$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1cd28abb-57aa-47ac-bde5-ce1695f1ab09.roa File: 1cd28abb-57aa-47ac-bde5-ce1695f1ab09.roa (raw, json) Hash identifier: n2uRWM7ZRzQpHKgYfbUee10XZ9ArghriaHmXcPJHeCA= Subject key identifier: BF:17:96:93:B5:DF:CF:3F:37:D4:57:78:57:08:15:BA:18:7C:E1:B7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7C24C432EB1A19AA6E633D1C1DFCC37A63FD94E1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1cd28abb-57aa-47ac-bde5-ce1695f1ab09.roa Signing time: Wed 23 Jul 2025 00:00:55 +0000 ROA not before: Wed 23 Jul 2025 00:00:55 +0000 ROA not after: Wed 27 Aug 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daf4:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 10 Aug 2025 00:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:24:c4:32:eb:1a:19:aa:6e:63:3d:1c:1d:fc:c3:7a:63:fd:94:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 23 00:00:55 2025 GMT Not After : Aug 27 23:59:59 2025 GMT Subject: serialNumber=b1f4a4abd12c8b76f0758465a714ed19fb8341ed212f122b0ecf4af53a3c6838, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:eb:be:5a:39:7b:50:43:86:53:fe:98:4a:dc: 00:2e:89:22:67:3b:cb:e0:89:67:d9:7b:14:22:78: 44:6a:66:bc:13:8a:dd:96:51:f8:45:f9:14:9a:22: db:42:6d:b2:07:2d:5c:48:79:70:33:6b:f4:50:3c: b4:66:10:d0:ad:9a:2d:ce:37:e4:af:e0:4c:8b:bf: f0:ff:4c:83:80:f6:66:39:37:28:3c:42:94:58:08: e2:f3:fe:bd:e1:1d:be:8c:60:4d:a6:78:6c:59:4e: 22:b6:5a:fc:6b:a1:d8:17:60:8f:0b:78:c6:19:51: ec:77:d9:b1:6e:06:2f:fe:01:92:f1:80:11:c6:2c: 6e:7b:a7:f7:36:57:7d:c9:c5:f6:ed:52:2a:2b:78: 14:6b:63:25:10:a7:3b:25:17:32:76:d6:72:52:42: 27:88:82:e7:d5:ac:ea:d8:17:38:d4:b0:05:5c:7d: f9:27:a5:7c:dd:0e:9d:92:6d:6f:43:fe:bf:37:c7: fc:8c:a8:52:af:b6:04:a4:a7:78:79:7f:25:76:2a: 17:d8:db:64:dd:f7:ac:f8:d6:5a:4c:a9:98:f7:4e: 66:24:3a:c3:27:67:e2:3a:dc:df:fc:3d:63:13:53: 75:24:a1:a0:01:17:07:ea:9c:01:10:c0:ae:ea:23: 81:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:17:96:93:B5:DF:CF:3F:37:D4:57:78:57:08:15:BA:18:7C:E1:B7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1cd28abb-57aa-47ac-bde5-ce1695f1ab09.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:6000::/40 Signature Algorithm: sha256WithRSAEncryption 8c:b3:89:ad:cd:16:7b:4e:d2:13:27:50:17:54:9a:f3:a7:4b: 48:3f:8b:45:9f:c5:a2:2c:2c:73:1f:a4:0f:c1:18:f1:78:a6: 4f:d8:ca:a9:5a:4e:54:ec:2c:4b:b6:e1:56:4b:89:70:05:9b: 10:e2:f6:7c:53:17:e1:b3:5c:d4:56:8f:fb:c4:f4:eb:40:18: d9:99:1a:51:e6:c9:57:73:12:94:0c:8b:ad:6a:b9:7b:99:11: d7:cd:5b:6e:a5:76:ae:32:49:e7:9f:ea:e5:c1:3b:d0:56:14: 6e:94:ac:7d:57:0a:9e:aa:fc:d5:3b:10:19:c2:00:a1:d9:f7: 7c:d9:3f:11:47:72:ec:a3:ce:7c:8b:5d:89:96:12:68:93:ca: a9:f5:38:da:e0:b1:c7:b0:4d:74:14:09:21:94:08:fa:57:29: 8a:5c:3b:74:7b:1e:c5:0c:21:78:62:e7:b0:4d:fe:63:51:87: f9:da:5d:27:a5:0d:95:22:e6:5c:1f:67:ce:bc:9d:20:f9:16: 66:0c:9e:e4:1e:66:70:06:a8:7c:78:17:df:0e:13:e8:2c:13: f8:c7:f2:16:9e:c1:33:d4:94:17:de:7a:9b:7c:cd:b5:f5:9c: be:d2:9a:f2:14:3b:62:21:52:c5:1a:4e:5d:91:71:42:3f:e4: 88:9d:8d:80 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfCTEMusaGapuYz0cHfzDemP9lOEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMzAwMDA1NVoX DTI1MDgyNzIzNTk1OVowejFJMEcGA1UEBRNAYjFmNGE0YWJkMTJjOGI3NmYwNzU4 NDY1YTcxNGVkMTlmYjgzNDFlZDIxMmYxMjJiMGVjZjRhZjUzYTNjNjgzODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteu+Wjl7UEOGU/6YStwALokiZzvL 4Iln2XsUInhEama8E4rdllH4RfkUmiLbQm2yBy1cSHlwM2v0UDy0ZhDQrZotzjfk r+BMi7/w/0yDgPZmOTcoPEKUWAji8/694R2+jGBNpnhsWU4itlr8a6HYF2CPC3jG GVHsd9mxbgYv/gGS8YARxixue6f3Nld9ycX27VIqK3gUa2MlEKc7JRcydtZyUkIn iILn1azq2Bc41LAFXH35J6V83Q6dkm1vQ/6/N8f8jKhSr7YEpKd4eX8ldioX2Ntk 3fes+NZaTKmY905mJDrDJ2fiOtzf/D1jE1N1JKGgARcH6pwBEMCu6iOBpwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFL8XlpO1388/N9RXeFcIFboYfOG3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFjZDI4YWJiLTU3YWEtNDdhYy1iZGU1LWNlMTY5NWYxYWIwOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9GAwDQYJKoZIhvcNAQELBQADggEBAIyzia3NFntO0hMnUBdU mvOnS0g/i0WfxaIsLHMfpA/BGPF4pk/YyqlaTlTsLEu24VZLiXAFmxDi9nxTF+Gz XNRWj/vE9OtAGNmZGlHmyVdzEpQMi61quXuZEdfNW26ldq4ySeef6uXBO9BWFG6U rH1XCp6q/NU7EBnCAKHZ93zZPxFHcuyjznyLXYmWEmiTyqn1ONrgscewTXQUCSGU CPpXKYpcO3R7HsUMIXhi57BN/mNRh/naXSelDZUi5lwfZ868nSD5FmYMnuQeZnAG qHx4F98OE+gsE/jH8haewTPUlBfeept8zbX1nL7SmvIUO2IhUsUaTl2RcUI/5Iid jYA= -----END CERTIFICATE-----Generated at Wed Aug 6 10:57:46 2025 by rpki-client