$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/20b65f51-27cd-433b-bcd7-610d4a586128.roa File: 20b65f51-27cd-433b-bcd7-610d4a586128.roa (raw, json) Hash identifier: mmkF8UUcFPPVMzuMla6RGP3QbpGBF3/fcf6XYElW24g= Subject key identifier: 05:17:1C:A8:2D:1B:C7:29:74:45:3B:08:F5:30:D3:74:6B:0E:CC:74 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 620EEA1076ED08A477268BFE89A500AA12213C0F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/20b65f51-27cd-433b-bcd7-610d4a586128.roa Signing time: Fri 01 Aug 2025 00:40:04 +0000 ROA not before: Fri 01 Aug 2025 00:40:04 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da17::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:0e:ea:10:76:ed:08:a4:77:26:8b:fe:89:a5:00:aa:12:21:3c:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:40:04 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=a7d34bac6af35014d417de8f2f4e636721cc07f96ee49f97b6fc6caf9158edb5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:39:db:a4:f6:90:fc:44:7b:c3:e3:b1:14:83: 77:32:1a:98:54:be:8c:76:fb:be:08:bc:df:c7:7a: cc:6e:69:79:81:da:ca:d9:11:fe:e0:ef:24:b6:f6: c4:39:9f:19:ec:aa:1b:5e:1d:a0:2b:4a:e6:6d:4b: 43:d8:0e:1e:e6:7f:55:54:e7:f3:90:79:76:63:27: e5:b2:d0:83:eb:1b:02:e2:b8:b1:f6:5c:3b:c4:13: cf:e6:3c:19:01:92:43:4c:92:96:14:42:96:c3:f9: 58:b9:67:25:9b:b2:34:2f:96:06:9a:7b:fb:dc:ab: d1:6d:25:a5:27:2c:9c:5b:6f:3a:83:22:f2:f8:0f: b4:7e:de:98:eb:f6:20:0a:aa:ad:35:5d:e1:27:fc: 61:2b:b4:38:31:00:46:1d:0c:6a:40:80:d8:e9:f1: b9:3b:24:72:4f:57:d8:ca:e6:b2:a9:3d:d8:2b:4c: 0c:84:e9:3a:a2:02:7e:c2:b0:4a:57:92:a9:67:fe: 08:97:1a:4b:0e:4d:47:6a:7f:12:6a:04:73:d3:6c: 51:56:e8:08:81:9d:3f:bf:1e:9f:a4:97:7c:0c:d5: ed:6e:ca:11:58:96:ab:1c:b5:3d:cc:c0:21:be:a7: bc:9d:0d:c1:3a:e9:26:24:b2:e4:ec:1c:78:af:8a: f4:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:17:1C:A8:2D:1B:C7:29:74:45:3B:08:F5:30:D3:74:6B:0E:CC:74 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/20b65f51-27cd-433b-bcd7-610d4a586128.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da17::/38 Signature Algorithm: sha256WithRSAEncryption 36:2e:fb:ca:85:22:9a:b7:23:2f:08:93:e3:27:0c:05:b6:78: 78:6f:fa:ba:6e:5c:e9:6b:4b:62:21:ec:05:d2:54:0f:b7:3f: 4d:61:53:d1:30:8c:a9:84:d4:d7:76:25:81:8f:44:d0:e5:4f: 68:fe:26:92:ce:3a:0e:25:7e:cb:8f:11:e4:94:68:9d:af:23: 90:a0:0d:03:de:ea:9c:6c:a3:54:47:55:10:ba:a4:6d:88:c0: 90:83:1b:f9:d1:ac:a0:85:51:a9:26:30:29:51:57:12:ec:1d: 40:e1:e6:94:3e:83:5e:8b:83:0f:17:2f:44:ce:2e:08:15:ca: 24:e1:94:98:62:6e:e9:42:9c:88:3d:d8:39:c1:7d:ec:68:2e: c8:9d:6f:01:17:f8:46:d3:94:74:45:9a:44:2e:4d:66:46:ae: 06:3e:b3:3b:a1:06:d3:4b:5b:52:3b:10:3d:49:68:61:23:9d: 66:8a:11:51:9a:55:8e:f6:b0:5d:3d:a9:cb:3a:7c:44:e8:4f: fc:aa:be:5e:78:cc:02:14:71:da:01:39:0c:07:57:2c:16:a1: b1:78:b8:b7:87:ed:0b:06:39:53:a4:6c:41:f5:b8:63:e4:b1: 1a:c2:ba:83:55:ae:d5:74:94:f0:2e:fb:dd:6c:08:ca:81:44: 0f:32:74:44 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUYg7qEHbtCKR3Jov+iaUAqhIhPA8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwNDAwNFoX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAYTdkMzRiYWM2YWYzNTAxNGQ0MTdk ZThmMmY0ZTYzNjcyMWNjMDdmOTZlZTQ5Zjk3YjZmYzZjYWY5MTU4ZWRiNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjnbpPaQ/ER7w+OxFIN3MhqYVL6M dvu+CLzfx3rMbml5gdrK2RH+4O8ktvbEOZ8Z7KobXh2gK0rmbUtD2A4e5n9VVOfz kHl2YyflstCD6xsC4rix9lw7xBPP5jwZAZJDTJKWFEKWw/lYuWclm7I0L5YGmnv7 3KvRbSWlJyycW286gyLy+A+0ft6Y6/YgCqqtNV3hJ/xhK7Q4MQBGHQxqQIDY6fG5 OyRyT1fYyuayqT3YK0wMhOk6ogJ+wrBKV5KpZ/4IlxpLDk1Han8SagRz02xRVugI gZ0/vx6fpJd8DNXtbsoRWJarHLU9zMAhvqe8nQ3BOukmJLLk7Bx4r4r0gwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAUXHKgtG8cpdEU7CPUw03RrDsx0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzIwYjY1ZjUxLTI3Y2QtNDMzYi1iY2Q3LTYxMGQ0YTU4NjEyOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaFwAwDQYJKoZIhvcNAQELBQADggEBADYu+8qFIpq3Iy8Ik+Mn DAW2eHhv+rpuXOlrS2Ih7AXSVA+3P01hU9EwjKmE1Nd2JYGPRNDlT2j+JpLOOg4l fsuPEeSUaJ2vI5CgDQPe6pxso1RHVRC6pG2IwJCDG/nRrKCFUakmMClRVxLsHUDh 5pQ+g16Lgw8XL0TOLggVyiThlJhibulCnIg92DnBfexoLsidbwEX+EbTlHRFmkQu TWZGrgY+szuhBtNLW1I7ED1JaGEjnWaKEVGaVY72sF09qcs6fEToT/yqvl54zAIU cdoBOQwHVywWobF4uLeH7QsGOVOkbEH1uGPksRrCuoNVrtV0lPAu+91sCMqBRA8y dEQ= -----END CERTIFICATE-----Generated at Mon Aug 4 15:00:52 2025 by rpki-client