$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7318f07c-8b30-4d74-8191-cb89a3eae284.roa File: 7318f07c-8b30-4d74-8191-cb89a3eae284.roa (raw, json) Hash identifier: Qk2v5wuJUeC3zDNwftAiJLJGTQwrVh20GWVYWLCQN7g= Subject key identifier: 3B:69:D3:6F:1A:C5:8A:FD:78:6C:85:6D:D1:CB:8F:91:2C:B8:BE:FA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3CD300AD48E513C04A635221700B47C409B4EC8C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7318f07c-8b30-4d74-8191-cb89a3eae284.roa Signing time: Mon 16 Jun 2025 15:00:06 +0000 ROA not before: Mon 16 Jun 2025 15:00:06 +0000 ROA not after: Mon 21 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daed:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:d3:00:ad:48:e5:13:c0:4a:63:52:21:70:0b:47:c4:09:b4:ec:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 16 15:00:06 2025 GMT Not After : Jul 21 23:59:59 2025 GMT Subject: serialNumber=a2c86e25411fe5ae7946d46bcbddf2225836fd601e305a11e0c3370da95f6ce5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:51:f0:8a:63:fa:0f:46:a7:4c:a9:9c:e7:dd: 57:51:8f:87:88:60:9e:aa:46:ad:a8:fe:47:5c:97: cf:b3:ef:cb:53:30:27:b2:51:04:d2:2a:ec:59:a6: 20:57:ac:e9:d7:44:34:d9:16:20:db:36:f3:86:dd: 45:08:e1:a4:b0:55:14:b7:1d:0f:cb:6f:f4:ee:3b: ef:be:12:2d:ff:49:23:b2:c3:fe:b9:94:e2:cc:39: 24:6b:ba:20:05:3c:61:93:75:cd:3f:9d:2e:7a:6e: 01:df:1d:27:0c:f3:09:fa:7d:bf:66:ae:28:a6:63: ea:a5:8a:64:dc:fd:e6:a3:1a:0a:5b:3a:9f:72:93: e2:84:34:ce:33:da:5d:6f:17:6d:d4:e2:25:43:45: 18:4e:fa:4c:15:b8:a2:75:cd:41:09:75:e7:12:44: 39:ab:e5:9a:79:29:7b:29:7a:ad:14:67:db:67:d7: 09:0c:ad:99:7f:f0:7d:72:38:0c:de:5e:7e:34:04: fd:dd:de:50:66:3f:47:34:84:72:f2:a8:be:b6:21: 7c:48:a1:9a:91:91:d7:cc:59:00:af:f2:56:ef:e4: 93:af:d4:66:db:70:ae:a1:e6:69:fa:f7:96:a6:78: d3:41:72:40:f0:52:4f:5e:d3:cf:ca:c6:21:62:3c: 3d:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:69:D3:6F:1A:C5:8A:FD:78:6C:85:6D:D1:CB:8F:91:2C:B8:BE:FA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7318f07c-8b30-4d74-8191-cb89a3eae284.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daed:6000::/40 Signature Algorithm: sha256WithRSAEncryption 79:37:52:1c:37:06:80:b5:6b:ab:db:15:06:8c:8f:ef:47:30: 9e:e9:48:d0:f4:aa:61:89:c4:55:cf:31:ae:94:a5:b5:08:40: ba:c0:7f:3d:5b:c3:9a:f5:c9:3d:fa:b6:13:63:6d:b4:0a:7c: c1:de:0a:ae:71:df:56:e3:51:f8:a6:61:b1:9a:7e:9b:e4:3b: 69:9a:d2:52:3b:a8:d7:bf:d6:9b:a5:1a:f6:ad:46:2b:37:09: fc:dd:15:c0:48:d6:02:6c:61:eb:03:91:ae:01:7a:6a:e7:c8: c3:96:89:7e:83:e5:0c:b0:32:fe:f2:0d:d3:b8:11:8b:69:09: 0f:cb:ec:3f:e9:9f:12:89:dc:31:c0:b4:85:35:0e:d7:58:d7: ed:03:50:99:8a:cd:9e:46:1a:ef:ec:af:35:cd:d3:76:2a:72: f7:b3:46:d4:55:42:76:dd:56:ac:3b:49:63:d5:8d:7f:f2:ff: ef:9c:e7:a2:dd:62:fd:4e:a3:b0:64:f6:3d:79:27:93:de:a9: 6f:82:9c:c2:54:16:a3:90:9f:80:97:6c:38:71:a7:50:f2:47: 94:05:79:2d:b9:b3:72:e5:14:7a:42:87:23:4c:78:24:81:0c: c1:9e:68:83:29:04:f1:97:22:85:fb:9b:ec:3a:73:97:40:32: 58:f3:46:73 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPNMArUjlE8BKY1IhcAtHxAm07IwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxNjE1MDAwNloX DTI1MDcyMTIzNTk1OVowejFJMEcGA1UEBRNAYTJjODZlMjU0MTFmZTVhZTc5NDZk NDZiY2JkZGYyMjI1ODM2ZmQ2MDFlMzA1YTExZTBjMzM3MGRhOTVmNmNlNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlHwimP6D0anTKmc591XUY+HiGCe qkatqP5HXJfPs+/LUzAnslEE0irsWaYgV6zp10Q02RYg2zbzht1FCOGksFUUtx0P y2/07jvvvhIt/0kjssP+uZTizDkka7ogBTxhk3XNP50uem4B3x0nDPMJ+n2/Zq4o pmPqpYpk3P3moxoKWzqfcpPihDTOM9pdbxdt1OIlQ0UYTvpMFbiidc1BCXXnEkQ5 q+WaeSl7KXqtFGfbZ9cJDK2Zf/B9cjgM3l5+NAT93d5QZj9HNIRy8qi+tiF8SKGa kZHXzFkAr/JW7+STr9Rm23CuoeZp+veWpnjTQXJA8FJPXtPPysYhYjw9HQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDtp028axYr9eGyFbdHLj5EsuL76MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzczMThmMDdjLThiMzAtNGQ3NC04MTkxLWNiODlhM2VhZTI4NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7WAwDQYJKoZIhvcNAQELBQADggEBAHk3Uhw3BoC1a6vbFQaM j+9HMJ7pSND0qmGJxFXPMa6UpbUIQLrAfz1bw5r1yT36thNjbbQKfMHeCq5x31bj UfimYbGafpvkO2ma0lI7qNe/1pulGvatRis3CfzdFcBI1gJsYesDka4BemrnyMOW iX6D5QywMv7yDdO4EYtpCQ/L7D/pnxKJ3DHAtIU1DtdY1+0DUJmKzZ5GGu/srzXN 03YqcvezRtRVQnbdVqw7SWPVjX/y/++c56LdYv1Oo7Bk9j15J5PeqW+CnMJUFqOQ n4CXbDhxp1DyR5QFeS25s3LlFHpChyNMeCSBDMGeaIMpBPGXIoX7m+w6c5dAMljz RnM= -----END CERTIFICATE-----Generated at Sun Jun 29 07:37:05 2025 by rpki-client