$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4340d3ab-0665-4d5d-b19f-2f3cef58b325.roa File: 4340d3ab-0665-4d5d-b19f-2f3cef58b325.roa (raw, json) Hash identifier: pU8waTQ9hP7b3Vi4f8mDmv6Bpe2FX9Nh+ZmtrvhdlJc= Subject key identifier: 56:8D:C7:86:D7:E8:D2:33:02:78:E6:CB:63:34:E5:0A:07:36:76:EA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6CD6BD693B7DC62DEF15DD54F10CDCA4F6C0AF93 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4340d3ab-0665-4d5d-b19f-2f3cef58b325.roa Signing time: Mon 09 Jun 2025 15:31:29 +0000 ROA not before: Mon 09 Jun 2025 15:31:29 +0000 ROA not after: Mon 14 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:2840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:d6:bd:69:3b:7d:c6:2d:ef:15:dd:54:f1:0c:dc:a4:f6:c0:af:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 9 15:31:29 2025 GMT Not After : Jul 14 23:59:59 2025 GMT Subject: serialNumber=d54f144a75345e5210affdd1955ce6479b9f05225d6cfbd55958ce9979d27cd9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:b2:86:eb:8f:19:4b:93:7a:94:72:85:55:62: cc:69:c8:1f:58:99:ac:cb:36:00:97:24:ab:b3:2f: d4:ff:81:f3:c2:3e:aa:aa:09:cc:13:61:03:6e:84: 92:3b:8c:c5:a2:7e:3f:66:b6:10:a6:8b:48:22:10: bc:c2:ab:de:df:f3:ef:99:ad:a8:b7:93:79:58:22: 39:45:0c:b0:17:9d:a1:56:7e:58:98:52:06:e2:50: fa:5d:eb:6f:98:5e:8c:61:f4:4d:d8:ad:6e:26:29: 6c:2d:ce:00:d4:29:55:6c:7f:be:52:8d:92:70:de: de:a8:51:4a:23:19:c4:ed:c4:f5:64:47:a9:b6:ae: 5f:d1:e2:6f:7f:54:89:5e:22:ac:fb:19:81:50:65: 56:fa:d8:83:04:c4:e3:cf:fc:98:c2:20:ec:cc:c5: 85:30:85:fd:6c:12:dc:e6:58:35:01:01:4b:94:4e: fc:30:7c:81:af:23:8b:bb:b6:3b:01:19:fb:94:4d: 36:51:30:59:28:e8:e5:15:ea:9e:13:35:00:cb:ce: 3b:76:55:f6:5f:20:f7:ce:1f:3d:68:11:98:0e:4e: e3:77:0a:95:0a:14:cb:89:7a:c5:af:03:cd:4e:20: 2f:36:e3:c6:b6:7b:ca:5a:0f:c6:bc:f6:10:3a:a9: dc:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:8D:C7:86:D7:E8:D2:33:02:78:E6:CB:63:34:E5:0A:07:36:76:EA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4340d3ab-0665-4d5d-b19f-2f3cef58b325.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:2840::/48 Signature Algorithm: sha256WithRSAEncryption 64:55:f5:35:27:16:5f:cd:31:e9:5f:3f:f1:86:dc:c7:a0:91: 7c:fb:38:31:ba:eb:da:9b:6c:ec:06:ec:f4:0f:6e:4c:fa:0d: c9:8d:91:c2:ec:1f:fc:0d:c8:37:1d:95:57:c4:d5:8f:5b:cf: 98:90:88:d2:e5:4a:31:2f:be:ab:37:d1:28:33:7b:c9:31:50: 1f:51:78:16:f5:d4:9c:92:22:8b:71:2b:99:be:5b:95:e9:29: e0:0d:78:9a:ed:b0:0c:62:1e:f5:31:ac:e4:6d:b5:5f:fb:f6: 7a:be:b8:e6:a8:61:00:2c:f7:13:00:fc:8f:e0:0c:67:29:81: 80:6b:22:c3:a2:42:e1:ae:74:06:27:65:ba:39:fc:89:b5:e3: 8d:27:6b:74:a8:9a:73:ee:15:3c:27:28:70:87:68:ba:1b:66: 0e:52:c9:22:3d:fe:23:80:a9:6a:67:82:c7:f6:fc:a0:6c:81: 46:b0:f6:d8:ad:a7:cf:a1:cb:56:ea:db:59:c3:16:f8:cc:22: d5:5e:dd:e7:5d:a6:41:a7:b3:41:a1:f7:7e:bc:7b:ec:a7:a7: 5e:6d:9c:db:35:d4:f7:0e:9a:dc:df:30:e1:1f:57:09:55:c0: fe:14:de:13:a9:99:6c:91:d4:22:3e:80:2e:19:19:09:e6:b6: ef:5b:ae:2e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUbNa9aTt9xi3vFd1U8QzcpPbAr5MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwOTE1MzEyOVoX DTI1MDcxNDIzNTk1OVowejFJMEcGA1UEBRNAZDU0ZjE0NGE3NTM0NWU1MjEwYWZm ZGQxOTU1Y2U2NDc5YjlmMDUyMjVkNmNmYmQ1NTk1OGNlOTk3OWQyN2NkOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLKG648ZS5N6lHKFVWLMacgfWJms yzYAlySrsy/U/4Hzwj6qqgnME2EDboSSO4zFon4/ZrYQpotIIhC8wqve3/Pvma2o t5N5WCI5RQywF52hVn5YmFIG4lD6XetvmF6MYfRN2K1uJilsLc4A1ClVbH++Uo2S cN7eqFFKIxnE7cT1ZEeptq5f0eJvf1SJXiKs+xmBUGVW+tiDBMTjz/yYwiDszMWF MIX9bBLc5lg1AQFLlE78MHyBryOLu7Y7ARn7lE02UTBZKOjlFeqeEzUAy847dlX2 XyD3zh89aBGYDk7jdwqVChTLiXrFrwPNTiAvNuPGtnvKWg/GvPYQOqncTwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFaNx4bX6NIzAnjmy2M05QoHNnbqMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQzNDBkM2FiLTA2NjUtNGQ1ZC1iMTlmLTJmM2NlZjU4YjMyNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/yhAMA0GCSqGSIb3DQEBCwUAA4IBAQBkVfU1JxZfzTHpXz/x htzHoJF8+zgxuuvam2zsBuz0D25M+g3JjZHC7B/8Dcg3HZVXxNWPW8+YkIjS5Uox L76rN9EoM3vJMVAfUXgW9dSckiKLcSuZvluV6SngDXia7bAMYh71MazkbbVf+/Z6 vrjmqGEALPcTAPyP4AxnKYGAayLDokLhrnQGJ2W6OfyJteONJ2t0qJpz7hU8Jyhw h2i6G2YOUskiPf4jgKlqZ4LH9vygbIFGsPbYrafPoctW6ttZwxb4zCLVXt3nXaZB p7NBofd+vHvsp6debZzbNdT3Dprc3zDhH1cJVcD+FN4TqZlskdQiPoAuGRkJ5rbv W64u -----END CERTIFICATE-----Generated at Sun Jun 29 16:47:24 2025 by rpki-client