$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/062af51c-5367-4b3a-91ca-65f4ac95ee74.roa File: 062af51c-5367-4b3a-91ca-65f4ac95ee74.roa (raw, json) Hash identifier: kKD8nMXqdTN/yy9VF94g/rhThcKxq1S+AR3HGp/xiFs= Subject key identifier: 39:6C:9D:16:16:40:8D:8F:EC:7B:DA:DC:09:FE:7A:26:C9:3C:E8:EA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 192E16064BE303DA7B22107C1CDF5A6D6898639F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/062af51c-5367-4b3a-91ca-65f4ac95ee74.roa Signing time: Mon 09 Jun 2025 15:10:19 +0000 ROA not before: Mon 09 Jun 2025 15:10:19 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:2880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:2e:16:06:4b:e3:03:da:7b:22:10:7c:1c:df:5a:6d:68:98:63:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:10:19 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=ec89da0bd1356a69adf64a90d8ba9e3bf46b19265c71cf4d0eb576f734324585, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:72:ec:3c:bf:c4:a2:11:bb:15:dd:51:63:1c: a1:ff:51:46:bb:35:7b:b0:48:88:61:26:d8:1f:90: cb:32:2c:76:0b:ab:f1:4e:57:2a:1c:ce:f2:51:cb: 66:87:63:18:7c:d0:91:81:b9:95:ed:d2:15:7f:72: dc:e8:97:b4:14:fe:92:e5:e7:fb:15:ff:94:a2:c6: 1a:65:23:0c:86:11:1a:ae:52:f1:dc:a3:59:9f:4f: ac:7d:4a:46:53:5d:59:dc:37:14:3a:1b:ca:5f:dc: 0f:f1:fe:a0:42:ec:a4:fa:a6:af:73:65:ed:ae:41: 93:08:6a:54:64:bb:55:88:87:df:4e:7c:07:ae:22: e9:48:a6:13:aa:0a:68:8b:05:36:c9:e3:89:ce:f9: bc:e9:82:56:67:93:05:63:18:de:53:70:7b:de:d2: a2:50:65:0b:05:64:6b:1c:19:16:39:59:51:49:92: 42:37:57:fa:ce:ff:c4:33:f4:c4:a1:35:de:48:fd: 27:d8:5e:fc:73:f8:51:29:ae:43:34:77:c6:05:30: ff:f9:e8:f9:a9:06:c0:35:70:64:96:52:66:11:9b: 03:83:9d:2d:47:94:16:af:48:f0:38:0f:4a:50:30: f3:20:66:9e:19:10:e2:77:39:23:eb:cf:c9:1c:a6: b5:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:6C:9D:16:16:40:8D:8F:EC:7B:DA:DC:09:FE:7A:26:C9:3C:E8:EA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/062af51c-5367-4b3a-91ca-65f4ac95ee74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:2880::/48 Signature Algorithm: sha256WithRSAEncryption 38:58:58:0b:0c:2f:1e:8d:23:0e:98:7e:b7:50:94:9f:49:71: 6b:6f:0a:49:36:5b:e8:94:91:91:0b:f1:0d:84:ae:75:d9:09: a2:c3:29:44:3e:fd:c3:05:37:22:94:cd:3a:26:5f:f5:4e:3b: 3b:df:0c:d2:63:05:7a:43:ef:27:51:36:b1:03:b2:6e:f8:3d: 82:a8:c8:f6:ab:e3:9b:73:0b:8d:2a:62:51:52:55:b1:77:74: 9a:bb:61:58:9f:cb:c2:c5:d1:95:e1:ac:08:4c:f6:79:56:e8: ef:e1:ac:90:19:2a:3b:c5:f6:41:eb:83:12:12:6f:69:0f:59: 66:01:da:48:14:47:a6:e9:27:cf:13:12:de:25:37:b3:1b:d8: 97:f4:a5:93:c2:a4:3a:c9:e5:8d:a7:f3:74:a3:4a:31:f7:85: 75:40:7f:07:78:6c:81:56:5c:03:ec:7a:82:63:db:35:87:88: e9:32:07:4c:22:e9:5b:04:fa:55:ba:64:12:c6:e0:01:12:d4: e0:15:59:da:f0:6b:ff:ad:ec:91:29:c0:72:21:ee:45:4e:7a: 83:17:83:7c:4c:70:3a:ec:3f:74:af:c9:3f:dc:23:e0:12:be: 03:09:f9:04:5c:57:d5:40:68:36:ce:0b:58:a1:64:27:5b:f5: b8:91:c5:3e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGS4WBkvjA9p7IhB8HN9abWiYY58wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MTAxOVoX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAZWM4OWRhMGJkMTM1NmE2OWFkZjY0 YTkwZDhiYTllM2JmNDZiMTkyNjVjNzFjZjRkMGViNTc2ZjczNDMyNDU4NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunLsPL/EohG7Fd1RYxyh/1FGuzV7 sEiIYSbYH5DLMix2C6vxTlcqHM7yUctmh2MYfNCRgbmV7dIVf3Lc6Je0FP6S5ef7 Ff+UosYaZSMMhhEarlLx3KNZn0+sfUpGU11Z3DcUOhvKX9wP8f6gQuyk+qavc2Xt rkGTCGpUZLtViIffTnwHriLpSKYTqgpoiwU2yeOJzvm86YJWZ5MFYxjeU3B73tKi UGULBWRrHBkWOVlRSZJCN1f6zv/EM/TEoTXeSP0n2F78c/hRKa5DNHfGBTD/+ej5 qQbANXBkllJmEZsDg50tR5QWr0jwOA9KUDDzIGaeGRDidzkj68/JHKa14QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDlsnRYWQI2P7Hva3An+eibJPOjqMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA2MmFmNTFjLTUzNjctNGIzYS05MWNhLTY1ZjRhYzk1ZWU3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOCiAMA0GCSqGSIb3DQEBCwUAA4IBAQA4WFgLDC8ejSMOmH63 UJSfSXFrbwpJNlvolJGRC/ENhK512QmiwylEPv3DBTcilM06Jl/1Tjs73wzSYwV6 Q+8nUTaxA7Ju+D2CqMj2q+ObcwuNKmJRUlWxd3Sau2FYn8vCxdGV4awITPZ5Vujv 4ayQGSo7xfZB64MSEm9pD1lmAdpIFEem6SfPExLeJTezG9iX9KWTwqQ6yeWNp/N0 o0ox94V1QH8HeGyBVlwD7HqCY9s1h4jpMgdMIulbBPpVumQSxuABEtTgFVna8Gv/ reyRKcByIe5FTnqDF4N8THA67D90r8k/3CPgEr4DCfkEXFfVQGg2zgtYoWQnW/W4 kcU+ -----END CERTIFICATE-----Generated at Sun Jun 29 08:08:25 2025 by rpki-client