$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/38ae37ad-50db-4547-8df2-8cdcc56e5ca1.roa File: 38ae37ad-50db-4547-8df2-8cdcc56e5ca1.roa (raw, json) Hash identifier: QrPKen08Cr3qKILl0MKzngwDML4CbFdKa/WkB9O65xc= Subject key identifier: D6:80:0E:DA:61:DE:50:16:B5:E9:67:4A:97:CA:5F:F7:81:31:C4:EE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 01743795BEF805B59F340A1F267FC6C0F175BE29 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/38ae37ad-50db-4547-8df2-8cdcc56e5ca1.roa Signing time: Tue 24 Jun 2025 00:00:06 +0000 ROA not before: Tue 24 Jun 2025 00:00:06 +0000 ROA not after: Tue 29 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:74:37:95:be:f8:05:b5:9f:34:0a:1f:26:7f:c6:c0:f1:75:be:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 24 00:00:06 2025 GMT Not After : Jul 29 23:59:59 2025 GMT Subject: serialNumber=25459bf0dd27a03affcc42f7274ec89267dbe7ee4b92a1b2f72f9829d0df94f2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:cb:1c:6d:fd:30:61:2b:5b:17:ec:3a:a8:32: 85:3c:28:f4:67:a0:08:14:c7:19:3b:5f:9d:42:60: 82:a6:a2:15:86:73:cf:cf:9b:1f:b3:aa:5b:04:68: 5c:52:a4:a3:c0:5e:6e:14:38:6e:ed:48:2e:72:d7: 58:30:c9:0f:18:e4:36:94:0a:94:1a:2c:9f:00:3a: d8:ea:dc:00:00:f6:e7:5b:a3:ae:27:7c:90:4e:d8: 56:04:4b:46:74:5f:e5:a0:cf:35:84:57:55:e3:b0: 41:8a:a2:6d:62:6d:50:b9:e5:39:95:d1:e5:2c:02: fc:ee:17:e0:3d:05:82:ac:ec:e4:15:9f:52:d4:f4: af:7c:70:c5:71:77:29:c1:d1:c3:0c:2f:3d:9b:f4: 4f:2f:81:f8:e4:e6:70:ef:46:b4:cf:33:37:b3:b7: ef:ea:46:fc:08:91:4a:de:95:ce:7b:7b:03:19:43: 8c:1e:f1:a0:05:c4:bf:ef:57:9d:03:f2:4e:24:c4: dd:c6:1f:a1:d8:3a:86:e7:39:b9:5b:a0:64:00:40: 30:77:ea:27:d1:e4:59:35:a6:56:4a:76:fe:84:5a: 96:86:c0:eb:c8:29:18:d8:23:35:04:5f:2d:c1:ac: c9:96:74:72:d2:c3:2e:a0:ed:0e:e0:60:32:3c:f2: 4c:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:80:0E:DA:61:DE:50:16:B5:E9:67:4A:97:CA:5F:F7:81:31:C4:EE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/38ae37ad-50db-4547-8df2-8cdcc56e5ca1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32::/32 Signature Algorithm: sha256WithRSAEncryption 11:86:3e:63:e9:95:14:19:a4:8d:65:22:69:30:5f:e5:da:ad: 42:c7:3b:51:28:48:a6:26:fc:b5:66:46:ed:fa:21:2d:19:89: 3c:76:bb:6c:3e:4b:d0:c6:6f:c0:66:08:10:2f:b8:43:72:07: cf:00:82:33:78:fd:ae:dc:64:a8:a9:8b:60:03:58:30:ac:b7: 51:23:cd:82:9f:24:de:30:c8:5f:52:87:7c:ce:db:5d:5a:ee: 7a:81:d8:84:63:b4:34:6d:40:d3:50:58:8e:c5:df:79:65:5d: 1b:53:ea:b2:23:1e:95:29:e0:bb:5e:0f:b3:b8:ce:51:ef:8d: 53:a5:c7:bf:83:b1:21:f5:b2:bb:74:9b:f7:81:41:f7:6e:38: 5d:5a:3f:3a:6a:60:5c:bf:1d:ea:44:10:0c:1e:e4:37:41:91: c5:4f:fd:eb:cc:16:61:50:f5:2b:f5:9b:cc:67:b7:25:8e:67: bd:6e:da:11:dd:5c:c9:81:e3:ae:f3:30:2b:4d:34:ac:7d:5c: c9:73:6c:ef:e8:e2:f8:93:3c:6c:1c:6d:c7:12:7d:9b:7c:e7: ea:36:f6:88:b8:9a:4e:dd:45:29:78:be:64:76:48:54:88:47: 87:28:a0:aa:45:a1:80:55:60:a9:5c:44:68:f6:22:4f:35:88: a8:ad:c7:ad -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUAXQ3lb74BbWfNAofJn/GwPF1vikwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyNDAwMDAwNloX DTI1MDcyOTIzNTk1OVowejFJMEcGA1UEBRNAMjU0NTliZjBkZDI3YTAzYWZmY2M0 MmY3Mjc0ZWM4OTI2N2RiZTdlZTRiOTJhMWIyZjcyZjk4MjlkMGRmOTRmMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycscbf0wYStbF+w6qDKFPCj0Z6AI FMcZO1+dQmCCpqIVhnPPz5sfs6pbBGhcUqSjwF5uFDhu7UguctdYMMkPGOQ2lAqU GiyfADrY6twAAPbnW6OuJ3yQTthWBEtGdF/loM81hFdV47BBiqJtYm1QueU5ldHl LAL87hfgPQWCrOzkFZ9S1PSvfHDFcXcpwdHDDC89m/RPL4H45OZw70a0zzM3s7fv 6kb8CJFK3pXOe3sDGUOMHvGgBcS/71edA/JOJMTdxh+h2DqG5zm5W6BkAEAwd+on 0eRZNaZWSnb+hFqWhsDryCkY2CM1BF8twazJlnRy0sMuoO0O4GAyPPJMUQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFNaADtph3lAWtelnSpfKX/eBMcTuMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM4YWUzN2FkLTUwZGItNDU0Ny04ZGYyLThjZGNjNTZlNWNhMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbaMjANBgkqhkiG9w0BAQsFAAOCAQEAEYY+Y+mVFBmkjWUiaTBf 5dqtQsc7UShIpib8tWZG7fohLRmJPHa7bD5L0MZvwGYIEC+4Q3IHzwCCM3j9rtxk qKmLYANYMKy3USPNgp8k3jDIX1KHfM7bXVrueoHYhGO0NG1A01BYjsXfeWVdG1Pq siMelSngu14Ps7jOUe+NU6XHv4OxIfWyu3Sb94FB9244XVo/OmpgXL8d6kQQDB7k N0GRxU/968wWYVD1K/WbzGe3JY5nvW7aEd1cyYHjrvMwK000rH1cyXNs7+ji+JM8 bBxtxxJ9m3zn6jb2iLiaTt1FKXi+ZHZIVIhHhyigqkWhgFVgqVxEaPYiTzWIqK3H rQ== -----END CERTIFICATE-----Generated at Sun Jun 29 03:00:19 2025 by rpki-client