$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af8dad8f-1b43-44a7-a8af-fef9607356c3.roa File: af8dad8f-1b43-44a7-a8af-fef9607356c3.roa (raw, json) Hash identifier: k9jdq5WvJ6prmIPdvqlCClBqbo3cuUuWvdtDxssLs/o= Subject key identifier: 1E:A1:80:4B:33:B2:6C:A7:66:E0:7F:F1:B9:02:CA:2B:14:12:DC:69 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 321EBFA47604AE098826D7A61E843D5A3EEFD11D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af8dad8f-1b43-44a7-a8af-fef9607356c3.roa Signing time: Tue 17 Jun 2025 00:00:55 +0000 ROA not before: Tue 17 Jun 2025 00:00:55 +0000 ROA not after: Tue 22 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daef:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:1e:bf:a4:76:04:ae:09:88:26:d7:a6:1e:84:3d:5a:3e:ef:d1:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 17 00:00:55 2025 GMT Not After : Jul 22 23:59:59 2025 GMT Subject: serialNumber=987040ff0a00d21b48ae06c8d5758b923970c31c274a50a7a486d5165856abdc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:87:0f:5f:2c:c8:86:b6:b8:c6:38:ab:2e:00: bf:08:3e:41:65:31:2b:ef:cf:0e:cf:ac:12:a8:8d: 78:50:14:1c:2c:ef:43:5c:52:20:42:55:fc:4d:c4: 3c:05:60:4b:bc:a6:80:fd:cb:2e:11:e8:b9:64:2f: 4c:4e:ef:0b:d6:d1:b4:be:19:c4:0c:55:ce:4a:f2: 56:d3:d5:93:1b:3a:b4:b0:65:58:12:ac:a9:90:6f: 5e:12:5d:0e:ad:8e:cf:01:79:b7:fa:cc:1c:fd:93: 04:2f:c6:e5:eb:d9:f4:51:5e:b5:c6:f0:a4:2b:77: 1c:d3:2b:a0:15:4f:9e:20:9d:44:78:f8:c5:6e:47: 7e:0d:02:13:97:87:4c:6c:d4:3a:2c:5e:55:b4:1f: cf:d9:b5:f4:34:88:cb:70:82:da:eb:11:f0:97:80: 42:6e:df:5a:bc:35:d8:b8:d2:2b:40:95:50:73:50: 6a:8a:ed:cd:cb:5e:4c:b6:d4:a4:a4:fd:36:69:e8: be:0e:69:b1:5c:49:59:45:0d:c9:60:5e:83:33:5c: 3e:85:d9:0f:1a:c7:ba:8f:0b:f7:77:c6:2a:70:f3: 88:22:e8:8f:af:c5:41:5a:55:e9:0a:75:3e:f9:a1: fd:4c:9c:70:6d:d3:c0:e7:3b:d6:30:d0:ea:92:be: d6:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:A1:80:4B:33:B2:6C:A7:66:E0:7F:F1:B9:02:CA:2B:14:12:DC:69 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af8dad8f-1b43-44a7-a8af-fef9607356c3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:f000::/40 Signature Algorithm: sha256WithRSAEncryption b2:c2:eb:f2:e8:56:17:de:39:2e:07:fa:a7:83:08:f5:a7:cf: 9e:f1:64:ac:08:2e:10:b0:50:00:1f:ba:54:fb:ab:83:c5:c2: ad:fe:b4:a1:fc:55:59:bc:28:b9:e0:f0:e0:cd:be:93:c2:c2: 2d:63:50:3d:2e:07:69:42:86:68:fe:7c:eb:28:2e:6c:e9:51: 85:75:31:e2:a9:38:15:c8:2e:38:61:2c:b3:12:8e:8b:ae:42: 96:b5:9b:ec:29:3e:5c:8b:5e:8d:88:91:19:1a:76:70:72:d0: db:c3:5c:6e:53:46:23:85:b8:0a:88:8f:10:11:d2:1c:08:d2: 61:e5:21:dd:e6:72:d0:91:57:e8:0b:37:d8:b6:27:6d:35:f0: 14:fe:49:76:49:d7:36:c8:eb:8e:43:16:00:fc:eb:4c:f9:de: 0f:da:0a:0f:6a:a1:4b:d1:d8:5e:09:06:72:23:a2:0c:78:e0: 2c:9d:50:2c:23:87:0b:b7:f4:a2:5d:ff:6b:e7:c8:6e:96:27: 4b:33:e5:3a:71:dd:29:f4:54:0f:6e:4c:96:d0:86:10:9f:ef: f6:75:5c:d6:0e:b3:fa:fb:a2:8e:e8:17:37:ea:24:25:72:48: b5:c3:ca:45:3d:22:cc:c1:e3:e5:d6:56:ad:c5:aa:66:7e:b5: e9:d0:d1:3b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUMh6/pHYErgmIJtemHoQ9Wj7v0R0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYxNzAwMDA1NVoX DTI1MDcyMjIzNTk1OVowejFJMEcGA1UEBRNAOTg3MDQwZmYwYTAwZDIxYjQ4YWUw NmM4ZDU3NThiOTIzOTcwYzMxYzI3NGE1MGE3YTQ4NmQ1MTY1ODU2YWJkYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwocPXyzIhra4xjirLgC/CD5BZTEr 788Oz6wSqI14UBQcLO9DXFIgQlX8TcQ8BWBLvKaA/csuEei5ZC9MTu8L1tG0vhnE DFXOSvJW09WTGzq0sGVYEqypkG9eEl0OrY7PAXm3+swc/ZMEL8bl69n0UV61xvCk K3cc0yugFU+eIJ1EePjFbkd+DQITl4dMbNQ6LF5VtB/P2bX0NIjLcILa6xHwl4BC bt9avDXYuNIrQJVQc1Bqiu3Ny15MttSkpP02aei+DmmxXElZRQ3JYF6DM1w+hdkP Gse6jwv3d8YqcPOIIuiPr8VBWlXpCnU++aH9TJxwbdPA5zvWMNDqkr7W8wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFB6hgEszsmynZuB/8bkCyisUEtxpMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FmOGRhZDhmLTFiNDMtNDRhNy1hOGFmLWZlZjk2MDczNTZjMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7/AwDQYJKoZIhvcNAQELBQADggEBALLC6/LoVhfeOS4H+qeD CPWnz57xZKwILhCwUAAfulT7q4PFwq3+tKH8VVm8KLng8ODNvpPCwi1jUD0uB2lC hmj+fOsoLmzpUYV1MeKpOBXILjhhLLMSjouuQpa1m+wpPlyLXo2IkRkadnBy0NvD XG5TRiOFuAqIjxAR0hwI0mHlId3mctCRV+gLN9i2J2018BT+SXZJ1zbI645DFgD8 60z53g/aCg9qoUvR2F4JBnIjogx44CydUCwjhwu39KJd/2vnyG6WJ0sz5Tpx3Sn0 VA9uTJbQhhCf7/Z1XNYOs/r7oo7oFzfqJCVySLXDykU9IszB4+XWVq3FqmZ+tenQ 0Ts= -----END CERTIFICATE-----Generated at Sun Jun 29 04:01:00 2025 by rpki-client