$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/75fce456-5901-4b20-bd6e-e79945bb44d1.roa File: 75fce456-5901-4b20-bd6e-e79945bb44d1.roa (raw, json) Hash identifier: Tu4VraAVLVB1I8J/5XQNERjMHuevucToXKQrl0CfuCA= Subject key identifier: D6:9D:D4:F8:81:86:5E:71:E7:47:1D:CB:1F:7B:DE:53:DF:94:AE:D2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3CC57BFAD100FE699079DEDACC3C7B1BAF117344 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/75fce456-5901-4b20-bd6e-e79945bb44d1.roa Signing time: Fri 27 Jun 2025 00:00:45 +0000 ROA not before: Fri 27 Jun 2025 00:00:45 +0000 ROA not after: Fri 01 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:a000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:c5:7b:fa:d1:00:fe:69:90:79:de:da:cc:3c:7b:1b:af:11:73:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 27 00:00:45 2025 GMT Not After : Aug 1 23:59:59 2025 GMT Subject: serialNumber=5e389a0fd941690db0b3ad3461b7f173a536554150aa4dc9f4f38d0dd106a927, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:48:b0:93:4d:92:ff:cf:eb:d3:3d:14:d7:1e: 79:96:0f:f4:40:e0:32:86:be:88:43:e3:16:98:0a: d2:a3:21:68:96:1c:ed:96:95:88:3b:58:0b:40:d8: e8:f1:8c:88:ce:ba:57:84:f8:e4:bf:0b:80:70:43: d9:b9:94:43:f7:71:dd:15:71:58:f9:a9:04:66:b6: 33:11:96:3e:87:e3:51:61:87:13:8a:15:01:43:8b: 24:b2:a5:9f:f6:f8:c9:0f:18:51:77:4b:e4:7c:ab: eb:3e:75:c4:7c:05:76:7e:a3:86:5e:3d:75:89:8d: 98:6d:7b:26:3d:ac:2d:1c:ef:3a:05:f2:79:c3:30: 98:70:42:e1:f9:c0:6a:9c:fa:0f:c6:7e:5e:04:b1: 2b:90:27:53:b2:61:ed:ef:de:2a:6d:e2:f9:32:27: f3:62:b3:76:c5:dc:08:53:ad:d0:b2:06:2d:19:21: 83:dd:d5:21:b6:be:c6:e7:33:ad:7e:00:76:9d:68: 24:1f:c4:a7:6a:d1:16:e0:a4:af:b5:26:de:9a:a0: 28:fa:70:a5:eb:d9:8a:cb:52:51:dc:1d:ba:8c:eb: a1:8d:b8:18:8e:0f:c1:fb:7a:43:63:46:41:77:ff: 11:20:c6:50:06:95:96:53:5d:64:a3:96:ac:16:c8: ff:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:9D:D4:F8:81:86:5E:71:E7:47:1D:CB:1F:7B:DE:53:DF:94:AE:D2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/75fce456-5901-4b20-bd6e-e79945bb44d1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:a000::/48 Signature Algorithm: sha256WithRSAEncryption 24:a1:53:61:90:6d:c3:49:4d:c5:86:d2:e8:58:b5:e5:02:d0: 3f:f1:1e:0f:95:32:d1:14:fa:af:bd:d9:84:ec:02:63:be:88: ff:88:b7:ad:e4:64:dd:45:c5:af:84:54:8c:af:11:04:06:bb: 3c:7d:e4:6d:f9:cb:d6:b4:82:22:4b:4d:35:29:cc:03:c4:f3: 98:e7:0c:49:f4:7a:96:a9:9d:da:53:b2:b9:bb:67:22:78:0f: d8:e9:1b:37:95:94:60:41:a0:a3:82:76:3e:38:f6:ba:a3:65: 94:a4:b2:50:19:2c:cc:f5:29:d1:bb:4e:60:4a:bf:1c:65:ca: cb:f7:b0:ad:4e:a1:d7:55:e5:1d:04:cc:c4:6d:c3:d6:a1:89: 6a:92:3a:20:2a:84:aa:80:73:d6:40:02:31:c3:b4:6f:6c:be: af:88:9f:3f:46:18:6d:a0:3d:1d:be:29:b2:f6:cf:47:f1:62: 26:0b:07:5c:12:d8:64:6e:59:a6:f2:71:4d:e8:7c:28:42:9a: 9e:03:74:8d:80:01:3a:45:6e:c3:84:f1:d2:3b:72:22:22:86: 60:bf:a7:2d:68:4c:61:15:e0:34:e7:6c:ae:d3:33:c6:c2:ea: b4:55:b9:d7:35:d5:7d:b6:0d:59:9f:b9:e2:92:de:61:93:0f: 73:f8:00:72 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUPMV7+tEA/mmQed7azDx7G68Rc0QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyNzAwMDA0NVoX DTI1MDgwMTIzNTk1OVowejFJMEcGA1UEBRNANWUzODlhMGZkOTQxNjkwZGIwYjNh ZDM0NjFiN2YxNzNhNTM2NTU0MTUwYWE0ZGM5ZjRmMzhkMGRkMTA2YTkyNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEiwk02S/8/r0z0U1x55lg/0QOAy hr6IQ+MWmArSoyFolhztlpWIO1gLQNjo8YyIzrpXhPjkvwuAcEPZuZRD93HdFXFY +akEZrYzEZY+h+NRYYcTihUBQ4sksqWf9vjJDxhRd0vkfKvrPnXEfAV2fqOGXj11 iY2YbXsmPawtHO86BfJ5wzCYcELh+cBqnPoPxn5eBLErkCdTsmHt794qbeL5Mifz YrN2xdwIU63QsgYtGSGD3dUhtr7G5zOtfgB2nWgkH8SnatEW4KSvtSbemqAo+nCl 69mKy1JR3B26jOuhjbgYjg/B+3pDY0ZBd/8RIMZQBpWWU11ko5asFsj/XQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNad1PiBhl5x50cdyx973lPflK7SMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc1ZmNlNDU2LTU5MDEtNGIyMC1iZDZlLWU3OTk0NWJiNDRkMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9qAAMA0GCSqGSIb3DQEBCwUAA4IBAQAkoVNhkG3DSU3FhtLo WLXlAtA/8R4PlTLRFPqvvdmE7AJjvoj/iLet5GTdRcWvhFSMrxEEBrs8feRt+cvW tIIiS001KcwDxPOY5wxJ9HqWqZ3aU7K5u2cieA/Y6Rs3lZRgQaCjgnY+OPa6o2WU pLJQGSzM9SnRu05gSr8cZcrL97CtTqHXVeUdBMzEbcPWoYlqkjogKoSqgHPWQAIx w7RvbL6viJ8/RhhtoD0dvimy9s9H8WImCwdcEthkblmm8nFN6HwoQpqeA3SNgAE6 RW7DhPHSO3IiIoZgv6ctaExhFeA052yu0zPGwuq0VbnXNdV9tg1Zn7nikt5hkw9z +ABy -----END CERTIFICATE-----Generated at Sun Jun 29 03:59:22 2025 by rpki-client