$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/33792cb7-eb1d-47b9-939a-d14cbbaa92eb.roa File: 33792cb7-eb1d-47b9-939a-d14cbbaa92eb.roa (raw, json) Hash identifier: pII+eFF5Bs1gTcOst0jVQGyHvXvpcGx3qCmo0SIpfGI= Subject key identifier: B9:5E:9F:9E:4B:01:18:E5:B7:70:83:8A:27:75:B0:EB:22:8B:75:8F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 679AFE5BE878370D379C0A84D81E47393D1EABB2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/33792cb7-eb1d-47b9-939a-d14cbbaa92eb.roa Signing time: Sat 28 Jun 2025 00:00:43 +0000 ROA not before: Sat 28 Jun 2025 00:00:43 +0000 ROA not after: Sat 02 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:a020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:9a:fe:5b:e8:78:37:0d:37:9c:0a:84:d8:1e:47:39:3d:1e:ab:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 28 00:00:43 2025 GMT Not After : Aug 2 23:59:59 2025 GMT Subject: serialNumber=61b0451909e34942e915693509a8aa3bbb9097829bd592724bdef3d192f5e23c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:e4:51:a7:ee:06:39:e7:c3:da:38:1d:ee:1c: c5:51:ce:59:74:f5:d2:4d:6f:04:ff:97:20:8e:40: 19:6a:ec:2b:5f:48:50:c8:ce:30:67:43:14:d7:3c: 4f:e6:a4:08:c6:f5:c5:42:06:d9:40:c0:eb:d0:1a: ad:05:66:0d:d4:4c:f4:f1:32:46:e9:ab:ef:22:e7: 2f:35:0f:c3:b7:01:5b:38:7c:ce:97:be:1c:a3:fb: 29:d6:f3:4f:d6:aa:12:b3:3b:78:0f:f9:58:bf:b7: 5a:64:94:a2:6e:32:42:54:15:3c:36:29:81:8d:0a: 3c:00:57:5e:fa:e5:08:98:d6:aa:d3:d1:d9:2b:95: 48:70:a8:74:ef:fb:f5:dc:d7:b6:24:ee:e2:c9:93: b0:e1:5e:63:a1:ab:1c:49:13:a1:03:4f:0e:a9:21: 77:28:ec:c6:13:1e:26:2e:c8:5a:b2:f7:b1:e8:bf: 17:bd:84:eb:a6:fe:32:f3:61:87:df:e8:02:24:9e: ad:eb:c4:d5:13:be:4f:75:41:e4:11:e1:26:c7:58: b2:10:22:d8:8e:e7:92:51:07:27:e5:ac:da:d5:b8: 4b:82:60:c0:b4:e6:2f:9e:78:8e:c6:1c:bf:0f:dc: ed:ae:7c:03:22:a1:03:b2:64:4e:be:79:8b:14:f9: 3d:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:5E:9F:9E:4B:01:18:E5:B7:70:83:8A:27:75:B0:EB:22:8B:75:8F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/33792cb7-eb1d-47b9-939a-d14cbbaa92eb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:a020::/48 Signature Algorithm: sha256WithRSAEncryption 75:0c:05:9b:85:2c:a7:78:88:b2:c7:c1:33:84:1b:7d:00:79: c0:d9:de:41:e3:f2:47:21:02:6e:d9:85:71:8e:fa:a5:ff:a6: e1:a9:3b:c7:f7:74:ac:ee:5e:e8:8e:21:13:fe:e9:ef:2f:97: 72:09:01:75:ba:2c:5c:c6:5a:cf:19:af:a4:76:07:80:32:e3: 48:0d:c3:c9:fe:8b:60:b3:9a:a1:69:92:70:ff:5f:d7:96:f4: 59:b1:bd:68:a2:9b:47:2a:e6:bb:96:65:49:1d:e3:f2:a1:aa: 52:48:b2:97:90:c4:2d:f7:a9:b0:c2:60:cb:ba:34:38:45:8b: 32:96:04:fc:7b:94:23:3a:d8:b8:47:6e:7c:1a:8a:a4:e8:85: 70:ed:34:43:9a:7c:50:c2:0a:db:a8:5a:af:c2:00:1b:56:eb: 86:2e:4c:26:4f:78:23:42:2e:74:01:98:72:84:a1:d8:5a:53: 37:52:67:8e:d1:a8:bb:96:02:32:00:c1:ac:54:c2:e7:df:9a: 5e:60:89:3e:ea:8c:c8:6b:a2:c2:c8:bd:18:ac:ed:2a:42:5b: 48:ea:18:be:7b:ae:55:a6:a8:d8:07:75:8a:37:7e:95:ca:d6: e7:15:5e:ac:3b:83:1b:67:0f:26:12:04:d9:f3:8b:cb:98:59: ec:7e:e2:48 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZ5r+W+h4Nw03nAqE2B5HOT0eq7IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyODAwMDA0M1oX DTI1MDgwMjIzNTk1OVowejFJMEcGA1UEBRNANjFiMDQ1MTkwOWUzNDk0MmU5MTU2 OTM1MDlhOGFhM2JiYjkwOTc4MjliZDU5MjcyNGJkZWYzZDE5MmY1ZTIzYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyORRp+4GOefD2jgd7hzFUc5ZdPXS TW8E/5cgjkAZauwrX0hQyM4wZ0MU1zxP5qQIxvXFQgbZQMDr0BqtBWYN1Ez08TJG 6avvIucvNQ/DtwFbOHzOl74co/sp1vNP1qoSszt4D/lYv7daZJSibjJCVBU8NimB jQo8AFde+uUImNaq09HZK5VIcKh07/v13Ne2JO7iyZOw4V5joascSROhA08OqSF3 KOzGEx4mLshasvex6L8XvYTrpv4y82GH3+gCJJ6t68TVE75PdUHkEeEmx1iyECLY jueSUQcn5aza1bhLgmDAtOYvnniOxhy/D9ztrnwDIqEDsmROvnmLFPk9XwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLlen55LARjlt3CDiid1sOsii3WPMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMzNzkyY2I3LWViMWQtNDdiOS05MzlhLWQxNGNiYmFhOTJlYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAKAgMA0GCSqGSIb3DQEBCwUAA4IBAQB1DAWbhSyneIiyx8Ez hBt9AHnA2d5B4/JHIQJu2YVxjvql/6bhqTvH93Ss7l7ojiET/unvL5dyCQF1uixc xlrPGa+kdgeAMuNIDcPJ/otgs5qhaZJw/1/XlvRZsb1ooptHKua7lmVJHePyoapS SLKXkMQt96mwwmDLujQ4RYsylgT8e5QjOti4R258Goqk6IVw7TRDmnxQwgrbqFqv wgAbVuuGLkwmT3gjQi50AZhyhKHYWlM3UmeO0ai7lgIyAMGsVMLn35peYIk+6ozI a6LCyL0YrO0qQltI6hi+e65VpqjYB3WKN36VytbnFV6sO4MbZw8mEgTZ84vLmFns fuJI -----END CERTIFICATE-----Generated at Sun Jun 29 03:59:04 2025 by rpki-client