$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/12737cd4-afad-411e-b802-52f561374c59.roa File: 12737cd4-afad-411e-b802-52f561374c59.roa (raw, json) Hash identifier: yYmSN37UJHeNjZk1i0Y6A8xGNlUGZuMy2jI7pEv66S8= Subject key identifier: 7B:25:54:34:5F:B3:CB:55:4C:B7:44:EE:2E:41:6C:98:DC:85:F8:2A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 57E0E88ADA495EEDF0CEC11F19279261DAD7DD1D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/12737cd4-afad-411e-b802-52f561374c59.roa Signing time: Sat 28 Jun 2025 00:01:01 +0000 ROA not before: Sat 28 Jun 2025 00:01:01 +0000 ROA not after: Sat 02 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:e0:e8:8a:da:49:5e:ed:f0:ce:c1:1f:19:27:92:61:da:d7:dd:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 28 00:01:01 2025 GMT Not After : Aug 2 23:59:59 2025 GMT Subject: serialNumber=c1b5d02399467c2b483d0570d34e899251d6a50d73dfec1a62c47a1317959311, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:e8:9c:81:a1:ae:f6:6b:12:68:9a:39:e4:10: a0:bc:ca:6a:e3:4d:5f:a2:51:75:65:60:10:d3:ff: 9b:55:95:8a:93:f0:2e:be:bf:4f:3d:31:f7:92:4c: dd:0d:25:b1:4a:d3:87:fe:9e:94:aa:e4:5d:92:c8: 40:21:8b:99:81:4f:f0:fd:72:9e:e5:6f:9d:65:72: b1:1c:d4:22:63:a4:fa:e3:67:c5:36:53:a9:4f:cb: 99:04:bf:a4:a9:42:1d:89:fa:37:86:50:59:ad:22: 58:29:5c:dc:32:78:d3:aa:c9:f2:b2:ea:f0:e6:7c: b6:a2:96:a6:80:a0:16:d2:76:67:84:f9:13:21:f4: ed:1d:c8:47:2a:2b:81:14:70:11:53:11:8f:aa:46: b8:ad:c8:8d:82:b1:68:dd:b4:99:81:06:23:9d:df: d2:6d:96:a5:4d:00:83:2f:e2:4d:92:ed:d3:9c:87: 1d:50:9d:df:29:5a:67:ac:36:e3:b6:65:c3:f4:ca: 68:95:3f:3a:81:43:d4:e1:f3:61:18:64:d8:63:d9: b8:eb:9e:b3:64:d1:31:5f:bd:ca:66:f9:cc:c2:35: 2f:72:f9:80:97:a3:18:f0:f2:00:c5:ec:d8:5e:39: 01:67:f5:21:37:9c:12:19:f2:cf:b8:e8:ab:b5:6a: c7:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:25:54:34:5F:B3:CB:55:4C:B7:44:EE:2E:41:6C:98:DC:85:F8:2A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/12737cd4-afad-411e-b802-52f561374c59.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:9000::/40 Signature Algorithm: sha256WithRSAEncryption 62:be:be:5b:97:e8:24:8c:f7:5b:67:ed:fe:47:e9:fe:35:10: 99:6b:29:ea:8b:ee:91:49:db:07:83:c8:ba:4d:1a:77:9f:bf: 11:cb:b6:58:48:68:9e:3c:90:43:68:49:be:4e:0f:b2:f5:9d: 36:68:57:6e:aa:ba:f6:4b:e4:72:c3:fb:d1:b2:bd:80:50:47: 61:8a:b0:73:87:33:b0:c9:cb:86:4f:ad:6e:74:31:ec:9c:c6: 8c:f7:f6:de:c3:57:87:0c:85:25:bf:7c:db:33:ba:af:a0:0b: a5:6e:d6:33:fe:ec:5d:aa:f3:2f:68:b6:a9:3e:9f:b5:1f:8f: fe:94:49:8b:e0:aa:5c:4f:19:31:19:c1:a8:cc:af:56:d8:6e: 63:de:de:ac:79:6a:66:c8:6f:e6:8e:d0:39:40:34:e2:2e:8e: 8f:c3:9e:8b:0f:fd:00:8b:c1:70:86:5a:87:e5:8b:c6:14:8d: 7b:e4:be:7e:ca:b8:1c:ee:f1:4d:f1:45:52:ee:54:9b:02:7c: 7b:3a:5e:e6:6d:a4:2a:0b:61:5a:39:44:26:f3:07:e3:d4:ad: 34:c6:f5:ef:2d:02:83:ae:24:2e:2b:a5:15:dc:fa:7b:ba:28: 85:b8:94:75:b1:ed:10:39:4d:4f:3d:b4:8b:57:cf:ad:4e:5c: a1:18:7e:65 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUV+DoitpJXu3wzsEfGSeSYdrX3R0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyODAwMDEwMVoX DTI1MDgwMjIzNTk1OVowejFJMEcGA1UEBRNAYzFiNWQwMjM5OTQ2N2MyYjQ4M2Qw NTcwZDM0ZTg5OTI1MWQ2YTUwZDczZGZlYzFhNjJjNDdhMTMxNzk1OTMxMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+icgaGu9msSaJo55BCgvMpq401f olF1ZWAQ0/+bVZWKk/Auvr9PPTH3kkzdDSWxStOH/p6UquRdkshAIYuZgU/w/XKe 5W+dZXKxHNQiY6T642fFNlOpT8uZBL+kqUIdifo3hlBZrSJYKVzcMnjTqsnysurw 5ny2opamgKAW0nZnhPkTIfTtHchHKiuBFHARUxGPqka4rciNgrFo3bSZgQYjnd/S bZalTQCDL+JNku3TnIcdUJ3fKVpnrDbjtmXD9MpolT86gUPU4fNhGGTYY9m4656z ZNExX73KZvnMwjUvcvmAl6MY8PIAxezYXjkBZ/UhN5wSGfLPuOirtWrHcQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHslVDRfs8tVTLdE7i5BbJjchfgqMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzEyNzM3Y2Q0LWFmYWQtNDExZS1iODAyLTUyZjU2MTM3NGM1OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9JAwDQYJKoZIhvcNAQELBQADggEBAGK+vluX6CSM91tn7f5H 6f41EJlrKeqL7pFJ2weDyLpNGnefvxHLtlhIaJ48kENoSb5OD7L1nTZoV26quvZL 5HLD+9GyvYBQR2GKsHOHM7DJy4ZPrW50Meycxoz39t7DV4cMhSW/fNszuq+gC6Vu 1jP+7F2q8y9otqk+n7Ufj/6USYvgqlxPGTEZwajMr1bYbmPe3qx5ambIb+aO0DlA NOIujo/DnosP/QCLwXCGWofli8YUjXvkvn7KuBzu8U3xRVLuVJsCfHs6XuZtpCoL YVo5RCbzB+PUrTTG9e8tAoOuJC4rpRXc+nu6KIW4lHWx7RA5TU89tItXz61OXKEY fmU= -----END CERTIFICATE-----Generated at Sun Jun 29 04:28:22 2025 by rpki-client