$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35c40aab-f83d-41b2-947a-e29a7ed6818f.roa File: 35c40aab-f83d-41b2-947a-e29a7ed6818f.roa (raw, json) Hash identifier: 7D9M1m2fFXzoWI9th9UWbiP9o2eCwbKno08FNDm0VaM= Subject key identifier: 3A:FC:FA:4B:9E:9F:C1:44:35:AE:40:71:35:9B:4F:0C:23:CA:64:9B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 119B956E1B8BBD7DFBFAF70FB3C76FCEB65E830F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35c40aab-f83d-41b2-947a-e29a7ed6818f.roa Signing time: Wed 25 Jun 2025 00:00:45 +0000 ROA not before: Wed 25 Jun 2025 00:00:45 +0000 ROA not after: Wed 30 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:9b:95:6e:1b:8b:bd:7d:fb:fa:f7:0f:b3:c7:6f:ce:b6:5e:83:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 25 00:00:45 2025 GMT Not After : Jul 30 23:59:59 2025 GMT Subject: serialNumber=80640a4474effc5c7ef03b0a0f5b727df35f0bcd94420b410dbe25d665a2c592, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:81:eb:34:1e:de:f2:5a:34:53:5f:b2:17:c3: 26:3d:99:92:b9:ed:ac:b3:b4:50:af:f6:d2:51:d8: 8b:1b:f3:65:28:87:54:b1:8b:b1:91:6b:36:45:e7: ca:9e:20:82:6a:97:5a:7e:3c:18:b7:2c:7b:3c:b9: 43:43:75:e6:93:9a:ae:d7:a6:0d:22:e7:0c:07:c6: 6c:ac:fe:8b:c3:e6:e6:ec:91:f4:87:55:5e:3d:29: 45:a0:52:17:88:9f:f9:76:1d:ff:aa:0e:6c:3c:81: 6a:f2:bf:75:3d:8d:00:90:27:13:58:aa:01:0e:7d: 99:3f:f6:fa:03:0a:af:01:a4:a0:fc:ef:da:27:72: 7e:68:3e:0b:a5:ba:2b:cf:2c:b0:65:82:a3:22:aa: 9a:96:92:81:bc:84:ec:90:db:9d:fb:29:e0:d2:13: ab:5b:6a:20:7c:0b:28:22:41:71:05:d4:9c:e1:83: 3e:68:da:27:fd:f4:4b:90:76:c6:e0:d8:90:47:fd: 0d:ce:c8:fa:14:7d:88:09:9e:23:06:4f:f0:e3:f4: bf:ae:ba:2b:dd:44:2c:e0:ee:11:5f:ee:c3:01:01: d3:64:e6:45:60:c7:b6:42:9a:26:8d:8f:09:27:12: b6:4b:91:e2:8f:14:b3:24:8b:93:bb:95:e3:7e:05: ad:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:FC:FA:4B:9E:9F:C1:44:35:AE:40:71:35:9B:4F:0C:23:CA:64:9B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35c40aab-f83d-41b2-947a-e29a7ed6818f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8::/32 Signature Algorithm: sha256WithRSAEncryption 15:39:e9:04:38:40:de:48:66:6c:4f:8b:01:3a:c0:14:d4:f1: a4:33:bf:0f:4d:ff:0c:b3:da:ca:51:70:c2:55:29:37:ed:0b: 38:f7:aa:f6:a7:d6:35:51:e0:3f:be:f6:cd:ac:3b:8b:e6:e4: 5d:45:38:94:45:24:3d:f9:f8:17:f4:86:71:0c:d8:51:47:fe: ba:d4:3d:c1:11:de:8a:d6:cd:b4:c6:1b:1e:9f:65:53:6e:c2: 15:8e:f7:bd:17:0a:42:ea:fc:51:83:27:43:3a:f1:8f:8b:52: 84:79:7e:2d:ce:4d:e1:3f:75:60:16:6f:93:63:77:d9:a0:be: 10:fc:e9:69:11:2e:dc:9c:44:ad:04:af:3b:df:e1:89:e7:eb: 6c:13:5b:3b:42:1d:8a:55:89:4e:5b:54:c1:51:e6:b1:f5:24: 37:d0:20:e6:f1:7d:66:fe:d5:51:cb:40:1c:c8:bb:50:20:90: 4e:23:1e:e5:37:b4:55:c2:f7:fd:4e:24:90:36:13:d2:18:47: b1:4f:f6:47:96:27:03:ac:f2:c6:2a:57:ca:6a:ad:74:fe:68: 86:a4:14:ba:ff:03:d9:3c:af:e0:cc:e8:4d:13:a1:f1:b6:8d: e6:5c:50:37:2b:a0:a4:49:b4:68:44:69:b1:70:6c:f5:d3:3c: 52:f9:07:1a -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUEZuVbhuLvX37+vcPs8dvzrZegw8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyNTAwMDA0NVoX DTI1MDczMDIzNTk1OVowejFJMEcGA1UEBRNAODA2NDBhNDQ3NGVmZmM1YzdlZjAz YjBhMGY1YjcyN2RmMzVmMGJjZDk0NDIwYjQxMGRiZTI1ZDY2NWEyYzU5MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IHrNB7e8lo0U1+yF8MmPZmSue2s s7RQr/bSUdiLG/NlKIdUsYuxkWs2RefKniCCapdafjwYtyx7PLlDQ3Xmk5qu16YN IucMB8ZsrP6Lw+bm7JH0h1VePSlFoFIXiJ/5dh3/qg5sPIFq8r91PY0AkCcTWKoB Dn2ZP/b6AwqvAaSg/O/aJ3J+aD4LpborzyywZYKjIqqalpKBvITskNud+yng0hOr W2ogfAsoIkFxBdSc4YM+aNon/fRLkHbG4NiQR/0Nzsj6FH2ICZ4jBk/w4/S/rror 3UQs4O4RX+7DAQHTZOZFYMe2QpomjY8JJxK2S5HijxSzJIuTu5XjfgWtiQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFDr8+kuen8FENa5AcTWbTwwjymSbMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM1YzQwYWFiLWY4M2QtNDFiMi05NDdhLWUyOWE3ZWQ2ODE4Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbauDANBgkqhkiG9w0BAQsFAAOCAQEAFTnpBDhA3khmbE+LATrA FNTxpDO/D03/DLPaylFwwlUpN+0LOPeq9qfWNVHgP772zaw7i+bkXUU4lEUkPfn4 F/SGcQzYUUf+utQ9wRHeitbNtMYbHp9lU27CFY73vRcKQur8UYMnQzrxj4tShHl+ Lc5N4T91YBZvk2N32aC+EPzpaREu3JxErQSvO9/hiefrbBNbO0IdilWJTltUwVHm sfUkN9Ag5vF9Zv7VUctAHMi7UCCQTiMe5Te0VcL3/U4kkDYT0hhHsU/2R5YnA6zy xipXymqtdP5ohqQUuv8D2Tyv4MzoTROh8baN5lxQNyugpEm0aERpsXBs9dM8UvkH Gg== -----END CERTIFICATE-----Generated at Sun Jun 29 02:57:47 2025 by rpki-client