$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa File: e1567509-f31d-4739-a7a6-ed24530c598b.roa (raw, json) Hash identifier: j0NxmbusNnRr8qQYfhRiXploWZ3OzbH5NfDCsoWEkco= Subject key identifier: 68:C3:74:94:AC:9B:77:09:4F:D0:AC:E7:0D:97:51:30:17:12:FD:C2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5A51EBB4C422F4CEFA4089FEC3E463B6C8254EE7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa Signing time: Fri 27 Jun 2025 00:00:48 +0000 ROA not before: Fri 27 Jun 2025 00:00:48 +0000 ROA not after: Fri 01 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:51:eb:b4:c4:22:f4:ce:fa:40:89:fe:c3:e4:63:b6:c8:25:4e:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 27 00:00:48 2025 GMT Not After : Aug 1 23:59:59 2025 GMT Subject: serialNumber=e01746b4979d2f1aac397794c4ee7a3fe34cef9637b0633edff749a66632781e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:9e:93:de:6d:9a:a0:dd:cd:f5:59:43:67:6a: f7:c5:13:6d:a6:d4:d7:c0:7b:ba:5d:d7:70:aa:1b: 59:d4:c1:6e:bd:e1:21:f3:12:02:52:03:f8:be:3b: 25:1f:1f:83:d3:6a:83:dd:96:b5:44:bc:7f:2e:ca: 11:66:ed:b6:f6:40:aa:b7:df:c0:51:95:d5:81:ad: ae:01:7a:61:07:15:b4:0c:cb:99:0c:71:26:4a:57: 68:44:51:cb:76:e0:04:1f:08:80:ce:f4:90:8d:ad: db:91:e1:b2:0e:04:5e:c9:f3:5f:00:8e:fa:69:b3: b8:00:21:2f:0a:f6:63:f9:86:cd:93:44:e0:5d:b8: 70:1e:11:37:d4:70:79:94:36:59:c1:58:ea:51:ed: 56:04:f6:d8:b3:ef:8d:4d:d1:82:63:2c:a3:07:8a: af:82:3e:93:34:2f:2c:9b:d5:98:7b:f1:6d:e2:d2: 3f:f9:e1:ae:f6:4e:9b:88:30:9a:8f:de:cf:37:c8: 47:ee:be:59:b1:1d:c1:b8:fd:8c:fc:72:b9:e8:4f: 5d:7f:70:88:5c:a4:86:35:c4:6a:96:a5:52:e5:5a: 5d:ec:73:94:53:97:4c:2d:2a:f0:bb:30:ed:f0:cc: 5c:f2:52:65:f2:55:a4:2e:3c:6a:8c:b7:aa:e4:e4: 52:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:C3:74:94:AC:9B:77:09:4F:D0:AC:E7:0D:97:51:30:17:12:FD:C2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:c000::/40 Signature Algorithm: sha256WithRSAEncryption 78:9b:be:1f:15:d2:1b:13:e7:d6:12:bc:30:83:2b:95:68:b9: 72:e4:0b:93:d2:a1:84:2d:22:e4:f1:b5:30:2d:12:0a:2d:8d: f1:a1:43:cb:b3:1d:d8:02:d8:b3:4d:cf:f2:d1:55:40:39:6f: 13:cc:5f:fd:ce:8a:60:5b:cd:df:75:6e:60:94:46:b4:ac:66: 0d:c8:bf:96:62:1e:f7:d3:00:d1:6b:70:f0:d2:2f:22:bd:c9: 52:cf:77:67:3e:46:6f:dc:30:4c:96:3a:9d:17:b4:6a:24:7d: 20:ef:90:7c:2e:0a:bb:79:0a:a0:4f:36:10:11:be:f7:0c:45: 8a:70:f4:45:c5:f4:aa:52:21:dd:32:76:d8:61:8a:1b:7a:77: 54:2d:e1:5f:81:a8:86:d1:ba:7c:73:2a:81:21:86:15:88:f7: 46:61:84:15:5c:d6:6b:e4:96:47:3c:57:69:ef:35:8c:62:a1: 2f:4d:82:97:21:4a:ba:19:c4:8c:35:69:91:46:d5:75:af:db: ef:41:31:8d:af:4b:16:46:36:8c:37:5f:c6:7b:97:55:87:96: 09:1d:6b:05:ee:f3:89:32:88:f1:83:98:92:42:9e:b1:1f:7d: ad:96:4a:a6:11:7e:40:bd:a1:d1:ad:91:b6:71:35:5f:c4:8e: 91:23:29:82 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWlHrtMQi9M76QIn+w+RjtsglTucwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyNzAwMDA0OFoX DTI1MDgwMTIzNTk1OVowejFJMEcGA1UEBRNAZTAxNzQ2YjQ5NzlkMmYxYWFjMzk3 Nzk0YzRlZTdhM2ZlMzRjZWY5NjM3YjA2MzNlZGZmNzQ5YTY2NjMyNzgxZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Z6T3m2aoN3N9VlDZ2r3xRNtptTX wHu6XddwqhtZ1MFuveEh8xICUgP4vjslHx+D02qD3Za1RLx/LsoRZu229kCqt9/A UZXVga2uAXphBxW0DMuZDHEmSldoRFHLduAEHwiAzvSQja3bkeGyDgReyfNfAI76 abO4ACEvCvZj+YbNk0TgXbhwHhE31HB5lDZZwVjqUe1WBPbYs++NTdGCYyyjB4qv gj6TNC8sm9WYe/Ft4tI/+eGu9k6biDCaj97PN8hH7r5ZsR3BuP2M/HK56E9df3CI XKSGNcRqlqVS5Vpd7HOUU5dMLSrwuzDt8Mxc8lJl8lWkLjxqjLeq5ORS+wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGjDdJSsm3cJT9Cs5w2XUTAXEv3CMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UxNTY3NTA5LWYzMWQtNDczOS1hN2E2LWVkMjQ1MzBjNTk4Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9cAwDQYJKoZIhvcNAQELBQADggEBAHibvh8V0hsT59YSvDCD K5VouXLkC5PSoYQtIuTxtTAtEgotjfGhQ8uzHdgC2LNNz/LRVUA5bxPMX/3OimBb zd91bmCURrSsZg3Iv5ZiHvfTANFrcPDSLyK9yVLPd2c+Rm/cMEyWOp0XtGokfSDv kHwuCrt5CqBPNhARvvcMRYpw9EXF9KpSId0ydthhiht6d1Qt4V+BqIbRunxzKoEh hhWI90ZhhBVc1mvklkc8V2nvNYxioS9NgpchSroZxIw1aZFG1XWv2+9BMY2vSxZG Now3X8Z7l1WHlgkdawXu84kyiPGDmJJCnrEffa2WSqYRfkC9odGtkbZxNV/EjpEj KYI= -----END CERTIFICATE-----Generated at Sun Jun 29 07:36:39 2025 by rpki-client