$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/064f91be-d8d2-4bb1-a959-5f99de2bf511.roa File: 064f91be-d8d2-4bb1-a959-5f99de2bf511.roa (raw, json) Hash identifier: ccDy3sBT+S3cWq7PfiLxM5hIEOzb1KXIrh/q6LlDA8M= Subject key identifier: 7B:52:83:74:A2:61:77:7A:AB:F4:8E:C3:E4:66:DD:8D:DF:BB:00:3D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 36FD1A3F13E6BC40A293B6A722DAB2D9AD105F44 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/064f91be-d8d2-4bb1-a959-5f99de2bf511.roa Signing time: Wed 04 Jun 2025 00:00:11 +0000 ROA not before: Wed 04 Jun 2025 00:00:11 +0000 ROA not after: Wed 09 Jul 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da60:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 02 Jul 2025 00:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:fd:1a:3f:13:e6:bc:40:a2:93:b6:a7:22:da:b2:d9:ad:10:5f:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 4 00:00:11 2025 GMT Not After : Jul 9 23:59:59 2025 GMT Subject: serialNumber=c923f07b4319bb7a0b4e07d3699ccbba28e67f8a40dbf36cda9198e19f4c1d4f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:c9:e9:e2:d6:0b:1c:9d:37:4c:25:9f:7d:89: c3:14:76:0c:6d:c2:56:6b:d2:50:52:21:9b:ed:0d: f9:9c:45:5e:a6:cb:69:64:64:64:24:4e:3a:a0:f3: 10:e3:36:cd:38:79:a5:84:13:56:c5:58:3b:ea:8f: 2a:c8:a9:46:99:f4:b3:57:09:30:4c:1e:66:0b:fc: f3:bb:e3:8d:09:ce:2e:d1:fb:48:93:29:69:d4:e8: 9f:c2:35:70:23:8d:f9:8e:85:8f:c6:46:ff:b0:c2: cb:90:40:f3:da:24:bf:72:23:d9:b0:de:4a:da:7f: 9f:4e:85:9b:f5:80:a6:60:6b:31:2c:fb:51:ec:79: d8:0d:9e:0c:52:16:30:f8:7e:6c:8a:ed:85:3d:35: cd:f4:56:af:79:03:70:e2:54:ef:d0:d6:3e:47:11: fa:d8:d6:e7:c3:35:9a:63:fd:7c:b4:ae:38:04:7f: 36:f5:cc:17:bb:d1:35:d7:99:b1:90:3f:76:ab:35: 00:5a:b6:cc:23:0d:a7:84:17:c7:15:6c:3d:da:c8: 5d:bd:c2:c3:9e:bb:04:33:36:f5:d4:7c:c2:d5:bd: 50:cb:72:fe:48:c2:d1:ae:ad:74:db:1b:84:e8:5c: 88:06:86:ad:df:92:75:4b:df:90:bf:b9:65:df:66: 18:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:52:83:74:A2:61:77:7A:AB:F4:8E:C3:E4:66:DD:8D:DF:BB:00:3D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/064f91be-d8d2-4bb1-a959-5f99de2bf511.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:4000::/40 Signature Algorithm: sha256WithRSAEncryption 63:e8:07:4c:40:d9:e2:43:68:2d:f4:6d:74:45:75:41:ea:49: 5a:00:7f:4b:7d:b4:44:49:d3:77:e4:aa:ec:b2:55:60:7d:a0: 49:62:0c:b1:e2:0a:54:f4:90:44:a7:0d:33:16:bf:d0:63:1a: 3a:61:b7:43:d0:4e:d3:5f:bb:48:7f:f4:5a:7c:a2:c0:1a:3a: 45:f8:af:9c:3f:f4:70:e6:bc:76:80:90:58:47:d3:84:5c:61: 4c:80:30:be:bf:0d:0c:80:54:dd:ac:e5:c4:77:63:5a:01:ae: eb:2e:66:42:d4:7e:7b:fc:5b:3e:7a:7a:8e:44:74:a9:b4:31: 2f:3d:25:7a:12:ff:3e:f8:9a:2f:4b:db:a0:24:21:a9:4b:2e: e7:50:58:42:42:c4:ec:51:5f:c8:c4:13:64:5f:ea:b9:0d:bf: 2f:59:19:bb:ee:3a:cd:0a:30:e4:74:2d:a2:0e:4e:9e:91:c7: 7c:e3:15:22:49:ef:4e:f8:00:74:17:d7:75:6e:41:14:96:ea: 3f:fd:e9:94:91:4a:f9:8b:48:bb:38:9f:fb:1b:72:9d:40:01: e8:c4:22:db:20:ac:1a:19:54:16:3d:8f:b4:26:98:19:fc:72: 6b:f3:39:de:13:37:2a:57:07:8d:cf:83:8e:82:9c:dc:aa:a4: 0c:37:3d:02 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNv0aPxPmvECik7anItqy2a0QX0QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwNDAwMDAxMVoX DTI1MDcwOTIzNTk1OVowejFJMEcGA1UEBRNAYzkyM2YwN2I0MzE5YmI3YTBiNGUw N2QzNjk5Y2NiYmEyOGU2N2Y4YTQwZGJmMzZjZGE5MTk4ZTE5ZjRjMWQ0ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8np4tYLHJ03TCWffYnDFHYMbcJW a9JQUiGb7Q35nEVepstpZGRkJE46oPMQ4zbNOHmlhBNWxVg76o8qyKlGmfSzVwkw TB5mC/zzu+ONCc4u0ftIkylp1OifwjVwI435joWPxkb/sMLLkEDz2iS/ciPZsN5K 2n+fToWb9YCmYGsxLPtR7HnYDZ4MUhYw+H5siu2FPTXN9FaveQNw4lTv0NY+RxH6 2NbnwzWaY/18tK44BH829cwXu9E115mxkD92qzUAWrbMIw2nhBfHFWw92shdvcLD nrsEMzb11HzC1b1Qy3L+SMLRrq102xuE6FyIBoat35J1S9+Qv7ll32YYHwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHtSg3SiYXd6q/SOw+Rm3Y3fuwA9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA2NGY5MWJlLWQ4ZDItNGJiMS1hOTU5LTVmOTlkZTJiZjUxMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYEAwDQYJKoZIhvcNAQELBQADggEBAGPoB0xA2eJDaC30bXRF dUHqSVoAf0t9tERJ03fkquyyVWB9oEliDLHiClT0kESnDTMWv9BjGjpht0PQTtNf u0h/9Fp8osAaOkX4r5w/9HDmvHaAkFhH04RcYUyAML6/DQyAVN2s5cR3Y1oBrusu ZkLUfnv8Wz56eo5EdKm0MS89JXoS/z74mi9L26AkIalLLudQWEJCxOxRX8jEE2Rf 6rkNvy9ZGbvuOs0KMOR0LaIOTp6Rx3zjFSJJ7074AHQX13VuQRSW6j/96ZSRSvmL SLs4n/sbcp1AAejEItsgrBoZVBY9j7QmmBn8cmvzOd4TNypXB43Pg46CnNyqpAw3 PQI= -----END CERTIFICATE-----Generated at Sat Jun 28 23:56:25 2025 by rpki-client