$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0ae0175-f350-4493-ae35-4deb479e034e.roa File: e0ae0175-f350-4493-ae35-4deb479e034e.roa (raw, json) Hash identifier: 9BdAxvvikZtZ/Pm96AuoU7DfLwhnv1Px/7owbUYBdWY= Subject key identifier: CC:28:07:ED:ED:7D:E6:8A:C7:FA:DA:36:4E:0A:F2:75:FD:52:71:FF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 08AEC90EB35BFFCCA4D57932A1664E1D7A28D062 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0ae0175-f350-4493-ae35-4deb479e034e.roa Signing time: Sat 21 Jun 2025 00:00:05 +0000 ROA not before: Sat 21 Jun 2025 00:00:05 +0000 ROA not after: Sat 26 Jul 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da24:8000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 00:01:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:ae:c9:0e:b3:5b:ff:cc:a4:d5:79:32:a1:66:4e:1d:7a:28:d0:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 21 00:00:05 2025 GMT Not After : Jul 26 23:59:59 2025 GMT Subject: serialNumber=969cada3d64e04fd54bdc7e82bd24ae8f51e7641a8c101a5e335f7549e95b735, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:ec:8c:7f:b5:a6:d5:6f:66:0b:bd:5f:7a:0a: 46:17:31:18:46:1b:f6:cb:fe:34:25:7b:f4:4b:08: 8f:f9:e7:ac:31:63:63:d2:79:2a:22:8b:4a:09:17: df:91:ea:02:08:c7:1b:58:a2:69:c0:7b:2e:d1:61: 91:e0:98:d6:d1:8c:89:25:d9:4c:e4:40:6e:60:50: fd:4f:26:a8:8c:c5:b2:22:90:2a:84:b5:a3:ad:47: 9b:59:b5:48:6d:7a:eb:8b:b9:71:ad:4f:2f:5f:86: 7c:e6:1f:21:b4:ff:16:37:2d:2d:61:df:28:7f:e1: 03:76:d6:a5:cc:13:f5:7a:7f:17:5d:62:73:e9:af: 4e:41:ce:f5:47:0b:f6:c3:b9:41:6e:89:9a:57:74: 49:f3:b8:f1:4a:10:8b:97:a2:b7:f3:9a:15:82:9d: 4e:f2:f1:a1:36:a5:5d:67:db:ca:cf:4b:18:7f:c4: 82:01:49:95:b6:4e:57:86:6f:85:26:4c:e4:1a:64: 48:3d:b6:5d:bf:11:38:a6:82:43:7b:fd:04:14:b5: 33:c1:c1:e4:1d:c1:cc:6c:04:b4:39:32:81:77:6f: d9:b5:58:b3:c5:bd:d4:ee:dd:ec:19:fb:7a:a5:d8: eb:a8:e7:48:ef:2b:cb:89:6c:71:84:1c:59:23:26: 54:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:28:07:ED:ED:7D:E6:8A:C7:FA:DA:36:4E:0A:F2:75:FD:52:71:FF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0ae0175-f350-4493-ae35-4deb479e034e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da24:8000::/36 Signature Algorithm: sha256WithRSAEncryption 4a:5a:51:e1:34:82:1f:a1:28:21:fc:23:71:26:ef:b4:66:b4: ae:e0:e5:76:ab:d9:f5:96:e2:f8:14:72:18:b4:39:e3:49:34: 0a:55:c6:75:c3:a3:ff:d6:d9:4f:9d:95:86:2e:2c:6c:26:99: e2:03:27:d0:99:ef:dd:79:f5:d0:e3:35:5a:1b:92:60:f8:7a: f5:d8:38:78:1c:a6:16:bb:db:04:2b:59:89:11:e6:bc:19:bb: 4f:8f:45:14:6d:65:22:8e:46:a7:f5:0f:c6:1d:8c:2f:46:f5: dd:d2:43:5d:90:82:87:35:25:76:b2:29:0a:b7:18:c3:87:4b: 7b:59:c8:de:2a:00:df:e3:28:0c:4c:89:6c:a3:a1:83:4f:17: e5:56:e2:2a:a6:6d:66:41:8a:4b:59:fd:50:59:f0:d9:6c:74: ae:83:99:36:f5:db:aa:b5:5c:d2:e9:e2:b5:e1:21:e2:d0:1a: 3a:20:03:57:4e:d2:22:b8:a6:21:08:91:70:a4:19:b1:aa:e9: 9b:c6:52:a2:c7:59:cb:4a:15:48:b8:39:c9:26:8e:31:77:84: 10:5b:4c:8e:9b:64:f3:ed:28:44:26:78:3f:fe:03:31:00:6c: fe:7e:46:88:48:57:9d:09:5e:b1:d8:14:f0:8a:15:56:ef:c9: df:f1:4d:2b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCK7JDrNb/8yk1XkyoWZOHXoo0GIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyMTAwMDAwNVoX DTI1MDcyNjIzNTk1OVowejFJMEcGA1UEBRNAOTY5Y2FkYTNkNjRlMDRmZDU0YmRj N2U4MmJkMjRhZThmNTFlNzY0MWE4YzEwMWE1ZTMzNWY3NTQ5ZTk1YjczNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuyMf7Wm1W9mC71fegpGFzEYRhv2 y/40JXv0SwiP+eesMWNj0nkqIotKCRffkeoCCMcbWKJpwHsu0WGR4JjW0YyJJdlM 5EBuYFD9TyaojMWyIpAqhLWjrUebWbVIbXrri7lxrU8vX4Z85h8htP8WNy0tYd8o f+EDdtalzBP1en8XXWJz6a9OQc71Rwv2w7lBbomaV3RJ87jxShCLl6K385oVgp1O 8vGhNqVdZ9vKz0sYf8SCAUmVtk5Xhm+FJkzkGmRIPbZdvxE4poJDe/0EFLUzwcHk HcHMbAS0OTKBd2/ZtVizxb3U7t3sGft6pdjrqOdI7yvLiWxxhBxZIyZUywIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMwoB+3tfeaKx/raNk4K8nX9UnH/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UwYWUwMTc1LWYzNTAtNDQ5My1hZTM1LTRkZWI0NzllMDM0ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaJIAwDQYJKoZIhvcNAQELBQADggEBAEpaUeE0gh+hKCH8I3Em 77RmtK7g5Xar2fWW4vgUchi0OeNJNApVxnXDo//W2U+dlYYuLGwmmeIDJ9CZ7915 9dDjNVobkmD4evXYOHgcpha72wQrWYkR5rwZu0+PRRRtZSKORqf1D8YdjC9G9d3S Q12Qgoc1JXayKQq3GMOHS3tZyN4qAN/jKAxMiWyjoYNPF+VW4iqmbWZBiktZ/VBZ 8NlsdK6DmTb126q1XNLp4rXhIeLQGjogA1dO0iK4piEIkXCkGbGq6ZvGUqLHWctK FUi4OckmjjF3hBBbTI6bZPPtKEQmeD/+AzEAbP5+RohIV50JXrHYFPCKFVbvyd/x TSs= -----END CERTIFICATE-----Generated at Tue Jul 1 10:31:11 2025 by rpki-client