$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa File: aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa (raw, json) Hash identifier: p24tNYIj4RQ0Yc7+1nZT27M7jhBwfUJNzdr5oZwfhJ0= Subject key identifier: 4D:4D:50:CB:BF:20:4A:4D:2B:5C:1E:BB:61:47:0E:4F:BD:BE:97:03 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 26F65EDB73A10684AC03A42B4A722368B6814F3C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa Signing time: Tue 24 Jun 2025 00:00:09 +0000 ROA not before: Tue 24 Jun 2025 00:00:09 +0000 ROA not after: Tue 29 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:f6:5e:db:73:a1:06:84:ac:03:a4:2b:4a:72:23:68:b6:81:4f:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 24 00:00:09 2025 GMT Not After : Jul 29 23:59:59 2025 GMT Subject: serialNumber=094c66d23197e0662e02748c0a82c165432dc9b903119012c71b85329d7bcb56, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:06:57:a9:74:ae:df:55:80:5e:4e:99:54:a9: 96:dc:0a:c4:33:8b:f2:af:2a:b2:43:1b:e5:66:5a: 10:5a:98:fb:e4:85:c0:92:a7:c3:f9:81:1f:3d:be: 40:69:c6:80:75:f8:72:84:e1:61:e0:b0:cd:a5:51: 66:34:0a:5f:72:4f:73:ce:a9:35:23:66:c2:26:7f: ce:32:58:1c:6e:c1:ab:d9:73:cf:8b:3d:db:e8:7d: a1:0a:b9:6b:4e:d9:6c:1b:c2:bc:80:4f:4c:d0:03: 03:0e:6f:5b:d0:91:8b:b1:c2:de:e5:ca:40:87:86: 73:c1:f0:fc:e0:22:b0:06:26:b4:aa:cf:88:49:1b: ca:f4:bd:f6:ae:5d:e3:8a:3f:37:3b:fc:a7:3d:eb: bb:c0:70:32:53:6e:ad:d0:08:9e:0e:62:b3:05:fe: 7d:a1:b8:ff:b8:6b:7c:a4:02:72:c3:58:8f:f9:11: 52:5a:33:c7:ee:96:44:24:d3:f7:41:1a:3e:bc:2b: f0:dd:4e:79:9f:fb:dd:fc:1b:78:75:85:93:01:76: ed:c5:b0:fa:79:10:04:13:b5:68:9c:8c:60:27:6b: 38:4d:47:06:e2:a7:c5:21:bb:71:cb:69:9d:22:5d: a6:72:85:ab:ae:34:05:94:b9:cf:dd:cd:6c:27:9b: 48:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:4D:50:CB:BF:20:4A:4D:2B:5C:1E:BB:61:47:0E:4F:BD:BE:97:03 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:a000::/40 Signature Algorithm: sha256WithRSAEncryption 2a:e9:9d:77:60:8b:e0:52:a4:6e:c8:e4:c1:b3:f8:5e:aa:33: 61:18:38:d8:12:79:4c:35:95:ad:05:26:ea:b6:5c:6f:0d:74: 94:96:72:ca:b8:70:b0:8f:d8:6c:7c:ff:7c:c5:fa:0f:66:b0: ce:7f:83:ad:95:5e:a1:f9:0a:c7:96:b8:2b:72:0e:12:f7:5b: 35:35:0d:a3:c2:90:fc:6e:7a:33:58:1d:7d:60:ca:df:1e:8f: 04:f6:df:c8:a8:b4:65:5c:cd:c2:09:1e:36:7e:5c:7e:8e:23: 58:fb:e8:6c:88:95:61:5a:6d:8d:7b:da:b1:d5:77:22:2a:62: 17:c6:6d:f1:ef:bb:af:ba:9c:19:d0:f3:13:63:82:4f:34:0c: 8e:f7:aa:30:fe:88:d0:df:65:ff:31:58:8e:8b:4e:a4:97:99: 27:13:66:1e:84:1a:63:6a:e2:41:15:a7:bf:97:c3:01:11:4d: e8:14:dc:1e:09:1e:e3:46:3a:9a:c2:ef:7a:79:ce:8d:3a:92: 78:13:f7:45:4f:52:f3:19:83:06:05:90:05:a8:d8:5c:1b:da: 76:82:15:ad:5b:15:09:49:a4:66:e2:c1:32:43:42:20:35:54: f3:cf:d2:ec:98:1a:39:39:9a:f7:39:59:02:1d:98:0f:db:54: f5:c7:74:8d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJvZe23OhBoSsA6QrSnIjaLaBTzwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyNDAwMDAwOVoX DTI1MDcyOTIzNTk1OVowejFJMEcGA1UEBRNAMDk0YzY2ZDIzMTk3ZTA2NjJlMDI3 NDhjMGE4MmMxNjU0MzJkYzliOTAzMTE5MDEyYzcxYjg1MzI5ZDdiY2I1NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgZXqXSu31WAXk6ZVKmW3ArEM4vy ryqyQxvlZloQWpj75IXAkqfD+YEfPb5AacaAdfhyhOFh4LDNpVFmNApfck9zzqk1 I2bCJn/OMlgcbsGr2XPPiz3b6H2hCrlrTtlsG8K8gE9M0AMDDm9b0JGLscLe5cpA h4ZzwfD84CKwBia0qs+ISRvK9L32rl3jij83O/ynPeu7wHAyU26t0AieDmKzBf59 obj/uGt8pAJyw1iP+RFSWjPH7pZEJNP3QRo+vCvw3U55n/vd/Bt4dYWTAXbtxbD6 eRAEE7VonIxgJ2s4TUcG4qfFIbtxy2mdIl2mcoWrrjQFlLnP3c1sJ5tIdQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFE1NUMu/IEpNK1weu2FHDk+9vpcDMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FiYTIzMThjLWU5NmEtNDA1OC04ZTBjLTVhY2EyYjU2YWFkOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMqAwDQYJKoZIhvcNAQELBQADggEBACrpnXdgi+BSpG7I5MGz +F6qM2EYONgSeUw1la0FJuq2XG8NdJSWcsq4cLCP2Gx8/3zF+g9msM5/g62VXqH5 CseWuCtyDhL3WzU1DaPCkPxuejNYHX1gyt8ejwT238iotGVczcIJHjZ+XH6OI1j7 6GyIlWFabY172rHVdyIqYhfGbfHvu6+6nBnQ8xNjgk80DI73qjD+iNDfZf8xWI6L TqSXmScTZh6EGmNq4kEVp7+XwwERTegU3B4JHuNGOprC73p5zo06kngT90VPUvMZ gwYFkAWo2Fwb2naCFa1bFQlJpGbiwTJDQiA1VPPP0uyYGjk5mvc5WQIdmA/bVPXH dI0= -----END CERTIFICATE-----Generated at Sun Jun 29 02:58:28 2025 by rpki-client