$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6de13c1e-8034-41b3-90e3-760249997c22.roa File: 6de13c1e-8034-41b3-90e3-760249997c22.roa (raw, json) Hash identifier: PLolZBmAI9QL/7AuYHBUp7GnKcGoPFT9dmSLvZDPjEw= Subject key identifier: 0E:99:43:1C:30:12:64:C3:0A:03:C9:3E:D0:94:DF:BD:E2:76:AD:25 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 32A4F824819E38295FC89361D04CF17E7FA2EB08 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6de13c1e-8034-41b3-90e3-760249997c22.roa Signing time: Wed 25 Jun 2025 00:01:02 +0000 ROA not before: Wed 25 Jun 2025 00:01:02 +0000 ROA not after: Wed 30 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:a4:f8:24:81:9e:38:29:5f:c8:93:61:d0:4c:f1:7e:7f:a2:eb:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 25 00:01:02 2025 GMT Not After : Jul 30 23:59:59 2025 GMT Subject: serialNumber=006da4fe3ef071ec8e01a3c9cee5b66a74935a32dfc30f5b706bb8370d722f1b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:9a:f9:b2:90:31:7f:3c:62:8b:1b:46:e3:9b: 29:cf:eb:47:f6:de:92:e4:e7:a6:bc:04:27:c8:38: 8d:12:67:8d:dd:7e:a0:94:37:7b:42:34:47:80:1e: d5:7d:a8:af:fd:67:25:71:5d:4c:ad:ac:80:f8:26: 54:e6:49:72:7a:04:1f:cb:06:f1:12:8c:1a:c1:0d: ad:53:a8:48:95:ba:34:6a:2c:4f:1d:7f:4c:b8:f0: 5a:3c:6d:53:f8:71:26:46:ef:73:fc:3b:e9:b9:80: d8:cb:c8:47:64:e0:50:89:7f:41:b1:98:77:e4:0e: aa:90:98:59:53:3b:62:6b:10:c1:30:8e:41:25:20: 53:da:5c:a7:02:b3:87:64:9a:10:90:90:81:8b:2d: 93:68:8c:57:12:41:e1:66:21:ae:1d:4a:71:e3:b5: 2b:61:0d:81:76:48:5d:10:0c:6b:2c:ec:cf:58:31: dd:c9:ec:5c:3f:59:65:9f:31:a7:bf:98:8d:a9:78: 24:86:05:b1:3c:02:d4:f6:8d:63:69:ee:d7:68:1f: e0:eb:6b:e4:70:9e:ab:0c:27:26:19:24:1a:dc:0b: 11:38:8b:7a:2d:a5:a0:5f:45:c7:d5:ca:6b:68:14: b7:a4:c1:7f:d3:c1:80:38:e1:4c:c9:6c:c1:8f:61: c9:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:99:43:1C:30:12:64:C3:0A:03:C9:3E:D0:94:DF:BD:E2:76:AD:25 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6de13c1e-8034-41b3-90e3-760249997c22.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:8800::/40 Signature Algorithm: sha256WithRSAEncryption 84:76:ba:82:82:45:1e:9c:da:6c:37:30:5a:c9:b6:f8:3d:c4: 98:da:61:bc:64:0d:85:8a:b7:e5:be:65:38:d6:eb:8b:a5:87: 91:20:e9:1b:07:79:d2:83:99:98:d6:b0:be:e9:41:eb:8f:82: ac:5b:cb:37:08:f9:15:2e:33:bc:f7:d8:b5:b3:e3:8b:e1:2c: 75:bc:3a:d3:82:58:20:5f:4d:a1:82:03:a3:c4:cc:11:10:de: 9a:f6:ba:61:39:63:de:52:ee:bb:1a:a2:63:fe:0f:00:c6:24: ae:a8:58:1b:78:a0:30:9a:6a:11:cb:4f:c9:d3:ff:0d:0c:20: 73:02:88:75:77:fe:e1:01:06:6c:40:a6:06:3a:e1:37:ff:e0: b1:1a:37:42:23:0d:54:43:17:8d:bc:3e:80:b3:d9:ef:a6:88: 0c:53:f9:e9:ae:2c:bb:33:d5:fc:4e:dc:4a:17:f7:fb:5d:9c: f2:0d:59:72:4c:e1:20:03:0a:b3:28:fa:50:7a:60:25:d1:95: b8:28:52:a7:ea:d1:65:a1:cf:da:f1:cb:c9:52:a1:b5:24:0c: ad:3d:0c:9d:ea:c4:f3:4d:e5:36:27:93:79:5c:cf:e8:b3:f7: e6:d2:95:9b:40:28:bb:c7:a5:f1:e8:da:a8:9c:31:a1:59:82: ad:47:91:2c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUMqT4JIGeOClfyJNh0Ezxfn+i6wgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyNTAwMDEwMloX DTI1MDczMDIzNTk1OVowejFJMEcGA1UEBRNAMDA2ZGE0ZmUzZWYwNzFlYzhlMDFh M2M5Y2VlNWI2NmE3NDkzNWEzMmRmYzMwZjViNzA2YmI4MzcwZDcyMmYxYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZr5spAxfzxiixtG45spz+tH9t6S 5OemvAQnyDiNEmeN3X6glDd7QjRHgB7Vfaiv/WclcV1MrayA+CZU5klyegQfywbx EowawQ2tU6hIlbo0aixPHX9MuPBaPG1T+HEmRu9z/DvpuYDYy8hHZOBQiX9BsZh3 5A6qkJhZUztiaxDBMI5BJSBT2lynArOHZJoQkJCBiy2TaIxXEkHhZiGuHUpx47Ur YQ2BdkhdEAxrLOzPWDHdyexcP1llnzGnv5iNqXgkhgWxPALU9o1jae7XaB/g62vk cJ6rDCcmGSQa3AsROIt6LaWgX0XH1cpraBS3pMF/08GAOOFMyWzBj2HJwQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFA6ZQxwwEmTDCgPJPtCU373idq0lMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZkZTEzYzFlLTgwMzQtNDFiMy05MGUzLTc2MDI0OTk5N2MyMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/ogwDQYJKoZIhvcNAQELBQADggEBAIR2uoKCRR6c2mw3MFrJ tvg9xJjaYbxkDYWKt+W+ZTjW64ulh5Eg6RsHedKDmZjWsL7pQeuPgqxbyzcI+RUu M7z32LWz44vhLHW8OtOCWCBfTaGCA6PEzBEQ3pr2umE5Y95S7rsaomP+DwDGJK6o WBt4oDCaahHLT8nT/w0MIHMCiHV3/uEBBmxApgY64Tf/4LEaN0IjDVRDF428PoCz 2e+miAxT+emuLLsz1fxO3EoX9/tdnPINWXJM4SADCrMo+lB6YCXRlbgoUqfq0WWh z9rxy8lSobUkDK09DJ3qxPNN5TYnk3lcz+iz9+bSlZtAKLvHpfHo2qicMaFZgq1H kSw= -----END CERTIFICATE-----Generated at Sun Jun 29 04:02:32 2025 by rpki-client