$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fee398e5-86da-41a5-82fc-59abcaf6e855.roa File: fee398e5-86da-41a5-82fc-59abcaf6e855.roa (raw, json) Hash identifier: pRvQJ7qa32gOXta0LOtadLaPfuRwVVpakYQHAadrUh4= Subject key identifier: 66:0F:D3:D6:E8:88:45:04:22:8E:D4:2A:01:A0:DD:1A:5F:7E:E4:4A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 59555ECD8FDD2D637F1D244C07E949F137C1CB97 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fee398e5-86da-41a5-82fc-59abcaf6e855.roa Signing time: Fri 16 May 2025 00:41:11 +0000 ROA not before: Fri 16 May 2025 00:41:11 +0000 ROA not after: Fri 20 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:840::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:55:5e:cd:8f:dd:2d:63:7f:1d:24:4c:07:e9:49:f1:37:c1:cb:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 16 00:41:11 2025 GMT Not After : Jun 20 23:59:59 2025 GMT Subject: serialNumber=aa327503b94456688d7225a77c27c9d02f5ecf9cbe3fdcf685955b1243509a3a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:d3:9d:89:f2:89:3c:30:83:33:cf:ee:e9:27: c7:44:3b:98:4a:f4:8f:89:af:92:4f:f0:d4:7a:e5: b0:a9:21:a7:68:f4:40:74:4b:a7:29:cb:ae:9f:ae: 9b:80:ef:a5:53:da:d2:20:18:d1:7e:a2:ec:c2:d0: d7:82:2d:fa:9c:a9:5e:32:c7:f2:7c:2f:20:1d:8e: d4:c5:aa:03:66:c9:4c:b4:4c:05:6c:e2:cb:ac:a5: 77:8a:86:6b:5f:c9:0e:75:d1:7f:db:e1:d5:c4:fe: c6:92:fe:71:f8:fb:2e:0e:99:e2:75:50:60:50:cd: df:95:76:58:e6:c8:8e:c3:98:72:85:7d:59:99:25: 46:75:5b:2a:9b:13:fa:d0:41:7d:f3:54:96:a7:0e: 42:25:ec:e0:bb:a2:97:21:01:97:17:61:0e:0e:21: 74:cf:b1:5b:63:3e:5f:cf:0a:33:a1:80:61:39:fc: 88:e6:25:6b:65:fb:0c:dc:44:e0:9c:0b:48:9f:69: 73:cb:79:c3:8f:fd:5b:58:18:4b:13:bf:09:11:6a: ab:cb:7f:63:38:71:a8:11:f2:92:b6:ad:f3:1f:70: 9a:34:b9:d6:94:32:cd:0e:a7:8f:8f:7a:bf:06:d5: f7:73:a7:3e:ea:1c:4f:8f:89:5f:f8:c2:c0:23:1d: c7:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:0F:D3:D6:E8:88:45:04:22:8E:D4:2A:01:A0:DD:1A:5F:7E:E4:4A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fee398e5-86da-41a5-82fc-59abcaf6e855.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:840::/46 Signature Algorithm: sha256WithRSAEncryption 05:8f:67:18:99:f1:a9:9b:c4:75:51:86:fe:b6:45:76:d6:3c: 29:04:f0:ed:28:7d:8d:99:12:20:04:50:9c:a2:4f:ea:26:ea: 6e:15:d1:64:91:ec:bb:7d:c0:7c:c9:19:98:6d:ff:c0:48:7b: 2f:42:f9:87:95:53:99:83:19:53:65:ac:9c:7f:40:32:7f:b8: 17:1e:23:75:67:83:5c:d5:5a:5c:a3:ef:f3:ac:4c:22:1b:3d: 0e:27:5c:31:c8:c1:48:26:4c:bb:11:2f:0c:22:74:aa:46:de: 6f:10:89:19:79:71:93:b5:61:b2:59:84:c0:91:1c:8a:a2:f5: 23:a4:7c:ae:72:65:a0:80:20:b6:09:49:6b:f3:af:89:01:b1: 20:77:f5:f1:7b:67:5f:2b:f0:22:9a:ee:70:6b:e4:c7:92:29: ee:9c:db:fa:61:a7:87:d5:2b:fd:b8:e5:55:e2:fe:95:c7:92: 64:fa:69:65:63:ae:e1:b0:7c:81:a7:90:ab:cd:00:ec:62:97: ff:60:e8:ea:47:42:14:72:b0:d5:be:22:dc:50:6d:9e:4e:15: e0:b7:75:6f:2c:58:0b:17:e0:91:ae:7d:e8:f5:b5:05:00:13: 93:31:67:a6:ac:4b:ce:c9:5a:5e:18:de:65:ad:81:8a:0c:50: 6d:19:cb:cc -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWVVezY/dLWN/HSRMB+lJ8TfBy5cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjAwNDExMVoX DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAYWEzMjc1MDNiOTQ0NTY2ODhkNzIy NWE3N2MyN2M5ZDAyZjVlY2Y5Y2JlM2ZkY2Y2ODU5NTViMTI0MzUwOWEzYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NOdifKJPDCDM8/u6SfHRDuYSvSP ia+ST/DUeuWwqSGnaPRAdEunKcuun66bgO+lU9rSIBjRfqLswtDXgi36nKleMsfy fC8gHY7UxaoDZslMtEwFbOLLrKV3ioZrX8kOddF/2+HVxP7Gkv5x+PsuDpnidVBg UM3flXZY5siOw5hyhX1ZmSVGdVsqmxP60EF981SWpw5CJezgu6KXIQGXF2EODiF0 z7FbYz5fzwozoYBhOfyI5iVrZfsM3ETgnAtIn2lzy3nDj/1bWBhLE78JEWqry39j OHGoEfKStq3zH3CaNLnWlDLNDqePj3q/BtX3c6c+6hxPj4lf+MLAIx3HWwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGYP09boiEUEIo7UKgGg3RpffuRKMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZlZTM5OGU1LTg2ZGEtNDFhNS04MmZjLTU5YWJjYWY2ZTg1NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAbaaQhAMA0GCSqGSIb3DQEBCwUAA4IBAQAFj2cYmfGpm8R1UYb+ tkV21jwpBPDtKH2NmRIgBFCcok/qJupuFdFkkey7fcB8yRmYbf/ASHsvQvmHlVOZ gxlTZaycf0Ayf7gXHiN1Z4Nc1Vpco+/zrEwiGz0OJ1wxyMFIJky7ES8MInSqRt5v EIkZeXGTtWGyWYTAkRyKovUjpHyucmWggCC2CUlr86+JAbEgd/Xxe2dfK/Aimu5w a+THkinunNv6YaeH1Sv9uOVV4v6Vx5Jk+mllY67hsHyBp5CrzQDsYpf/YOjqR0IU crDVviLcUG2eThXgt3VvLFgLF+CRrn3o9bUFABOTMWemrEvOyVpeGN5lrYGKDFBt GcvM -----END CERTIFICATE-----Generated at Tue Jun 3 23:11:59 2025 by rpki-client