$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b04ab6cc-e646-42b2-b8a0-75a22e4744ea.roa File: b04ab6cc-e646-42b2-b8a0-75a22e4744ea.roa (raw, json) Hash identifier: LENmvnD+/D2ubb6jTNshfp/SQbFQ2G7C24BkzwRHcZk= Subject key identifier: BF:70:F6:9A:37:29:D2:EC:66:BD:13:AD:28:21:70:52:1A:63:62:9D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 42E2F8A6E4E7BBD0A1613FAEE8889D905813A3EF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b04ab6cc-e646-42b2-b8a0-75a22e4744ea.roa Signing time: Tue 24 Jun 2025 00:00:04 +0000 ROA not before: Tue 24 Jun 2025 00:00:04 +0000 ROA not after: Tue 29 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:e2:f8:a6:e4:e7:bb:d0:a1:61:3f:ae:e8:88:9d:90:58:13:a3:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 24 00:00:04 2025 GMT Not After : Jul 29 23:59:59 2025 GMT Subject: serialNumber=834971701732e513313b92f2bc696ff27b9b2fe4ca01c1b16d919b1a1eb51580, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:b5:2c:53:56:b9:50:54:1b:2a:d4:ec:86:a8: 48:ea:26:96:60:80:af:49:69:6f:3f:84:64:75:85: 1a:e5:a2:80:97:11:ca:7b:6f:56:e3:86:9f:17:ca: e3:49:88:12:d6:0f:49:49:25:96:0b:78:0f:f9:6d: ec:e5:72:aa:06:aa:40:7a:dd:5a:79:e1:76:d9:f7: 0d:55:59:d5:15:35:df:81:58:8d:9b:49:46:eb:7b: b7:a9:63:c7:29:da:21:de:8d:69:34:fc:ef:5b:a1: ac:81:87:47:cc:1c:72:f0:7c:c0:96:e3:c3:3b:81: b9:f3:8b:23:89:45:c7:87:e7:8f:41:d9:9b:2f:ac: d1:45:62:43:00:00:b4:6f:0b:5e:c8:80:76:74:cb: e7:fb:d5:67:f5:54:18:a3:67:4a:40:de:86:3b:3f: 4b:97:01:36:5d:11:9b:43:1b:ab:06:cd:47:5d:38: a1:d4:00:62:91:83:1d:99:2a:5a:ed:88:07:f1:78: 75:e2:9f:8d:cd:27:70:a2:64:54:e8:48:11:c6:a0: 99:40:c3:08:63:78:bb:73:4b:2e:8b:80:fd:12:82: f1:1a:0a:d7:44:1a:9d:df:bd:ca:d3:25:a3:ac:f6: d7:18:16:55:5f:db:bd:c9:a7:ad:54:3d:87:3e:5a: 97:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:70:F6:9A:37:29:D2:EC:66:BD:13:AD:28:21:70:52:1A:63:62:9D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b04ab6cc-e646-42b2-b8a0-75a22e4744ea.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:1000::/40 Signature Algorithm: sha256WithRSAEncryption 17:64:36:56:ce:22:12:8c:44:99:ee:27:7a:35:1b:0b:38:89: 4e:97:09:47:fb:3d:df:33:46:2d:9f:ec:ba:00:00:e8:ee:7f: d9:8c:b6:29:0a:19:09:95:ab:06:49:a8:4e:6f:30:58:cf:fc: 92:aa:d6:ed:2c:f4:7c:8b:59:24:3c:98:64:27:87:0f:66:0c: a6:fb:0e:df:8b:df:52:c8:a4:2b:ff:de:fe:45:fd:dc:a1:50: cc:a6:fa:cb:0b:d8:a9:80:ad:ca:3e:1f:bc:80:b5:a6:4f:82: 32:7e:bb:a4:3c:56:89:ad:fc:2d:fb:35:81:88:9a:ec:5d:8f: 62:c2:76:5c:7d:b1:11:22:0b:0b:3d:e8:9e:cf:75:c2:5a:e5: 6b:83:b5:40:3d:6b:2f:b2:8c:4d:a3:0e:08:4f:a8:ee:94:30: a9:21:3d:f0:0b:e7:3f:91:8e:aa:a1:a7:65:62:24:1d:55:7a: b4:34:8e:19:cc:46:23:bc:60:e4:ea:b2:c0:42:ec:32:25:a6: 8a:3c:45:3f:7c:5e:b4:90:ca:9d:18:12:72:41:69:ce:13:ed: a5:58:a0:b8:c5:69:71:4c:32:07:74:be:4b:76:d4:57:34:80: d8:c9:c1:d9:df:e9:52:7c:0b:56:5c:83:a0:2f:3e:4e:e7:7e: fe:3a:31:69 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQuL4puTnu9ChYT+u6IidkFgTo+8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyNDAwMDAwNFoX DTI1MDcyOTIzNTk1OVowejFJMEcGA1UEBRNAODM0OTcxNzAxNzMyZTUxMzMxM2I5 MmYyYmM2OTZmZjI3YjliMmZlNGNhMDFjMWIxNmQ5MTliMWExZWI1MTU4MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLUsU1a5UFQbKtTshqhI6iaWYICv SWlvP4RkdYUa5aKAlxHKe29W44afF8rjSYgS1g9JSSWWC3gP+W3s5XKqBqpAet1a eeF22fcNVVnVFTXfgViNm0lG63u3qWPHKdoh3o1pNPzvW6GsgYdHzBxy8HzAluPD O4G584sjiUXHh+ePQdmbL6zRRWJDAAC0bwteyIB2dMvn+9Vn9VQYo2dKQN6GOz9L lwE2XRGbQxurBs1HXTih1ABikYMdmSpa7YgH8Xh14p+NzSdwomRU6EgRxqCZQMMI Y3i7c0sui4D9EoLxGgrXRBqd373K0yWjrPbXGBZVX9u9yaetVD2HPlqXdwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFL9w9po3KdLsZr0TrSghcFIaY2KdMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IwNGFiNmNjLWU2NDYtNDJiMi1iOGEwLTc1YTIyZTQ3NDRlYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMhAwDQYJKoZIhvcNAQELBQADggEBABdkNlbOIhKMRJnuJ3o1 Gws4iU6XCUf7Pd8zRi2f7LoAAOjuf9mMtikKGQmVqwZJqE5vMFjP/JKq1u0s9HyL WSQ8mGQnhw9mDKb7Dt+L31LIpCv/3v5F/dyhUMym+ssL2KmArco+H7yAtaZPgjJ+ u6Q8Vomt/C37NYGImuxdj2LCdlx9sREiCws96J7PdcJa5WuDtUA9ay+yjE2jDghP qO6UMKkhPfAL5z+Rjqqhp2ViJB1VerQ0jhnMRiO8YOTqssBC7DIlpoo8RT98XrSQ yp0YEnJBac4T7aVYoLjFaXFMMgd0vkt21Fc0gNjJwdnf6VJ8C1Zcg6AvPk7nfv46 MWk= -----END CERTIFICATE-----Generated at Sun Jun 29 07:22:44 2025 by rpki-client