$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa File: 2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa (raw, json) Hash identifier: +U3BXtN2DZXTa5VgF5l9Olfw6ufw1TIRlmdlqbwZRmE= Subject key identifier: 29:F4:D0:B9:48:18:11:CC:13:29:5A:8E:E7:BA:5F:3F:75:54:E1:EC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0406EA8097E1F6A2B66191D9602EDEF94DB98DC9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa Signing time: Sat 28 Jun 2025 00:00:18 +0000 ROA not before: Sat 28 Jun 2025 00:00:18 +0000 ROA not after: Sat 02 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf9::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:06:ea:80:97:e1:f6:a2:b6:61:91:d9:60:2e:de:f9:4d:b9:8d:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 28 00:00:18 2025 GMT Not After : Aug 2 23:59:59 2025 GMT Subject: serialNumber=0d023f8b8ed3f3e8a4321deabe0820f101707f0a84f3bf4f7df6dc44e7464885, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:58:42:2e:f8:dd:1d:09:8d:6d:aa:c6:c4:e3: 30:8c:03:28:c6:79:b4:f3:ac:40:79:80:54:d2:e6: 4b:ce:8e:d8:18:55:9a:8b:7d:b9:30:2a:15:d4:5f: 6e:ca:0d:6e:84:61:05:ce:42:b0:cd:87:5b:00:36: 38:29:6c:96:04:ec:92:fe:8c:8a:f0:f0:43:e1:bf: a9:1d:23:aa:dc:55:28:29:36:e2:1b:4d:86:7c:be: 96:ec:32:ee:fd:d4:be:ad:92:41:97:b7:39:35:7c: 09:4b:db:c4:1f:cc:f2:08:89:d8:a4:b5:50:f2:21: da:cb:57:be:93:ab:6f:9d:7c:75:54:85:f8:ff:a9: eb:4f:a1:36:52:21:ba:80:fb:7a:68:5e:38:19:7e: 3a:a0:6a:3e:c1:12:86:38:5f:86:a7:9c:54:b2:06: 3b:79:ca:a1:84:d3:5a:fd:31:09:11:2e:bf:6e:85: a3:ba:d4:e7:ab:7c:dd:de:58:d6:62:5f:fb:c8:9c: 6c:5d:b0:07:b0:d2:b7:9a:e1:61:97:0a:05:5e:24: cd:11:42:f6:aa:34:c9:67:d9:ac:74:4c:53:d3:f8: b6:1d:c0:4d:84:76:c0:62:de:5c:a7:f0:c7:1a:5b: f3:48:73:80:96:a3:94:d1:21:9a:f7:d9:36:e3:e7: 00:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:F4:D0:B9:48:18:11:CC:13:29:5A:8E:E7:BA:5F:3F:75:54:E1:EC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf9::/32 Signature Algorithm: sha256WithRSAEncryption 02:86:f5:5f:39:43:b5:19:ef:a9:31:82:9b:d8:e7:71:20:b8: be:14:77:7e:a9:c4:72:e3:ff:dd:18:60:00:62:0a:88:13:c0: 86:97:55:26:37:7d:97:a8:0f:fc:55:37:be:71:46:29:43:76: 94:ae:cd:4d:0e:01:cf:95:4d:4e:41:a3:46:20:f9:ef:aa:22: c5:ca:89:72:03:af:89:82:8a:9f:17:0d:47:50:0d:73:da:e0: 58:9d:d6:14:ce:84:19:07:25:48:8d:df:a6:1d:78:df:dc:5a: 6e:ab:27:46:6a:a2:55:31:52:69:1d:c6:e8:e5:6d:08:7b:d3: 5f:0c:25:0f:9d:96:c1:41:03:dd:4e:e4:ae:76:63:c5:8a:97: a0:6a:0b:bf:3d:1b:77:60:36:9f:31:2a:b7:a1:e0:dd:13:eb: da:66:08:37:ce:e3:83:8c:43:fe:c8:fb:f9:80:93:b6:eb:7b: 75:6e:cc:30:bc:d7:4e:eb:5b:7a:e2:cc:cd:2d:b7:f6:b4:fe: a2:3f:d5:3d:ca:dc:08:e0:00:d8:6f:6a:23:33:f9:48:a7:95: 26:b8:9b:ad:12:e2:05:0c:84:c7:e7:99:2a:da:7a:e7:40:f4: d2:dc:89:e8:aa:a4:d0:7f:2c:86:ad:64:4a:b6:be:85:f6:78: f4:72:55:cd -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUBAbqgJfh9qK2YZHZYC7e+U25jckwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyODAwMDAxOFoX DTI1MDgwMjIzNTk1OVowejFJMEcGA1UEBRNAMGQwMjNmOGI4ZWQzZjNlOGE0MzIx ZGVhYmUwODIwZjEwMTcwN2YwYTg0ZjNiZjRmN2RmNmRjNDRlNzQ2NDg4NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2FhCLvjdHQmNbarGxOMwjAMoxnm0 86xAeYBU0uZLzo7YGFWai325MCoV1F9uyg1uhGEFzkKwzYdbADY4KWyWBOyS/oyK 8PBD4b+pHSOq3FUoKTbiG02GfL6W7DLu/dS+rZJBl7c5NXwJS9vEH8zyCInYpLVQ 8iHay1e+k6tvnXx1VIX4/6nrT6E2UiG6gPt6aF44GX46oGo+wRKGOF+Gp5xUsgY7 ecqhhNNa/TEJES6/boWjutTnq3zd3ljWYl/7yJxsXbAHsNK3muFhlwoFXiTNEUL2 qjTJZ9msdExT0/i2HcBNhHbAYt5cp/DHGlvzSHOAlqOU0SGa99k24+cAhwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFCn00LlIGBHMEylajue6Xz91VOHsMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJkODJkNjhjLWI2NjAtNDAxOC05ZmIxLWE5NmM5ZmRkNzc5My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAba+TANBgkqhkiG9w0BAQsFAAOCAQEAAob1XzlDtRnvqTGCm9jn cSC4vhR3fqnEcuP/3RhgAGIKiBPAhpdVJjd9l6gP/FU3vnFGKUN2lK7NTQ4Bz5VN TkGjRiD576oixcqJcgOviYKKnxcNR1ANc9rgWJ3WFM6EGQclSI3fph1439xabqsn RmqiVTFSaR3G6OVtCHvTXwwlD52WwUED3U7krnZjxYqXoGoLvz0bd2A2nzEqt6Hg 3RPr2mYIN87jg4xD/sj7+YCTtut7dW7MMLzXTutbeuLMzS239rT+oj/VPcrcCOAA 2G9qIzP5SKeVJribrRLiBQyEx+eZKtp650D00tyJ6Kqk0H8shq1kSra+hfZ49HJV zQ== -----END CERTIFICATE-----Generated at Sun Jun 29 03:02:54 2025 by rpki-client