$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1433179c-d512-4e29-b60c-2b7b7cd25040.roa File: 1433179c-d512-4e29-b60c-2b7b7cd25040.roa (raw, json) Hash identifier: m8aI9v8tqJYPr+fX8CNP3ujiVbi28xnd7qw1Y6H7gKM= Subject key identifier: D6:CA:0A:A6:61:EA:C5:03:30:FC:76:60:0A:AD:D4:F0:58:70:55:4C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6E16CC74A4D710BE2089372C8CA5CAF34AFB1976 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1433179c-d512-4e29-b60c-2b7b7cd25040.roa Signing time: Wed 30 Jul 2025 17:52:12 +0000 ROA not before: Wed 30 Jul 2025 17:52:12 +0000 ROA not after: Wed 03 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:16:cc:74:a4:d7:10:be:20:89:37:2c:8c:a5:ca:f3:4a:fb:19:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 30 17:52:12 2025 GMT Not After : Sep 3 23:59:59 2025 GMT Subject: serialNumber=1f881735d46eedbf6e811ec1e108dfbfefd3cea1a4ca34643846094a2858ae9f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:3f:b8:b3:32:e6:20:c8:43:de:cc:78:09:09: 6e:eb:8b:aa:2d:ea:4e:76:1e:c9:ae:9d:d4:79:9c: 69:38:38:e3:a8:a8:98:98:e9:0e:d5:3c:cd:6f:1c: 72:56:9d:37:d0:4b:af:64:a2:fb:1f:5b:5e:d4:7e: d0:c9:03:20:d7:96:8d:9b:8a:14:b9:28:14:25:5a: ac:40:76:c8:15:5b:69:8c:cc:04:ba:bc:da:9f:db: ca:18:fb:bc:ec:1a:a4:bc:2a:7a:f9:35:3d:47:42: 6f:0f:50:b6:5c:26:48:a6:35:f2:b5:26:5b:37:05: 5f:c4:54:fd:76:2d:28:60:25:b9:5f:99:7c:7f:d5: 59:7f:8b:e5:4d:93:cb:4b:8d:b1:88:9d:94:a1:fd: 0e:06:92:8c:20:8c:24:90:2d:dc:69:b9:5b:78:44: 75:21:69:a0:3e:98:89:ec:df:5e:3a:92:aa:8f:04: db:b7:8e:b0:bf:83:ff:1f:8d:76:5b:49:a0:f3:a4: 35:48:32:fa:59:35:da:59:94:e6:1e:fe:4a:66:3e: f6:6c:e8:1b:5f:80:08:41:cc:78:9d:0d:5c:e7:d8: e9:ec:02:ac:93:07:5b:48:25:16:81:54:2d:22:08: c4:c3:23:e4:0a:88:68:51:73:a9:61:ae:92:9a:25: ac:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:CA:0A:A6:61:EA:C5:03:30:FC:76:60:0A:AD:D4:F0:58:70:55:4C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1433179c-d512-4e29-b60c-2b7b7cd25040.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:7000::/40 Signature Algorithm: sha256WithRSAEncryption 7b:8b:b8:42:ba:2b:d6:93:e1:aa:65:0a:3a:5b:fc:14:ac:46: a6:92:0d:57:d4:bb:04:0f:cd:93:11:6b:19:93:bc:f5:56:11: ea:7b:ea:cf:76:6e:fd:e9:2f:2e:e7:68:d0:9f:b9:11:fe:a9: aa:39:73:8c:f9:e7:97:78:1c:69:ff:3f:10:be:60:30:4c:b5: df:88:c5:45:e4:54:a2:49:b7:8f:49:98:06:66:8d:6e:20:69: 01:03:7f:4a:c3:1b:04:c8:b8:47:7d:c2:1a:78:74:87:7b:b2: c2:87:61:0a:a9:b2:a2:2c:3a:51:b5:e9:1a:db:37:27:06:d4: d2:55:12:94:d0:ec:78:8d:b1:05:3f:eb:14:57:b8:fc:05:91: 0b:4e:2f:b5:17:3d:ce:c6:6b:1c:d8:0f:85:d6:81:2c:a8:e0: 52:3d:ae:87:4a:74:43:5e:29:3c:d6:5e:39:6a:3e:ba:3d:2a: bd:c6:a6:a7:6f:43:01:2f:9c:5c:84:d6:30:fc:35:67:00:3c: d7:65:4b:61:27:f4:0c:11:82:02:60:12:04:22:86:23:0f:d2: 71:7d:91:6c:be:13:85:21:c3:02:63:8f:cb:a6:e3:32:32:c6: f6:ee:92:ee:22:10:7b:21:e0:f9:2b:7d:04:8e:bd:b0:1d:c6: d2:38:2f:12 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbhbMdKTXEL4giTcsjKXK80r7GXYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDE3NTIxMloX DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAMWY4ODE3MzVkNDZlZWRiZjZlODEx ZWMxZTEwOGRmYmZlZmQzY2VhMWE0Y2EzNDY0Mzg0NjA5NGEyODU4YWU5ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoz+4szLmIMhD3sx4CQlu64uqLepO dh7Jrp3UeZxpODjjqKiYmOkO1TzNbxxyVp030EuvZKL7H1te1H7QyQMg15aNm4oU uSgUJVqsQHbIFVtpjMwEurzan9vKGPu87BqkvCp6+TU9R0JvD1C2XCZIpjXytSZb NwVfxFT9di0oYCW5X5l8f9VZf4vlTZPLS42xiJ2Uof0OBpKMIIwkkC3cablbeER1 IWmgPpiJ7N9eOpKqjwTbt46wv4P/H412W0mg86Q1SDL6WTXaWZTmHv5KZj72bOgb X4AIQcx4nQ1c59jp7AKskwdbSCUWgVQtIgjEwyPkCohoUXOpYa6SmiWskwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNbKCqZh6sUDMPx2YAqt1PBYcFVMMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE0MzMxNzljLWQ1MTItNGUyOS1iNjBjLTJiN2I3Y2QyNTA0MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+3AwDQYJKoZIhvcNAQELBQADggEBAHuLuEK6K9aT4aplCjpb /BSsRqaSDVfUuwQPzZMRaxmTvPVWEep76s92bv3pLy7naNCfuRH+qao5c4z555d4 HGn/PxC+YDBMtd+IxUXkVKJJt49JmAZmjW4gaQEDf0rDGwTIuEd9whp4dId7ssKH YQqpsqIsOlG16RrbNycG1NJVEpTQ7HiNsQU/6xRXuPwFkQtOL7UXPc7GaxzYD4XW gSyo4FI9rodKdENeKTzWXjlqPro9Kr3GpqdvQwEvnFyE1jD8NWcAPNdlS2En9AwR ggJgEgQihiMP0nF9kWy+E4UhwwJjj8um4zIyxvbuku4iEHsh4PkrfQSOvbAdxtI4 LxI= -----END CERTIFICATE-----Generated at Mon Aug 4 14:50:10 2025 by rpki-client