$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1e0f57b9-45cc-4cee-a7e3-b50359fea4bc.roa File: 1e0f57b9-45cc-4cee-a7e3-b50359fea4bc.roa (raw, json) Hash identifier: QDPVlsmqghT8rFA5aSsH0m+NKeR2vuLjo8+OUZa0n1Y= Subject key identifier: A6:5D:C7:7A:B4:C0:3A:43:3F:7C:7D:FD:26:51:AA:88:E0:03:50:D6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 10A98FA89B2E5DCD53143A6DE679AD6A66BC57E1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1e0f57b9-45cc-4cee-a7e3-b50359fea4bc.roa Signing time: Fri 01 Aug 2025 00:20:38 +0000 ROA not before: Fri 01 Aug 2025 00:20:38 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:a9:8f:a8:9b:2e:5d:cd:53:14:3a:6d:e6:79:ad:6a:66:bc:57:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:20:38 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=66d32e7b11aa92072816bbbff37c7e1b0cc68248ca0539bc25a129024963db32, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:84:9e:63:2a:b1:fa:fa:7e:f4:71:bc:5c:31: 94:5e:5b:5a:03:1b:51:1c:8c:12:13:f9:86:a4:d6: 24:6e:29:b5:36:34:24:cc:13:ad:7f:f7:c6:a9:19: 01:01:5f:bd:00:f5:4f:69:ab:8d:e4:e6:9e:aa:61: 13:2e:91:a3:fe:c6:59:9d:05:a1:40:07:ce:0b:d0: 40:18:d6:9a:74:5b:38:c4:84:38:2b:f9:ed:4d:95: 0c:2e:21:99:34:80:5c:89:50:1b:5b:89:7b:89:3c: 9a:63:5b:12:7f:a1:2d:e4:f4:e9:0d:4a:e2:1e:e7: f2:20:fb:45:df:21:32:25:07:74:bb:b7:ce:27:1a: 77:fa:94:5f:e7:a5:e6:11:c4:8b:c7:c2:0c:ae:b0: f7:ad:ed:91:a4:46:eb:4e:e5:39:b5:73:88:5b:8c: f2:a7:9c:12:7d:4f:fe:5d:3c:a1:95:98:99:60:d5: 01:86:73:28:3c:f1:fb:78:06:83:a5:e7:0a:0a:84: 1d:8e:81:fa:7f:86:45:a2:12:fb:bd:be:73:dc:5e: f1:2c:66:20:b6:e6:50:53:52:82:d1:2b:bd:15:1e: fb:8d:cb:59:f8:1d:7a:8e:7e:83:de:f0:9d:7d:90: 30:db:00:4e:60:57:42:aa:a4:ae:a5:14:d6:51:5f: 96:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:5D:C7:7A:B4:C0:3A:43:3F:7C:7D:FD:26:51:AA:88:E0:03:50:D6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1e0f57b9-45cc-4cee-a7e3-b50359fea4bc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:8000::/40 Signature Algorithm: sha256WithRSAEncryption 6d:97:ce:2c:10:2c:dc:6e:02:ea:c9:ff:ea:77:5f:51:32:a3: 64:ae:8c:a4:78:4e:a6:45:81:0f:d0:c0:c4:ae:e3:0d:3b:aa: 80:59:54:57:dd:d5:36:62:7c:7a:7d:9d:fd:33:83:33:c1:51: b6:65:e8:f7:38:f3:6d:81:6e:89:3a:18:a1:63:cd:24:a5:b6: 1f:00:36:49:1c:72:35:09:8c:e8:bd:31:29:88:94:ff:34:d7: 50:bb:9f:fb:73:dc:83:13:5f:3b:54:17:ea:e7:bd:c5:b8:c5: 32:df:63:de:ee:b4:d1:a6:8d:93:57:ed:f1:9c:cc:94:d1:a7: 93:8c:38:15:f2:cb:fb:74:15:3e:e3:55:a1:93:80:2c:f9:1d: 03:62:41:90:47:87:e7:2c:a1:72:8d:da:0f:c3:37:59:68:36: b4:f3:0d:81:47:61:96:44:32:11:7c:39:f1:64:9b:36:aa:bd: c2:a0:0e:a3:f3:b5:8d:e0:d4:35:b2:aa:13:99:48:3f:c3:61: e2:66:a1:27:d1:15:56:9e:71:fd:1d:a5:3e:e0:7c:1b:f1:fc: e1:a7:50:86:67:14:3b:f1:01:ef:cb:4a:a6:d8:8a:c3:b8:72: 6d:0b:87:cb:44:6c:d8:f5:f5:a6:3b:08:c6:8f:5a:65:3d:39: dc:39:c1:f0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEKmPqJsuXc1TFDpt5nmtama8V+EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwMjAzOFoX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNANjZkMzJlN2IxMWFhOTIwNzI4MTZi YmJmZjM3YzdlMWIwY2M2ODI0OGNhMDUzOWJjMjVhMTI5MDI0OTYzZGIzMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4SeYyqx+vp+9HG8XDGUXltaAxtR HIwSE/mGpNYkbim1NjQkzBOtf/fGqRkBAV+9APVPaauN5OaeqmETLpGj/sZZnQWh QAfOC9BAGNaadFs4xIQ4K/ntTZUMLiGZNIBciVAbW4l7iTyaY1sSf6Et5PTpDUri HufyIPtF3yEyJQd0u7fOJxp3+pRf56XmEcSLx8IMrrD3re2RpEbrTuU5tXOIW4zy p5wSfU/+XTyhlZiZYNUBhnMoPPH7eAaDpecKCoQdjoH6f4ZFohL7vb5z3F7xLGYg tuZQU1KC0Su9FR77jctZ+B16jn6D3vCdfZAw2wBOYFdCqqSupRTWUV+WTwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKZdx3q0wDpDP3x9/SZRqojgA1DWMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFlMGY1N2I5LTQ1Y2MtNGNlZS1hN2UzLWI1MDM1OWZlYTRiYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacIAwDQYJKoZIhvcNAQELBQADggEBAG2XziwQLNxuAurJ/+p3 X1Eyo2SujKR4TqZFgQ/QwMSu4w07qoBZVFfd1TZifHp9nf0zgzPBUbZl6Pc4822B bok6GKFjzSSlth8ANkkccjUJjOi9MSmIlP8011C7n/tz3IMTXztUF+rnvcW4xTLf Y97utNGmjZNX7fGczJTRp5OMOBXyy/t0FT7jVaGTgCz5HQNiQZBHh+csoXKN2g/D N1loNrTzDYFHYZZEMhF8OfFkmzaqvcKgDqPztY3g1DWyqhOZSD/DYeJmoSfRFVae cf0dpT7gfBvx/OGnUIZnFDvxAe/LSqbYisO4cm0Lh8tEbNj19aY7CMaPWmU9Odw5 wfA= -----END CERTIFICATE-----Generated at Mon Aug 4 14:14:47 2025 by rpki-client