$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/590bbdd1-35ba-48a7-9d01-91fa16220f4e.roa File: 590bbdd1-35ba-48a7-9d01-91fa16220f4e.roa (raw, json) Hash identifier: VsakQwfVGFzYbGb5MeZD6luaVaV1Hd4tAe88iPpMy+w= Subject key identifier: D3:94:99:27:E3:23:20:5F:4B:E4:6B:A5:D0:E9:19:28:62:04:1A:A3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 248F9798F72DE3C98F12D2264DDDCDC1CAA6F7AA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/590bbdd1-35ba-48a7-9d01-91fa16220f4e.roa Signing time: Mon 16 Jun 2025 15:00:19 +0000 ROA not before: Mon 16 Jun 2025 15:00:19 +0000 ROA not after: Mon 21 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daed:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:8f:97:98:f7:2d:e3:c9:8f:12:d2:26:4d:dd:cd:c1:ca:a6:f7:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 16 15:00:19 2025 GMT Not After : Jul 21 23:59:59 2025 GMT Subject: serialNumber=8845b6a7318ef68aaa135248dbaea290f833111da6bd84e8ce9002e64072f884, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:c9:6e:20:48:08:92:32:17:23:75:68:82:43: 89:a8:8f:0c:a7:05:d6:d5:fd:3b:51:dd:11:d3:74: 22:e9:51:a1:3c:01:cf:a6:2b:ae:79:8f:fc:99:55: 49:7e:a8:51:e1:bf:f9:e5:c1:59:bc:1e:52:65:9d: ac:07:4e:2c:0b:29:b7:35:72:7c:64:85:5c:ab:e4: 80:93:18:79:73:91:11:6d:c0:21:5e:3e:d0:28:b3: a2:e5:9c:1d:39:16:de:c2:93:be:98:3b:3b:cf:7b: df:ef:f0:85:1a:ae:c8:f9:e8:a2:93:cb:00:88:88: f0:9a:90:e6:ef:ae:bc:f8:92:2a:03:2d:42:cf:13: 64:a9:52:96:c5:4a:fe:fa:0b:6a:b2:bd:99:91:fe: a9:da:c9:1b:f5:19:51:6a:0a:f1:63:e8:c2:18:46: 86:ed:f8:2f:0a:9b:4a:5d:45:d3:a7:0e:85:a2:db: 5d:75:81:3d:55:68:ca:d5:70:5c:0d:74:d4:14:ea: cd:f5:ad:41:3c:fd:15:95:33:d9:66:bc:30:09:28: 12:4c:87:55:0e:50:d6:4f:1a:36:b4:d1:b5:f1:13: 81:64:01:12:f6:95:05:ab:7e:1d:0f:27:bf:ac:74: 28:13:c2:98:6c:4a:d7:de:be:3e:a3:17:b2:e8:29: 06:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:94:99:27:E3:23:20:5F:4B:E4:6B:A5:D0:E9:19:28:62:04:1A:A3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/590bbdd1-35ba-48a7-9d01-91fa16220f4e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daed:e000::/40 Signature Algorithm: sha256WithRSAEncryption 22:73:c2:07:d9:ca:2a:e2:a5:62:08:83:56:e5:b8:66:9c:07: 01:c3:86:9c:ac:00:c1:d3:77:2e:f1:29:a2:21:f4:92:da:65: a7:55:65:cf:c0:42:56:9c:7d:3c:3f:89:27:0b:e2:c6:29:43: 97:62:bf:48:ca:f5:b3:a2:07:1a:38:02:8b:ef:8c:f7:0e:e7: 6a:c0:54:e0:81:a8:61:77:15:03:6c:db:40:5d:cf:40:cb:42: 40:4e:3f:e3:61:6b:91:66:ed:4e:3e:24:0e:16:b6:29:8d:64: 42:57:d5:62:35:c6:57:40:49:90:6a:16:b8:c3:11:80:17:6d: b4:2e:29:3c:55:bd:e9:8c:07:48:5b:d3:2a:03:c4:91:10:f1: 98:d7:29:48:a3:95:bb:96:ab:7a:e2:fb:3f:c9:b1:7c:c5:b3: b3:5a:d0:eb:b6:a9:11:af:69:74:ea:c6:73:95:b0:d5:80:a8: 89:3c:81:65:44:10:ae:3d:0e:dc:c0:24:bc:a6:64:cd:b9:c3: 03:10:3e:5f:5c:9a:a3:70:f5:38:01:7c:61:ed:90:19:dd:20: 76:00:74:42:47:dc:69:aa:23:14:85:a1:17:fa:58:23:f2:78: 4c:e0:df:f2:0f:25:13:c6:94:7c:0a:ba:5e:f1:f5:f1:02:26: 3f:c3:a1:c1 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJI+XmPct48mPEtImTd3Nwcqm96owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxNjE1MDAxOVoX DTI1MDcyMTIzNTk1OVowejFJMEcGA1UEBRNAODg0NWI2YTczMThlZjY4YWFhMTM1 MjQ4ZGJhZWEyOTBmODMzMTExZGE2YmQ4NGU4Y2U5MDAyZTY0MDcyZjg4NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMluIEgIkjIXI3VogkOJqI8MpwXW 1f07Ud0R03Qi6VGhPAHPpiuueY/8mVVJfqhR4b/55cFZvB5SZZ2sB04sCym3NXJ8 ZIVcq+SAkxh5c5ERbcAhXj7QKLOi5ZwdORbewpO+mDs7z3vf7/CFGq7I+eiik8sA iIjwmpDm7668+JIqAy1CzxNkqVKWxUr++gtqsr2Zkf6p2skb9RlRagrxY+jCGEaG 7fgvCptKXUXTpw6FottddYE9VWjK1XBcDXTUFOrN9a1BPP0VlTPZZrwwCSgSTIdV DlDWTxo2tNG18ROBZAES9pUFq34dDye/rHQoE8KYbErX3r4+oxey6CkGWQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNOUmSfjIyBfS+RrpdDpGShiBBqjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU5MGJiZGQxLTM1YmEtNDhhNy05ZDAxLTkxZmExNjIyMGY0ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7eAwDQYJKoZIhvcNAQELBQADggEBACJzwgfZyiripWIIg1bl uGacBwHDhpysAMHTdy7xKaIh9JLaZadVZc/AQlacfTw/iScL4sYpQ5div0jK9bOi Bxo4AovvjPcO52rAVOCBqGF3FQNs20Bdz0DLQkBOP+Nha5Fm7U4+JA4WtimNZEJX 1WI1xldASZBqFrjDEYAXbbQuKTxVvemMB0hb0yoDxJEQ8ZjXKUijlbuWq3ri+z/J sXzFs7Na0Ou2qRGvaXTqxnOVsNWAqIk8gWVEEK49DtzAJLymZM25wwMQPl9cmqNw 9TgBfGHtkBndIHYAdEJH3GmqIxSFoRf6WCPyeEzg3/IPJRPGlHwKul7x9fECJj/D ocE= -----END CERTIFICATE-----Generated at Sun Jun 29 11:03:24 2025 by rpki-client