WithRSAEncryption 30:6a:61:2a:d6:fb:e5:4e:04:0e:01:af:d7:d3:86:06:31:16: 6b:2b:86:fc:32:d1:60:92:7b:96:46:6e:f5:c2:b2:fe:09:02: 4e:1f:ed:7d:34:57:b7:3f:7d:50:a9:ec:13:40:54:9f:aa:2e: c3:b6:c5:ec:5a:93:03:66:c8:f2:42:f4:c6:34:e5:eb:eb:ee: f5:a5:a2:4f:d0:90:37:d2:70:05:08:97:47:c3:34:9d:68:1d: 14:ea:2d:10:d1:08:ed:62:93:8d:99:49:55:5e:51:d0:ea:40: 84:a9:ee:99:94:07:5b:3e:3f:fb:49:fe:40:aa:18:24:2f:f9: 25:1d:b6:22:1f:85:5b:5b:08:6f:16:d6:f7:05:aa:30:46:be: 16:94:9b:09:5e:21:80:9c:62:92:be:ca:d5:5e:38:fb:a1:f1: dc:a5:03:cf:19:6e:49:72:ed:3c:a3:40:68:ab:49:76:74:ff: 75:e2:4a:ab:d3:7f:cf:9b:88:68:d8:42:d9:39:3f:11:d8:da: 9f:36:21:71:e3:76:f1:a5:2e:b2:4e:87:05:ba:9a:bf:bb:eb: 64:e4:b5:8e:85:98:8d:e2:89:a1:10:00:7c:1d:24:f7:77:23: e1:c0:86:eb:40:0e:cc:d6:40:a0:ce:8d:30:d2:92:5f:ad:55: 06:a7:5a:6a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUddc541gEWeAsGy9iU1xQiRSg588wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxMDE1MTAxM1oX DTI1MDcxNTIzNTk1OVowejFJMEcGA1UEBRNAMWFhZmJkMmE3OGMxN2NjYTEwNDY1 ZDI2OGQzZTRjMTc0MzBmOWYzYjAxYjQ3NDBhZTc4ZmIyMDU3ODg1ZDMyYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqz55t4p0PNR3IDifGSr70QxqwDPA NXkiO3X7UFZReqdGpJs6n+JBAaiRkfo+eDikKNf6xNbmbeWZt3tlWBXW7tqcsJXo 047Q7CP6F51GIY+8LUHqEY9NXPQiqqmgT+OsBXloj5kdGNMEjkkn6HXZUNcP1rvk KHnrajxC+2k5/rohzAuoJVwKnHUfZIxsqq0xY9JXIVRhkqiIZTfiy1BQZEMxA+Cp Gn5QPHu4WYBqjEn9u3yTfTKft1J02SeBXmHY0WjxkJFnnsRA23BcLreukm7vOBWU SaQesOf1n2Hsl4vtY6r9QelGa67A20+OZwSUzx0R5jMNTPrvP/Jvqt0oYQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKlDnfcjySQBFLFwfqLIZ4ed6ls8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZlZGRjZWYwLTFjNDktNGRiNi1iNjY3LWQzYTgxM2RiMmE3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaBAwDQYJKoZIhvcNAQELBQADggEBADBqYSrW++VOBA4Br9fT hgYxFmsrhvwy0WCSe5ZGbvXCsv4JAk4f7X00V7c/fVCp7BNAVJ+qLsO2xexakwNm yPJC9MY05evr7vWlok/QkDfScAUIl0fDNJ1oHRTqLRDRCO1ik42ZSVVeUdDqQISp 7pmUB1s+P/tJ/kCqGCQv+SUdtiIfhVtbCG8W1vcFqjBGvhaUmwleIYCcYpK+ytVe OPuh8dylA88Zbkly7TyjQGirSXZ0/3XiSqvTf8+biGjYQtk5PxHY2p82IXHjdvGl LrJOhwW6mr+762TktY6FmI3iiaEQAHwdJPd3I+HAhutADszWQKDOjTDSkl+tVQan Wmo= -----END CERTIFICATE-----Generated at Fri Jul 4 01:55:40 2025 by rpki-client