$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd3d6020-be78-46ca-9b8a-63fdbfc9da9b.roa File: dd3d6020-be78-46ca-9b8a-63fdbfc9da9b.roa (raw, json) Hash identifier: ojvMgGv3HyWufvEzmyokuIeCyWPRwl+KyUuXhmjM7fg= Subject key identifier: 17:35:E6:29:B1:54:B4:47:8E:DE:80:AC:3C:48:9E:EE:D1:4A:1D:AC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4475A4DEC08C78F8B4E5D852055D17480F9CF24C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd3d6020-be78-46ca-9b8a-63fdbfc9da9b.roa Signing time: Wed 25 Jun 2025 00:00:01 +0000 ROA not before: Wed 25 Jun 2025 00:00:01 +0000 ROA not after: Wed 30 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:75:a4:de:c0:8c:78:f8:b4:e5:d8:52:05:5d:17:48:0f:9c:f2:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 25 00:00:01 2025 GMT Not After : Jul 30 23:59:59 2025 GMT Subject: serialNumber=af6e1e735ab31bbf669dda6c74911f6f9f62ff31affd2ecf1f3142dfa34242a0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:1f:72:1e:93:38:93:50:60:cd:63:b5:89:b4: 0d:91:05:ec:ad:1f:04:b2:84:8f:ba:b2:c5:dc:ee: fb:60:42:9b:91:c0:16:3e:6f:23:97:34:e2:1f:02: dc:8b:88:af:3c:e8:6d:b5:68:c0:bb:a6:9b:6f:8d: 50:f1:40:b6:7b:f2:d3:55:92:b7:81:f0:77:cd:53: 8b:9f:a2:45:b7:ed:a1:a0:72:26:fb:7f:84:b0:30: 2f:27:9c:b1:58:00:21:9f:52:10:22:84:ea:0e:c8: a2:a7:38:a8:4e:51:ff:05:59:1d:fc:c7:b8:70:8a: f5:31:18:9c:22:da:45:fd:74:f6:88:14:0a:74:86: 7a:a6:67:ba:b5:9d:17:9a:f1:35:cd:e4:d2:f1:e7: 16:ec:cf:b2:05:84:ea:98:98:9e:b3:fb:58:0e:e9: 14:32:a0:32:01:1d:9a:35:7c:74:e4:d6:04:07:38: 10:6a:9f:60:bc:ec:09:aa:67:d0:58:9e:61:ee:bf: b5:b9:3d:92:9f:77:d4:98:d1:93:cb:a6:f8:cf:7b: c5:14:82:79:9d:61:5e:06:05:ec:3d:41:1c:64:a2: d6:28:b9:c0:96:bb:23:66:09:55:48:1b:75:51:ba: 1f:bc:50:a4:af:92:a1:5b:df:80:4f:e2:30:2d:c3: f3:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:35:E6:29:B1:54:B4:47:8E:DE:80:AC:3C:48:9E:EE:D1:4A:1D:AC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd3d6020-be78-46ca-9b8a-63fdbfc9da9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:2000::/40 Signature Algorithm: sha256WithRSAEncryption 89:58:7c:a9:91:91:0a:1d:0b:84:59:d9:f0:ca:c7:17:9c:ad: 8a:c3:79:19:e7:6a:40:92:3b:a7:dd:8a:47:6e:d1:bd:fe:4a: 5e:d4:c5:fb:35:51:26:7b:e7:aa:28:62:d8:aa:65:0a:b1:ed: 26:c0:db:43:fa:10:db:59:09:90:f5:a2:4b:f8:b1:2c:0e:1e: 9b:8c:df:31:ea:99:d1:d5:86:39:28:b1:07:d6:3a:a1:98:4b: 47:bd:78:99:6e:d5:66:3d:6f:39:2d:5d:f4:00:8a:40:30:3d: 55:c0:1e:34:77:87:9d:37:95:1b:c6:6a:26:14:37:68:56:9b: d7:a1:c5:62:be:3b:0a:54:b8:e4:4f:59:78:6d:98:c6:cb:a2: a7:a0:45:c4:75:85:a2:b1:ba:76:6d:47:25:47:f1:ad:54:bb: c9:66:ef:53:8e:5c:18:b5:13:7d:24:e2:a2:5e:ee:7d:ad:c0: 33:fa:41:78:e8:a0:89:4a:bd:e9:b4:af:7b:5e:a4:5f:03:08: 2f:7e:c3:6b:14:00:a3:13:5d:6d:15:94:5f:36:27:d9:ea:fb: e7:11:e9:97:2b:8e:be:c5:e4:c3:c5:e6:a5:f0:49:bd:69:18: 49:7f:59:d0:8c:1b:5e:ee:e3:5c:92:96:09:6c:68:27:92:0d: 6d:ce:d8:b6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIURHWk3sCMePi05dhSBV0XSA+c8kwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyNTAwMDAwMVoX DTI1MDczMDIzNTk1OVowejFJMEcGA1UEBRNAYWY2ZTFlNzM1YWIzMWJiZjY2OWRk YTZjNzQ5MTFmNmY5ZjYyZmYzMWFmZmQyZWNmMWYzMTQyZGZhMzQyNDJhMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0B9yHpM4k1BgzWO1ibQNkQXsrR8E soSPurLF3O77YEKbkcAWPm8jlzTiHwLci4ivPOhttWjAu6abb41Q8UC2e/LTVZK3 gfB3zVOLn6JFt+2hoHIm+3+EsDAvJ5yxWAAhn1IQIoTqDsiipzioTlH/BVkd/Me4 cIr1MRicItpF/XT2iBQKdIZ6pme6tZ0XmvE1zeTS8ecW7M+yBYTqmJies/tYDukU MqAyAR2aNXx05NYEBzgQap9gvOwJqmfQWJ5h7r+1uT2Sn3fUmNGTy6b4z3vFFIJ5 nWFeBgXsPUEcZKLWKLnAlrsjZglVSBt1UbofvFCkr5KhW9+AT+IwLcPz2QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBc15imxVLRHjt6ArDxInu7RSh2sMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RkM2Q2MDIwLWJlNzgtNDZjYS05YjhhLTYzZmRiZmM5ZGE5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9SAwDQYJKoZIhvcNAQELBQADggEBAIlYfKmRkQodC4RZ2fDK xxecrYrDeRnnakCSO6fdikdu0b3+Sl7Uxfs1USZ756ooYtiqZQqx7SbA20P6ENtZ CZD1okv4sSwOHpuM3zHqmdHVhjkosQfWOqGYS0e9eJlu1WY9bzktXfQAikAwPVXA HjR3h503lRvGaiYUN2hWm9ehxWK+OwpUuORPWXhtmMbLoqegRcR1haKxunZtRyVH 8a1Uu8lm71OOXBi1E30k4qJe7n2twDP6QXjooIlKvem0r3tepF8DCC9+w2sUAKMT XW0VlF82J9nq++cR6Zcrjr7F5MPF5qXwSb1pGEl/WdCMG17u41ySlglsaCeSDW3O 2LY= -----END CERTIFICATE-----Generated at Sun Jun 29 04:24:28 2025 by rpki-client