$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24cd5ed4-3b35-4d90-8e44-d72d219dc120.roa File: 24cd5ed4-3b35-4d90-8e44-d72d219dc120.roa (raw, json) Hash identifier: Jv9K4d/BdvRtm5DEOyF81kpNiLmBbwapHQUxLs1/9Q8= Subject key identifier: F2:9E:BA:3F:27:92:D9:D9:A4:9C:A1:6F:C5:33:EB:73:99:0A:D0:3D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 22FF352104AFB1AA606109D2CCA303A0A039329F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24cd5ed4-3b35-4d90-8e44-d72d219dc120.roa Signing time: Fri 01 Aug 2025 00:20:09 +0000 ROA not before: Fri 01 Aug 2025 00:20:09 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:6000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:ff:35:21:04:af:b1:aa:60:61:09:d2:cc:a3:03:a0:a0:39:32:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:20:09 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=b70ddfe0263ccc0341e9f104a7fb6bcc01131f5f1117ce647a9f60df6565d391, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:88:a8:f8:d1:54:cf:ab:ba:dd:05:e0:5a:b7: b7:4a:28:e0:ef:de:04:6f:f4:1f:55:ce:c5:9e:f4: 13:c1:f5:f5:f7:7b:30:70:2b:12:48:5a:fc:08:f4: a5:cf:8c:eb:64:f8:3a:e2:8b:f4:b5:aa:7b:64:5d: 79:e6:ab:d8:fa:82:f7:2d:ba:b3:81:7c:55:de:76: 99:59:d7:73:cb:27:ec:ed:96:2b:7e:1e:30:c9:a7: 03:07:77:7b:42:38:13:e3:ca:91:ee:13:b2:39:7c: 95:ca:e8:63:81:b9:ec:b5:16:49:1f:44:0c:fc:28: d2:56:47:b8:7c:c4:cb:7a:6e:d3:6e:71:ab:33:c6: 82:9c:df:7a:32:12:1b:fc:25:1a:51:b3:66:ba:d5: 33:cc:42:fc:fd:39:e7:fd:fd:2b:40:f8:61:af:c1: 51:09:4e:d5:46:5c:4c:f2:f5:a5:78:be:b5:7d:8a: 4d:1e:ac:66:4e:80:83:cf:0d:6c:08:43:44:e3:62: 99:18:d4:7b:a1:74:32:1d:f6:f5:a9:64:f6:8e:b5: 0a:e6:65:14:d4:2d:29:54:57:03:ad:ec:fe:51:b9: 17:06:62:3f:63:73:df:9b:21:70:27:4e:b2:61:e3: a0:a9:20:2c:91:cd:35:03:2f:4d:30:93:00:2f:aa: 95:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:9E:BA:3F:27:92:D9:D9:A4:9C:A1:6F:C5:33:EB:73:99:0A:D0:3D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24cd5ed4-3b35-4d90-8e44-d72d219dc120.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:6000::/40 Signature Algorithm: sha256WithRSAEncryption 06:c3:45:bc:03:42:c2:1c:6e:6e:4b:5d:ba:12:35:72:43:38: 1e:0b:ba:ab:d0:63:f0:e8:0c:89:01:8e:84:bd:22:1d:fb:96: d9:6d:12:44:ae:6a:06:4d:b4:0a:fa:3f:71:bd:4c:6c:8c:a0: 46:63:a2:17:9f:15:52:35:c4:ff:ea:65:c9:3a:fa:11:b3:c3: 8e:fa:e2:fe:2c:da:94:9d:6b:26:11:4c:28:c5:e7:2b:a5:2a: 57:a4:b3:60:a7:1c:67:e6:82:4b:c6:6b:e1:0c:e2:6d:36:d0: b8:3d:b8:31:1a:e3:c1:9a:2f:61:b2:01:99:2e:df:4d:2e:2f: c1:41:e5:87:45:ce:3a:c8:d3:fb:05:05:64:1c:29:c8:1d:49: 87:94:25:23:2d:ae:de:e0:34:5e:6a:9d:c0:2d:30:86:7a:a7: 85:bb:67:fb:5c:e4:67:41:29:73:78:ae:81:ad:c1:9e:0e:b4: 72:e5:42:2d:4f:a6:65:db:23:46:0d:55:3b:8b:b8:76:9a:1d: 37:b9:8d:bc:c3:28:29:0d:15:ab:15:6d:aa:fd:07:f5:93:5d: 18:9b:b5:ed:0b:76:1f:df:88:ed:d6:4f:5b:52:49:b9:ed:37: 8f:c3:40:1b:ad:83:6a:74:87:82:10:87:02:c9:e3:fb:90:5f: 91:ec:b9:1e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIv81IQSvsapgYQnSzKMDoKA5Mp8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwMjAwOVoX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAYjcwZGRmZTAyNjNjY2MwMzQxZTlm MTA0YTdmYjZiY2MwMTEzMWY1ZjExMTdjZTY0N2E5ZjYwZGY2NTY1ZDM5MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroio+NFUz6u63QXgWre3Sijg794E b/QfVc7FnvQTwfX193swcCsSSFr8CPSlz4zrZPg64ov0tap7ZF155qvY+oL3Lbqz gXxV3naZWddzyyfs7ZYrfh4wyacDB3d7QjgT48qR7hOyOXyVyuhjgbnstRZJH0QM /CjSVke4fMTLem7TbnGrM8aCnN96MhIb/CUaUbNmutUzzEL8/Tnn/f0rQPhhr8FR CU7VRlxM8vWleL61fYpNHqxmToCDzw1sCENE42KZGNR7oXQyHfb1qWT2jrUK5mUU 1C0pVFcDrez+UbkXBmI/Y3PfmyFwJ06yYeOgqSAskc01Ay9NMJMAL6qViwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPKeuj8nktnZpJyhb8Uz63OZCtA9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI0Y2Q1ZWQ0LTNiMzUtNGQ5MC04ZTQ0LWQ3MmQyMTlkYzEyMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMmAwDQYJKoZIhvcNAQELBQADggEBAAbDRbwDQsIcbm5LXboS NXJDOB4LuqvQY/DoDIkBjoS9Ih37ltltEkSuagZNtAr6P3G9TGyMoEZjohefFVI1 xP/qZck6+hGzw4764v4s2pSdayYRTCjF5yulKleks2CnHGfmgkvGa+EM4m020Lg9 uDEa48GaL2GyAZku300uL8FB5YdFzjrI0/sFBWQcKcgdSYeUJSMtrt7gNF5qncAt MIZ6p4W7Z/tc5GdBKXN4roGtwZ4OtHLlQi1PpmXbI0YNVTuLuHaaHTe5jbzDKCkN FasVbar9B/WTXRibte0Ldh/fiO3WT1tSSbntN4/DQButg2p0h4IQhwLJ4/uQX5Hs uR4= -----END CERTIFICATE-----Generated at Mon Aug 4 16:06:55 2025 by rpki-client