$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be1922bc-9d75-4e8d-ba39-8044d8bf734b.roa File: be1922bc-9d75-4e8d-ba39-8044d8bf734b.roa (raw, json) Hash identifier: nzWKUxEX8SoOwpbzMwUtz4iz2/3TNumAa2afZEVz8bU= Subject key identifier: EA:E7:94:67:05:4B:26:DC:13:9A:4D:48:8C:A9:62:34:5F:35:F0:E3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 33B5FB6DD58C1E85223EA8EBE3C4076B409E87E3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be1922bc-9d75-4e8d-ba39-8044d8bf734b.roa Signing time: Sat 28 Jun 2025 00:00:06 +0000 ROA not before: Sat 28 Jun 2025 00:00:06 +0000 ROA not after: Sat 02 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:b5:fb:6d:d5:8c:1e:85:22:3e:a8:eb:e3:c4:07:6b:40:9e:87:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 28 00:00:06 2025 GMT Not After : Aug 2 23:59:59 2025 GMT Subject: serialNumber=3eada524a49ace5ff6544a2f6c0e4d3c3556a2a81ce1ce72162a1637db62226b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:44:98:99:8c:9b:5d:8f:9f:01:e0:dd:9c:09: 79:2d:e4:f6:44:f6:1c:99:ee:aa:3c:05:8f:15:f4: 90:80:ed:cd:d3:21:46:70:87:c4:6c:7e:81:de:54: a3:11:76:5e:30:3e:9e:aa:29:c4:9c:ed:74:c6:16: 60:29:0e:77:f9:55:00:68:77:09:dc:b2:9b:7c:0f: fd:25:53:bc:27:9c:8b:90:15:9e:5c:fe:e7:27:c8: f7:a1:d9:16:51:a9:48:4c:ae:03:8d:67:ee:04:29: 0b:96:61:f1:f4:1e:ef:05:1e:22:2d:8b:30:48:ed: 15:db:8e:66:ab:e1:1f:0c:4c:1b:c4:4e:18:cc:bb: ed:a9:b6:ac:f4:b2:17:97:2b:c2:34:07:43:33:96: 08:d4:0d:5e:6f:04:12:c7:c6:f1:6a:1f:ce:50:c1: a0:a4:ca:a9:05:e1:da:cd:7f:85:80:c1:d4:46:5c: d0:23:78:47:e9:d8:6a:52:3a:c8:e6:3b:91:52:82: 96:ce:b5:5f:d6:4b:30:b6:66:d7:fc:61:14:ad:f3: 86:11:dc:50:77:3e:42:ad:51:3d:07:b8:b8:56:bc: d0:05:46:fb:c4:a0:2c:00:19:a1:58:41:21:de:f0: 19:5d:ea:0a:55:17:4c:0f:ea:02:80:6b:b1:4d:1b: b9:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:E7:94:67:05:4B:26:DC:13:9A:4D:48:8C:A9:62:34:5F:35:F0:E3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be1922bc-9d75-4e8d-ba39-8044d8bf734b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:b000::/40 Signature Algorithm: sha256WithRSAEncryption c1:92:47:3a:9e:1d:4a:7f:b3:e8:ff:02:af:fb:23:ad:69:76: df:96:ee:6b:d5:4f:87:ce:be:33:9d:f0:bd:53:d6:af:e9:1f: ea:fa:55:6b:69:c3:3c:28:e6:9d:27:0b:53:d1:b6:05:92:60: 2a:42:d8:f3:99:a0:35:ea:f2:73:bb:c3:84:11:f1:5e:60:e6: 26:a4:6a:22:d2:b7:c5:e6:f3:eb:2c:1a:51:0e:8d:d4:38:c3: 5f:d3:da:d8:22:d1:33:57:b0:10:3d:dc:fe:aa:87:ca:e1:ff: 68:d1:77:12:35:c4:b3:bc:de:0e:6f:e7:8a:e7:2d:23:f8:61: 63:dc:e8:72:20:59:91:ed:d0:97:e6:bf:90:c1:b3:30:4d:33: 22:1c:a6:79:b4:68:b9:7f:8c:c6:91:4f:79:22:0a:ba:98:6d: 9f:68:01:78:9a:b4:f3:91:cd:ef:9f:08:ac:c4:20:c4:00:b6: 73:84:52:68:9b:c1:b1:69:ea:5a:e8:71:39:7d:16:57:b8:3d: b7:37:bc:cb:8d:b9:00:dc:39:bb:3d:c9:88:8a:46:cb:fb:c9: 9f:89:53:a1:62:a1:23:b5:3a:36:0a:bb:b7:99:99:ee:4b:d8: 49:ad:03:92:8e:b1:08:ae:b7:49:01:72:a5:8a:53:ca:0f:59: e7:96:89:6e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUM7X7bdWMHoUiPqjr48QHa0Ceh+MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyODAwMDAwNloX DTI1MDgwMjIzNTk1OVowejFJMEcGA1UEBRNAM2VhZGE1MjRhNDlhY2U1ZmY2NTQ0 YTJmNmMwZTRkM2MzNTU2YTJhODFjZTFjZTcyMTYyYTE2MzdkYjYyMjI2YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUSYmYybXY+fAeDdnAl5LeT2RPYc me6qPAWPFfSQgO3N0yFGcIfEbH6B3lSjEXZeMD6eqinEnO10xhZgKQ53+VUAaHcJ 3LKbfA/9JVO8J5yLkBWeXP7nJ8j3odkWUalITK4DjWfuBCkLlmHx9B7vBR4iLYsw SO0V245mq+EfDEwbxE4YzLvtqbas9LIXlyvCNAdDM5YI1A1ebwQSx8bxah/OUMGg pMqpBeHazX+FgMHURlzQI3hH6dhqUjrI5juRUoKWzrVf1kswtmbX/GEUrfOGEdxQ dz5CrVE9B7i4VrzQBUb7xKAsABmhWEEh3vAZXeoKVRdMD+oCgGuxTRu5CwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOrnlGcFSybcE5pNSIypYjRfNfDjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JlMTkyMmJjLTlkNzUtNGU4ZC1iYTM5LTgwNDRkOGJmNzM0Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9LAwDQYJKoZIhvcNAQELBQADggEBAMGSRzqeHUp/s+j/Aq/7 I61pdt+W7mvVT4fOvjOd8L1T1q/pH+r6VWtpwzwo5p0nC1PRtgWSYCpC2POZoDXq 8nO7w4QR8V5g5iakaiLSt8Xm8+ssGlEOjdQ4w1/T2tgi0TNXsBA93P6qh8rh/2jR dxI1xLO83g5v54rnLSP4YWPc6HIgWZHt0Jfmv5DBszBNMyIcpnm0aLl/jMaRT3ki CrqYbZ9oAXiatPORze+fCKzEIMQAtnOEUmibwbFp6lrocTl9Fle4Pbc3vMuNuQDc Obs9yYiKRsv7yZ+JU6FioSO1OjYKu7eZme5L2EmtA5KOsQiut0kBcqWKU8oPWeeW iW4= -----END CERTIFICATE-----Generated at Sun Jun 29 09:31:01 2025 by rpki-client