$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/184e3b6c-ab7a-4146-87de-73414e79502c.roa File: 184e3b6c-ab7a-4146-87de-73414e79502c.roa (raw, json) Hash identifier: P75d0bQBaXIiBWJcO06nC0ywrNVQwxKprebxaxgmJbo= Subject key identifier: 37:7E:3D:76:BB:3F:C2:67:78:2D:D4:2E:F9:89:67:FB:51:F5:EB:50 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5702E128F7088E5E250C1A090F0A5DE362B3F146 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/184e3b6c-ab7a-4146-87de-73414e79502c.roa Signing time: Wed 30 Jul 2025 17:38:39 +0000 ROA not before: Wed 30 Jul 2025 17:38:39 +0000 ROA not after: Wed 03 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:02:e1:28:f7:08:8e:5e:25:0c:1a:09:0f:0a:5d:e3:62:b3:f1:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 30 17:38:39 2025 GMT Not After : Sep 3 23:59:59 2025 GMT Subject: serialNumber=a3d318646fb596902ec7186d9d73dc20009d25c9bbdde84a4f7bf1ac53e9178b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:15:32:df:fb:8a:5e:a4:83:f8:93:8d:43:22: 45:5b:25:91:9e:13:e1:36:a6:45:50:dc:54:c9:4b: 19:b2:4f:e3:a9:c4:34:fb:92:8b:4b:0f:66:36:4a: a9:4a:81:46:8a:bc:e8:e0:51:d2:6d:46:41:9c:1d: 32:2e:b4:75:ba:d4:46:ae:ee:32:03:b3:6d:81:5b: cd:f6:7b:12:5e:ff:3e:45:87:bd:0b:0f:8c:31:a2: 62:bb:f9:35:b8:36:bd:3d:c3:41:57:4c:34:13:03: c6:d0:c3:d8:4a:42:36:b6:ed:0e:7c:ba:1b:55:cf: db:a0:6f:50:23:3b:60:f5:f5:ce:3c:5d:da:60:6b: 0e:29:94:7f:42:cc:1f:8b:89:51:c2:18:f3:7e:99: ab:fe:cd:02:0f:6a:a7:48:2b:aa:a1:38:53:f5:8d: d5:e1:78:c7:c6:58:bb:10:cd:91:ec:4a:96:d3:93: bf:38:be:f1:e9:58:01:d4:2b:df:24:d0:8d:87:bf: c0:6a:bf:b5:5f:5a:52:5c:58:5f:65:a2:13:53:3b: 13:d7:39:21:ac:fd:be:42:2f:33:0b:c8:53:24:0e: ec:47:5e:70:07:ae:b4:35:75:ae:9c:a2:9f:37:0c: 93:b8:9d:ba:c9:11:b1:dc:bc:ea:f4:c5:e5:38:06: 7b:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:7E:3D:76:BB:3F:C2:67:78:2D:D4:2E:F9:89:67:FB:51:F5:EB:50 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/184e3b6c-ab7a-4146-87de-73414e79502c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:c000::/40 Signature Algorithm: sha256WithRSAEncryption c5:94:09:45:5d:38:02:2b:3b:97:dd:4a:87:cc:76:d3:26:e5: be:55:0a:df:8a:7b:51:78:8b:cf:bc:95:c8:5d:20:c9:9f:d6: f8:d1:dc:7b:ac:6a:02:fe:63:02:81:16:70:c7:b8:bf:66:f9: 64:17:66:54:b6:b3:74:10:1f:b9:dc:73:3b:95:60:8f:02:59: 5f:c2:6f:32:2e:fe:34:ea:9b:a2:a3:95:1a:15:6b:fc:a2:86: 5d:20:f1:ee:0a:23:33:5f:d0:16:7c:64:da:e9:f3:7d:5d:9f: eb:93:2a:c4:6c:5c:65:02:cd:48:7d:cd:9a:f1:88:df:86:95: 9c:7b:4c:ad:99:df:c4:31:50:21:c0:e2:5f:37:ef:22:99:6e: a7:25:3d:68:f1:fd:13:13:b6:fe:14:5a:ba:03:3f:20:5e:7b: 2a:c5:6a:e1:74:d6:d3:19:15:d8:dd:f5:76:78:e7:e9:84:51: 37:48:d3:cc:dc:09:a7:cd:74:2f:3d:7c:e0:3a:9a:75:f3:bf: be:60:6f:e1:ff:86:ef:48:95:b9:21:07:54:ed:20:aa:2a:2a: 5a:ff:33:6e:19:13:eb:a6:d6:8c:ff:2f:63:96:88:e3:ec:e7: dc:ec:f1:14:d5:dd:43:92:33:e5:80:10:c2:90:5c:36:57:53: 06:c9:92:68 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVwLhKPcIjl4lDBoJDwpd42Kz8UYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDE3MzgzOVoX DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAYTNkMzE4NjQ2ZmI1OTY5MDJlYzcx ODZkOWQ3M2RjMjAwMDlkMjVjOWJiZGRlODRhNGY3YmYxYWM1M2U5MTc4YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBUy3/uKXqSD+JONQyJFWyWRnhPh NqZFUNxUyUsZsk/jqcQ0+5KLSw9mNkqpSoFGirzo4FHSbUZBnB0yLrR1utRGru4y A7NtgVvN9nsSXv8+RYe9Cw+MMaJiu/k1uDa9PcNBV0w0EwPG0MPYSkI2tu0OfLob Vc/boG9QIztg9fXOPF3aYGsOKZR/Qswfi4lRwhjzfpmr/s0CD2qnSCuqoThT9Y3V 4XjHxli7EM2R7EqW05O/OL7x6VgB1CvfJNCNh7/Aar+1X1pSXFhfZaITUzsT1zkh rP2+Qi8zC8hTJA7sR15wB660NXWunKKfNwyTuJ26yRGx3Lzq9MXlOAZ7+wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDd+PXa7P8JneC3ULvmJZ/tR9etQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE4NGUzYjZjLWFiN2EtNDE0Ni04N2RlLTczNDE0ZTc5NTAyYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaacAwDQYJKoZIhvcNAQELBQADggEBAMWUCUVdOAIrO5fdSofM dtMm5b5VCt+Ke1F4i8+8lchdIMmf1vjR3HusagL+YwKBFnDHuL9m+WQXZlS2s3QQ H7ncczuVYI8CWV/CbzIu/jTqm6KjlRoVa/yihl0g8e4KIzNf0BZ8ZNrp831dn+uT KsRsXGUCzUh9zZrxiN+GlZx7TK2Z38QxUCHA4l837yKZbqclPWjx/RMTtv4UWroD PyBeeyrFauF01tMZFdjd9XZ45+mEUTdI08zcCafNdC89fOA6mnXzv75gb+H/hu9I lbkhB1TtIKoqKlr/M24ZE+um1oz/L2OWiOPs59zs8RTV3UOSM+WAEMKQXDZXUwbJ kmg= -----END CERTIFICATE-----Generated at Mon Aug 4 19:07:34 2025 by rpki-client