$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0455dd06-6363-446d-beab-2728280200d6.roa File: 0455dd06-6363-446d-beab-2728280200d6.roa (raw, json) Hash identifier: mwajbLw8kDOxJvflzx9pBSF9cYPNVo+gaYTYiaTmm+o= Subject key identifier: 7F:F6:18:08:F0:01:BC:7A:E8:34:11:D3:7B:B6:22:30:E8:C8:B1:D5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3AD6196661EE68FC7228AB0526836854CCDB4BCB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0455dd06-6363-446d-beab-2728280200d6.roa Signing time: Mon 21 Jul 2025 15:11:27 +0000 ROA not before: Mon 21 Jul 2025 15:11:27 +0000 ROA not after: Mon 25 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 10 Aug 2025 00:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:d6:19:66:61:ee:68:fc:72:28:ab:05:26:83:68:54:cc:db:4b:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 21 15:11:27 2025 GMT Not After : Aug 25 23:59:59 2025 GMT Subject: serialNumber=3ba53476e8a30199bac187b0b2df9afa8b6c84d3ecdf2c8b19866e3c66e2222b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:14:d2:ff:14:fe:9d:f9:9e:11:cc:86:45:86: d2:b9:93:47:75:f2:8d:53:4b:c7:a3:de:52:57:ec: ee:5f:0f:c5:da:fc:ff:68:db:93:07:a8:05:ce:a2: 7b:b4:36:02:43:3c:20:a7:43:d8:52:b8:f9:a2:f0: ca:bb:21:d7:d1:ec:17:d3:18:b2:5d:9f:8d:34:4a: fe:75:44:af:7d:a7:a5:a3:bd:1e:46:f1:5a:df:cc: 36:2e:e2:64:3d:c7:36:45:ba:27:14:0d:78:cb:40: f4:d4:13:58:c7:e6:60:d0:17:87:79:54:37:c9:ea: ce:ac:6d:33:4a:98:8b:09:e9:af:dd:22:de:70:42: 49:af:03:a3:99:9c:52:b7:88:67:8d:29:f4:48:36: 0a:f6:f9:5b:6e:58:07:72:9f:22:9b:38:c1:6a:f1: 14:6a:e4:05:20:e1:27:e5:45:8f:e8:bc:47:b7:89: 84:e7:64:7e:18:0e:f1:e8:eb:70:90:e9:cc:2a:a9: a3:57:20:9b:61:01:f0:49:21:cc:39:7c:4d:42:ea: ea:8a:71:6f:60:7f:c9:00:d4:42:1f:9a:f8:a3:b3: a9:df:47:e2:a6:22:c2:2a:23:53:26:93:de:74:0d: 65:10:0d:0a:9c:bb:e1:0b:ba:6a:54:cb:c0:2e:e8: 6b:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:F6:18:08:F0:01:BC:7A:E8:34:11:D3:7B:B6:22:30:E8:C8:B1:D5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0455dd06-6363-446d-beab-2728280200d6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:e000::/40 Signature Algorithm: sha256WithRSAEncryption 1a:71:55:9e:3e:a0:b0:e8:08:24:f7:de:4b:f8:bb:6d:fd:48: b0:cc:7f:86:1b:a8:03:ae:43:73:1f:ca:0d:51:24:f1:1a:6f: b7:41:18:e9:54:9a:c3:a6:2c:b0:1f:57:e0:54:d9:33:32:c7: 20:56:db:b7:07:6a:03:4e:13:95:fe:ea:d7:59:14:12:7c:9c: 29:98:19:f6:89:76:c3:42:54:61:5a:01:0a:4e:e7:15:33:83: 41:c3:fa:7c:da:10:a6:53:78:d0:01:37:21:52:d9:6d:9b:f2: 7c:7c:57:29:71:61:31:78:23:c7:9e:ee:f4:d2:69:a1:e4:2a: e4:de:e5:7c:9a:80:97:6d:1a:bc:18:1c:22:3e:f6:74:34:ef: a9:b7:d4:70:a6:ab:28:0c:aa:52:18:87:33:df:e0:3c:4a:ab: 4d:52:8e:6f:0e:b0:7b:57:fa:2b:88:76:20:04:da:09:a2:cc: a6:db:3d:23:1c:ba:54:73:fb:28:fb:51:bd:98:5a:88:68:82: 1f:04:0e:1d:b0:8f:87:23:d3:6d:50:82:ab:7f:8e:33:89:1f: b1:3f:bd:d9:1d:d5:6a:ce:8e:9f:84:50:d8:6c:95:ac:52:90: 61:76:8d:30:dc:3e:ef:cf:f6:a4:9d:30:a0:7c:31:72:76:19: 6a:fe:a3:d7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOtYZZmHuaPxyKKsFJoNoVMzbS8swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMTE1MTEyN1oX DTI1MDgyNTIzNTk1OVowejFJMEcGA1UEBRNAM2JhNTM0NzZlOGEzMDE5OWJhYzE4 N2IwYjJkZjlhZmE4YjZjODRkM2VjZGYyYzhiMTk4NjZlM2M2NmUyMjIyYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBTS/xT+nfmeEcyGRYbSuZNHdfKN U0vHo95SV+zuXw/F2vz/aNuTB6gFzqJ7tDYCQzwgp0PYUrj5ovDKuyHX0ewX0xiy XZ+NNEr+dUSvfaelo70eRvFa38w2LuJkPcc2RbonFA14y0D01BNYx+Zg0BeHeVQ3 yerOrG0zSpiLCemv3SLecEJJrwOjmZxSt4hnjSn0SDYK9vlbblgHcp8imzjBavEU auQFIOEn5UWP6LxHt4mE52R+GA7x6OtwkOnMKqmjVyCbYQHwSSHMOXxNQurqinFv YH/JANRCH5r4o7Op30fipiLCKiNTJpPedA1lEA0KnLvhC7pqVMvALuhrWQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFH/2GAjwAbx66DQR03u2IjDoyLHVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA0NTVkZDA2LTYzNjMtNDQ2ZC1iZWFiLTI3MjgyODAyMDBkNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8+AwDQYJKoZIhvcNAQELBQADggEBABpxVZ4+oLDoCCT33kv4 u239SLDMf4YbqAOuQ3Mfyg1RJPEab7dBGOlUmsOmLLAfV+BU2TMyxyBW27cHagNO E5X+6tdZFBJ8nCmYGfaJdsNCVGFaAQpO5xUzg0HD+nzaEKZTeNABNyFS2W2b8nx8 VylxYTF4I8ee7vTSaaHkKuTe5XyagJdtGrwYHCI+9nQ076m31HCmqygMqlIYhzPf 4DxKq01Sjm8OsHtX+iuIdiAE2gmizKbbPSMculRz+yj7Ub2YWohogh8EDh2wj4cj 021Qgqt/jjOJH7E/vdkd1WrOjp+EUNhslaxSkGF2jTDcPu/P9qSdMKB8MXJ2GWr+ o9c= -----END CERTIFICATE-----Generated at Wed Aug 6 13:06:02 2025 by rpki-client