$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf7dfcf8-ba0c-47e9-8ddb-6a6d8ec70412.roa File: bf7dfcf8-ba0c-47e9-8ddb-6a6d8ec70412.roa (raw, json) Hash identifier: sqD1Rf15TekjKlsY87n40wfx7QhQTPsvd0hUYpTB+GQ= Subject key identifier: 1C:E0:83:17:4D:CB:3E:BB:0D:F9:7A:14:45:79:F4:22:29:2C:B9:0E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5C22F5D4752521EA62E7F23E477C1EFA8D461FDF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf7dfcf8-ba0c-47e9-8ddb-6a6d8ec70412.roa Signing time: Wed 25 Jun 2025 00:00:04 +0000 ROA not before: Wed 25 Jun 2025 00:00:04 +0000 ROA not after: Wed 30 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:22:f5:d4:75:25:21:ea:62:e7:f2:3e:47:7c:1e:fa:8d:46:1f:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 25 00:00:04 2025 GMT Not After : Jul 30 23:59:59 2025 GMT Subject: serialNumber=6e711cdb44d59a71baeb304d677d4da7e018e8802a1f694d8d2ada4ab2df7228, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:a8:fc:5f:8a:4c:1e:af:9b:df:bd:09:97:3a: 9e:59:f0:67:44:bf:24:f2:df:39:58:60:86:2b:f6: 64:97:d8:1b:6b:e0:40:30:92:7e:c7:f3:bd:d0:27: 85:65:32:ee:af:57:d8:68:33:61:8f:03:20:92:f2: 97:47:82:0a:d7:86:d2:db:06:94:b0:1a:a3:47:2c: 9e:21:68:df:14:41:df:ed:6e:c1:22:73:a0:09:f3: 7b:91:a4:54:74:49:7f:40:54:84:4f:66:de:d8:cc: cf:b5:97:a7:0a:5c:4b:10:e4:dc:1d:44:07:ac:d9: 72:52:f6:bc:e9:74:5e:71:da:e9:3d:12:c0:c6:ee: 57:d6:9a:9b:09:cb:55:01:36:cd:a3:43:ff:3e:a4: 17:f7:5b:2f:ed:71:82:cb:2d:16:78:fc:6b:df:09: 2c:8c:dd:99:93:aa:ca:e1:b6:7a:08:9f:09:33:81: 51:55:a6:d7:cc:73:82:82:47:98:16:4d:e8:cc:0a: c0:e1:e6:43:1c:58:7d:bf:c4:a3:95:e3:e9:14:4f: ea:37:06:59:61:88:69:06:84:a4:5f:52:4d:df:d4: 75:2a:b1:e1:e8:53:59:b0:1c:19:b8:a1:ae:88:fd: 94:1a:5f:16:e8:d8:94:cd:48:a1:46:76:69:15:76: 34:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:E0:83:17:4D:CB:3E:BB:0D:F9:7A:14:45:79:F4:22:29:2C:B9:0E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf7dfcf8-ba0c-47e9-8ddb-6a6d8ec70412.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:c800::/40 Signature Algorithm: sha256WithRSAEncryption 3f:18:50:f7:dd:cd:04:73:ab:42:9c:fc:05:c0:54:15:dd:e1: f9:f4:e5:74:b8:54:cc:b1:10:0b:cd:6d:82:3d:9e:4f:6d:48: d1:25:7d:43:29:93:7e:ab:2d:13:ae:37:7e:72:b7:9c:8f:17: 3a:3a:a1:3e:12:a8:af:15:f2:7d:23:73:2d:35:35:54:a8:5d: ee:b8:98:4e:57:29:44:db:ea:b7:f6:3e:da:d7:80:a9:74:2f: cd:a6:96:74:9e:4d:f3:0c:97:e2:e9:d5:d2:fe:a1:bf:fa:b6: c7:8b:7f:a6:80:0b:71:04:7f:d6:3e:3c:bc:4c:a9:c1:19:62: 78:c6:d8:be:a8:71:1c:02:38:40:42:f1:fc:8b:58:96:77:c6: ce:29:62:63:e8:d0:e4:f1:3c:19:ec:6d:b1:94:02:fa:4b:5e: d8:3f:74:f5:cc:fd:76:1a:d3:88:23:0b:12:58:b7:45:1f:e5: f0:50:27:80:04:79:2a:17:29:13:e7:e7:8a:31:f5:22:d9:4f: 18:7a:ce:a5:f7:31:c3:7a:e3:af:f4:65:1e:29:6e:50:01:1f: 22:d8:b9:26:3e:eb:b0:d2:c4:45:b2:e2:65:61:6d:c8:a2:61: f9:99:6e:b3:8d:c6:98:8c:a8:38:78:dc:8d:9c:67:99:4f:8f: 07:da:f6:a9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXCL11HUlIepi5/I+R3we+o1GH98wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyNTAwMDAwNFoX DTI1MDczMDIzNTk1OVowejFJMEcGA1UEBRNANmU3MTFjZGI0NGQ1OWE3MWJhZWIz MDRkNjc3ZDRkYTdlMDE4ZTg4MDJhMWY2OTRkOGQyYWRhNGFiMmRmNzIyODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaj8X4pMHq+b370JlzqeWfBnRL8k 8t85WGCGK/Zkl9gba+BAMJJ+x/O90CeFZTLur1fYaDNhjwMgkvKXR4IK14bS2waU sBqjRyyeIWjfFEHf7W7BInOgCfN7kaRUdEl/QFSET2be2MzPtZenClxLEOTcHUQH rNlyUva86XRecdrpPRLAxu5X1pqbCctVATbNo0P/PqQX91sv7XGCyy0WePxr3wks jN2Zk6rK4bZ6CJ8JM4FRVabXzHOCgkeYFk3ozArA4eZDHFh9v8SjlePpFE/qNwZZ YYhpBoSkX1JN39R1KrHh6FNZsBwZuKGuiP2UGl8W6NiUzUihRnZpFXY0PQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBzggxdNyz67Dfl6FEV59CIpLLkOMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JmN2RmY2Y4LWJhMGMtNDdlOS04ZGRiLTZhNmQ4ZWM3MDQxMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoMgwDQYJKoZIhvcNAQELBQADggEBAD8YUPfdzQRzq0Kc/AXA VBXd4fn05XS4VMyxEAvNbYI9nk9tSNElfUMpk36rLROuN35yt5yPFzo6oT4SqK8V 8n0jcy01NVSoXe64mE5XKUTb6rf2PtrXgKl0L82mlnSeTfMMl+Lp1dL+ob/6tseL f6aAC3EEf9Y+PLxMqcEZYnjG2L6ocRwCOEBC8fyLWJZ3xs4pYmPo0OTxPBnsbbGU AvpLXtg/dPXM/XYa04gjCxJYt0Uf5fBQJ4AEeSoXKRPn54ox9SLZTxh6zqX3McN6 46/0ZR4pblABHyLYuSY+67DSxEWy4mVhbciiYfmZbrONxpiMqDh43I2cZ5lPjwfa 9qk= -----END CERTIFICATE-----Generated at Sun Jun 29 04:26:34 2025 by rpki-client