$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8167b956-49b6-4bfc-b015-6dcca357c141.roa File: 8167b956-49b6-4bfc-b015-6dcca357c141.roa (raw, json) Hash identifier: TJ+EWd66EHSygtxvWPTRlGtExy15DIVEbpPyW6STZHA= Subject key identifier: 7A:B6:97:13:0A:CB:95:5A:D9:5C:B3:AA:99:3C:05:E3:42:25:BB:47 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 23F90767D51B4F71C93D29BAFC09002074BD554B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8167b956-49b6-4bfc-b015-6dcca357c141.roa Signing time: Tue 17 Jun 2025 00:00:09 +0000 ROA not before: Tue 17 Jun 2025 00:00:09 +0000 ROA not after: Tue 22 Jul 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:f9:07:67:d5:1b:4f:71:c9:3d:29:ba:fc:09:00:20:74:bd:55:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 17 00:00:09 2025 GMT Not After : Jul 22 23:59:59 2025 GMT Subject: serialNumber=6ef70a159463e625cbd483e50d0595dbdd3fa84c31bc97980a83fecb216d5de8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:84:65:2f:65:d1:f3:24:15:4f:bf:24:08:20:30: 29:9f:8b:02:81:ad:04:af:74:a5:b6:df:14:80:66: b2:f9:fc:87:91:38:ba:a4:cb:8c:ee:61:f8:21:1d: d7:ed:a8:75:d2:9b:03:e8:8d:04:90:fd:46:df:05: 9a:ba:bb:5a:5a:a1:48:37:0f:b5:cb:54:e7:db:45: bc:f8:2e:ff:1a:0a:9d:b9:8d:3a:af:7b:2d:a7:9f: e4:54:0a:e1:16:4e:51:3e:5f:d5:c4:1e:4f:f8:76: 89:5f:82:9e:4a:ef:75:ab:5c:56:57:b3:a8:3c:a4: a6:05:a7:30:de:46:7a:f4:0f:38:94:70:e1:88:a2: e0:83:ce:a8:75:ba:c1:ad:de:45:52:0c:1c:19:88: c7:6d:b7:58:69:46:6d:44:50:7d:bf:f0:3b:75:ce: 3c:2c:45:de:a3:d5:66:e2:2b:ab:a4:7f:0f:0f:30: da:2f:ca:22:04:2d:0f:3c:33:f9:9a:85:48:31:14: de:cf:8e:ee:28:75:32:c9:6c:ba:b8:05:26:61:12: 52:ea:9c:0d:ce:cf:eb:2d:13:55:b8:d7:12:d1:7d: b8:e9:ea:a6:0a:23:4a:8e:20:3b:4b:a7:88:00:46: 25:92:9e:f9:6a:f0:66:8e:b0:6f:99:a1:bd:51:10: 89:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:B6:97:13:0A:CB:95:5A:D9:5C:B3:AA:99:3C:05:E3:42:25:BB:47 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8167b956-49b6-4bfc-b015-6dcca357c141.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:7000::/40 Signature Algorithm: sha256WithRSAEncryption 10:1e:2c:17:6f:4c:87:6a:18:5c:6a:6e:19:65:08:1d:f4:11: b8:bc:73:13:7e:c4:17:93:3e:28:8d:55:16:a8:a3:4d:0d:89: f1:c3:c3:29:62:72:7a:a0:57:17:44:79:9d:9d:d7:91:c5:e4: 05:92:62:90:28:cc:1a:fd:c6:ce:ee:70:b3:df:9b:b9:f6:0b: e1:77:4a:06:ca:96:a6:a1:5c:69:6b:e7:9e:e2:a1:63:18:7c: 32:e7:ee:f4:95:9b:14:e3:57:f8:f4:d3:ce:91:a6:25:3d:c1: 43:b0:d6:95:51:1d:1f:6e:df:df:fc:c0:54:6a:65:7d:27:1c: 3a:4a:9f:60:a2:cd:e0:72:07:8b:a6:c0:9f:94:0a:0e:6c:9c: b1:08:b9:d1:24:dd:1b:d3:f8:9b:7e:05:a0:a1:66:f6:20:f0: 3e:9a:86:87:43:67:45:7e:97:67:29:29:53:2d:13:d7:7c:18: 4a:4b:80:4e:c7:7b:bc:d8:08:1c:9b:b1:9c:2d:ef:5a:6c:58: 9d:d2:1b:1c:8b:4a:b9:19:e7:c1:12:6c:cf:15:3e:0d:9a:45: 8f:d0:40:76:9d:7b:b6:11:4b:3f:7a:5a:fb:43:65:09:d9:95: bf:52:90:2e:e1:f4:a8:4d:ef:19:71:61:34:c3:cc:32:b0:9e: 48:59:8a:f1 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUI/kHZ9UbT3HJPSm6/AkAIHS9VUswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxNzAwMDAwOVoX DTI1MDcyMjIzNTk1OVowejFJMEcGA1UEBRNANmVmNzBhMTU5NDYzZTYyNWNiZDQ4 M2U1MGQwNTk1ZGJkZDNmYTg0YzMxYmM5Nzk4MGE4M2ZlY2IyMTZkNWRlODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGUvZdHzJBVPvyQIIDApn4sCga0E r3Sltt8UgGay+fyHkTi6pMuM7mH4IR3X7ah10psD6I0EkP1G3wWaurtaWqFINw+1 y1Tn20W8+C7/GgqduY06r3stp5/kVArhFk5RPl/VxB5P+HaJX4KeSu91q1xWV7Oo PKSmBacw3kZ69A84lHDhiKLgg86odbrBrd5FUgwcGYjHbbdYaUZtRFB9v/A7dc48 LEXeo9Vm4iurpH8PDzDaL8oiBC0PPDP5moVIMRTez47uKHUyyWy6uAUmYRJS6pwN zs/rLRNVuNcS0X246eqmCiNKjiA7S6eIAEYlkp75avBmjrBvmaG9URCJfwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHq2lxMKy5Va2Vyzqpk8BeNCJbtHMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzgxNjdiOTU2LTQ5YjYtNGJmYy1iMDE1LTZkY2NhMzU3YzE0MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba73AwDQYJKoZIhvcNAQELBQADggEBABAeLBdvTIdqGFxqbhll CB30Ebi8cxN+xBeTPiiNVRaoo00NifHDwylicnqgVxdEeZ2d15HF5AWSYpAozBr9 xs7ucLPfm7n2C+F3SgbKlqahXGlr557ioWMYfDLn7vSVmxTjV/j0086RpiU9wUOw 1pVRHR9u39/8wFRqZX0nHDpKn2CizeByB4umwJ+UCg5snLEIudEk3RvT+Jt+BaCh ZvYg8D6ahodDZ0V+l2cpKVMtE9d8GEpLgE7He7zYCBybsZwt71psWJ3SGxyLSrkZ 58ESbM8VPg2aRY/QQHade7YRSz96WvtDZQnZlb9SkC7h9KhN7xlxYTTDzDKwnkhZ ivE= -----END CERTIFICATE-----Generated at Sun Jun 29 08:58:49 2025 by rpki-client