$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/743b890a-7e61-4b72-82d0-b83a580809c5.roa File: 743b890a-7e61-4b72-82d0-b83a580809c5.roa (raw, json) Hash identifier: pHCxXDbeP1GaxIp8NWPZOXyI2fIY0h2GgVerZvR/blo= Subject key identifier: 0A:A9:F0:48:63:4B:DD:2C:06:8F:96:46:2A:D6:17:EE:BE:F7:EB:40 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3896B5B387AFF090634CC751BFDEE010E150585E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/743b890a-7e61-4b72-82d0-b83a580809c5.roa Signing time: Tue 17 Jun 2025 00:00:57 +0000 ROA not before: Tue 17 Jun 2025 00:00:57 +0000 ROA not after: Tue 22 Jul 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:96:b5:b3:87:af:f0:90:63:4c:c7:51:bf:de:e0:10:e1:50:58:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 17 00:00:57 2025 GMT Not After : Jul 22 23:59:59 2025 GMT Subject: serialNumber=7dbc6f5fa9117f4f6e233577e446917c3178760add4cd66bad49bafd795fa6b0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:5c:28:ac:e2:a2:d4:05:5a:41:d3:cd:f1:b0: e8:70:a7:2b:a5:48:cc:85:1b:71:9f:0b:4d:2f:a7: d8:51:7a:f9:db:8f:1b:37:32:f1:5e:4e:33:20:d8: 7a:23:28:ce:b0:94:ec:82:33:37:f4:5d:cc:a8:0f: 5a:56:da:6a:95:cc:e9:ed:2c:79:22:15:a8:d0:6a: c2:10:29:5b:83:bd:b1:e2:8c:82:a1:60:7b:ee:f3: 6d:06:63:77:ff:3b:2e:2b:e1:0c:92:8e:6c:74:e8: ba:84:6e:bf:b4:43:73:48:69:7f:76:be:e8:70:4a: 00:3b:46:a5:63:92:7f:d5:c7:ba:34:36:8a:09:94: 18:87:a4:7c:54:3b:c4:88:83:29:20:f5:a0:25:92: 90:5d:31:11:39:28:a4:0d:de:aa:35:44:62:9d:a8: d1:71:c4:d7:6e:17:7d:df:ad:a2:ec:b4:06:35:34: 14:be:37:b4:17:4e:86:16:f0:74:70:fb:2e:73:c1: 3c:75:87:b1:b1:3e:a0:1e:f5:d1:e4:4d:73:5b:b8: d5:8c:d3:37:4b:0b:1f:7d:9c:94:88:ba:5f:c7:3a: b9:36:cb:04:9a:f7:33:e9:30:ba:6a:7e:7b:23:83: 7c:03:7e:8d:1a:da:dd:47:22:66:f6:cc:e3:5d:47: 0e:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:A9:F0:48:63:4B:DD:2C:06:8F:96:46:2A:D6:17:EE:BE:F7:EB:40 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/743b890a-7e61-4b72-82d0-b83a580809c5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:8800::/40 Signature Algorithm: sha256WithRSAEncryption 99:d7:4c:96:d2:91:90:9b:fc:d3:bc:df:49:fd:f6:8f:7d:0a: 2c:67:18:04:9b:fa:78:ef:4e:df:7e:82:91:75:9a:77:76:4f: 4b:e2:c7:ea:34:9f:32:08:71:84:aa:eb:23:6a:3b:9a:f6:7f: 93:36:9d:39:66:06:f6:b5:c6:cb:cf:a9:d5:64:2f:a9:e6:77: 82:56:ba:0f:c8:11:a1:5f:23:8b:86:42:9e:7e:e4:e3:96:4a: 85:61:08:10:1b:13:fb:1b:a6:19:6b:06:f4:12:38:fa:5c:c6: 4d:31:84:c3:42:c6:09:18:06:88:50:14:37:33:83:28:93:b0: cd:be:c3:7a:6e:5e:3b:db:1c:c2:cb:1e:81:8f:da:f9:86:85: fa:e6:7d:25:88:b7:ba:8d:1b:b5:49:71:28:5a:01:73:5b:51: d0:e2:e0:08:98:26:98:1a:b8:ed:ac:04:5b:66:60:10:04:54: 0c:10:23:7a:a5:2c:76:9c:16:04:84:f6:ad:60:1b:31:87:ad: 7e:6f:7f:f4:4e:b0:03:47:45:a6:74:d3:00:88:bc:30:55:f5: de:09:b7:a6:8c:8c:07:be:20:98:7c:dd:de:85:9f:ae:f3:a2: da:f0:e2:6a:e1:ab:28:e9:29:fc:fc:2e:18:d7:e1:9c:68:33: dc:41:fd:6f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOJa1s4ev8JBjTMdRv97gEOFQWF4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxNzAwMDA1N1oX DTI1MDcyMjIzNTk1OVowejFJMEcGA1UEBRNAN2RiYzZmNWZhOTExN2Y0ZjZlMjMz NTc3ZTQ0NjkxN2MzMTc4NzYwYWRkNGNkNjZiYWQ0OWJhZmQ3OTVmYTZiMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FworOKi1AVaQdPN8bDocKcrpUjM hRtxnwtNL6fYUXr5248bNzLxXk4zINh6IyjOsJTsgjM39F3MqA9aVtpqlczp7Sx5 IhWo0GrCEClbg72x4oyCoWB77vNtBmN3/zsuK+EMko5sdOi6hG6/tENzSGl/dr7o cEoAO0alY5J/1ce6NDaKCZQYh6R8VDvEiIMpIPWgJZKQXTEROSikDd6qNURinajR ccTXbhd9362i7LQGNTQUvje0F06GFvB0cPsuc8E8dYexsT6gHvXR5E1zW7jVjNM3 SwsffZyUiLpfxzq5NssEmvcz6TC6an57I4N8A36NGtrdRyJm9szjXUcOOQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAqp8EhjS90sBo+WRirWF+6+9+tAMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc0M2I4OTBhLTdlNjEtNGI3Mi04MmQwLWI4M2E1ODA4MDljNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba74gwDQYJKoZIhvcNAQELBQADggEBAJnXTJbSkZCb/NO830n9 9o99CixnGASb+njvTt9+gpF1mnd2T0vix+o0nzIIcYSq6yNqO5r2f5M2nTlmBva1 xsvPqdVkL6nmd4JWug/IEaFfI4uGQp5+5OOWSoVhCBAbE/sbphlrBvQSOPpcxk0x hMNCxgkYBohQFDczgyiTsM2+w3puXjvbHMLLHoGP2vmGhfrmfSWIt7qNG7VJcSha AXNbUdDi4AiYJpgauO2sBFtmYBAEVAwQI3qlLHacFgSE9q1gGzGHrX5vf/ROsANH RaZ00wCIvDBV9d4Jt6aMjAe+IJh83d6Fn67zotrw4mrhqyjpKfz8LhjX4ZxoM9xB /W8= -----END CERTIFICATE-----Generated at Sun Jun 29 10:34:01 2025 by rpki-client