$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6ee8dd2d-118b-4944-8dc4-dc7103368204.roa File: 6ee8dd2d-118b-4944-8dc4-dc7103368204.roa (raw, json) Hash identifier: novMixG1ds8kbVW4iil/SOUC/VscAfqEDinWRgdldqU= Subject key identifier: AF:02:F4:C1:FC:B7:B9:13:56:5F:A3:B4:34:87:7B:20:37:3F:8F:41 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7136489399016C83108C845809A15D6F1D615444 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6ee8dd2d-118b-4944-8dc4-dc7103368204.roa Signing time: Fri 27 Jun 2025 00:00:47 +0000 ROA not before: Fri 27 Jun 2025 00:00:47 +0000 ROA not after: Fri 01 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:36:48:93:99:01:6c:83:10:8c:84:58:09:a1:5d:6f:1d:61:54:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 27 00:00:47 2025 GMT Not After : Aug 1 23:59:59 2025 GMT Subject: serialNumber=1098b4be9344fba7e09cf4e7112bd06325abdf0e49b8f4b5bb7d7ecae5e31c4f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:2a:2c:65:a7:c5:94:bd:90:9e:8d:7d:a1:d2: f0:cb:0a:81:6b:ac:51:ab:37:ac:ae:03:b7:65:55: 86:23:3f:5d:03:ff:f6:ff:90:bf:2f:c5:ee:4a:ac: 80:f1:62:50:79:73:60:52:f3:11:9f:8a:ae:ed:30: 63:1f:55:19:9d:56:65:77:42:64:45:e5:b8:be:29: 0a:23:b4:f9:d8:10:4b:ab:79:a0:8e:d6:ea:ff:e1: e4:5f:cb:29:6d:bf:50:28:a1:95:24:09:7f:a1:be: bf:f9:01:97:de:6a:51:5c:c9:4e:82:1a:fe:6f:db: 11:52:83:cc:7a:67:a1:d2:e8:00:49:94:96:1b:47: 3c:19:16:1c:1f:94:25:1c:ea:34:74:1c:0b:db:11: fc:4a:34:c1:4d:57:99:4d:b9:12:26:b5:ac:e0:da: 78:46:27:bb:9f:64:c4:85:02:e7:11:b2:ed:27:e9: 43:9c:2b:16:48:11:48:71:5d:63:36:b3:c9:a5:55: cd:b3:07:93:b9:00:38:d2:b4:2f:eb:08:63:5b:92: ee:70:fa:be:ce:93:e3:d4:f4:87:18:7b:ad:d4:2a: 05:a0:12:37:33:08:1d:25:d8:34:5c:28:9a:c1:d6: 9b:ae:70:73:70:00:fb:4d:47:92:43:a6:5d:a8:da: 11:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:02:F4:C1:FC:B7:B9:13:56:5F:A3:B4:34:87:7B:20:37:3F:8F:41 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6ee8dd2d-118b-4944-8dc4-dc7103368204.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:a000::/40 Signature Algorithm: sha256WithRSAEncryption 03:86:a7:12:eb:ee:0a:02:68:5b:ed:fc:50:db:5c:c3:2b:4d: e1:89:75:0a:2b:e5:c3:4f:a5:25:d4:f0:34:d6:4b:c7:4f:72: c4:37:c0:31:77:c6:98:9d:55:48:f3:f1:44:48:44:11:b3:ad: 4b:bd:83:18:64:5a:63:e7:c5:69:b8:ba:e2:c0:0b:dc:25:f7: 05:c3:ff:82:fe:d0:44:ec:e3:da:db:4a:0d:2e:58:21:18:2d: b7:7a:fe:ed:d8:54:f8:6a:fa:6a:f8:46:e9:5c:88:77:57:a6: 53:12:cd:48:6c:3a:bd:a0:56:37:4f:a3:4d:7e:86:9e:de:7d: b2:49:e4:b1:92:b3:f0:d1:f5:ac:6e:68:a4:09:8d:26:7e:0f: f4:36:71:34:7c:48:8a:16:2c:89:76:72:ea:2a:71:e1:8c:6a: bd:25:c1:23:c1:1c:f1:b1:2b:b6:ce:9d:31:b1:c3:97:4e:da: a9:d2:f7:8e:63:ab:fa:ea:17:c1:f1:19:31:c6:32:8e:a0:a4: 85:5d:bd:c1:7d:6f:7b:fc:ac:b2:80:ce:e1:cb:cc:0e:4f:e8: 11:c1:9c:bc:41:75:1b:5d:5e:10:ec:67:8c:5e:3e:a1:15:06: 88:89:99:f6:78:c8:d2:f8:9b:68:d8:17:84:17:81:3a:51:2a: de:00:7f:aa -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcTZIk5kBbIMQjIRYCaFdbx1hVEQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyNzAwMDA0N1oX DTI1MDgwMTIzNTk1OVowejFJMEcGA1UEBRNAMTA5OGI0YmU5MzQ0ZmJhN2UwOWNm NGU3MTEyYmQwNjMyNWFiZGYwZTQ5YjhmNGI1YmI3ZDdlY2FlNWUzMWM0ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yosZafFlL2Qno19odLwywqBa6xR qzesrgO3ZVWGIz9dA//2/5C/L8XuSqyA8WJQeXNgUvMRn4qu7TBjH1UZnVZld0Jk ReW4vikKI7T52BBLq3mgjtbq/+HkX8spbb9QKKGVJAl/ob6/+QGX3mpRXMlOghr+ b9sRUoPMemeh0ugASZSWG0c8GRYcH5QlHOo0dBwL2xH8SjTBTVeZTbkSJrWs4Np4 Rie7n2TEhQLnEbLtJ+lDnCsWSBFIcV1jNrPJpVXNsweTuQA40rQv6whjW5LucPq+ zpPj1PSHGHut1CoFoBI3MwgdJdg0XCiawdabrnBzcAD7TUeSQ6ZdqNoRNwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFK8C9MH8t7kTVl+jtDSHeyA3P49BMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZlZThkZDJkLTExOGItNDk0NC04ZGM0LWRjNzEwMzM2ODIwNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9qAwDQYJKoZIhvcNAQELBQADggEBAAOGpxLr7goCaFvt/FDb XMMrTeGJdQor5cNPpSXU8DTWS8dPcsQ3wDF3xpidVUjz8URIRBGzrUu9gxhkWmPn xWm4uuLAC9wl9wXD/4L+0ETs49rbSg0uWCEYLbd6/u3YVPhq+mr4RulciHdXplMS zUhsOr2gVjdPo01+hp7efbJJ5LGSs/DR9axuaKQJjSZ+D/Q2cTR8SIoWLIl2cuoq ceGMar0lwSPBHPGxK7bOnTGxw5dO2qnS945jq/rqF8HxGTHGMo6gpIVdvcF9b3v8 rLKAzuHLzA5P6BHBnLxBdRtdXhDsZ4xePqEVBoiJmfZ4yNL4m2jYF4QXgTpRKt4A f6o= -----END CERTIFICATE-----Generated at Sun Jun 29 11:57:16 2025 by rpki-client