$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2a177984-44c1-4fc1-97dc-e08be80f4299.roa File: 2a177984-44c1-4fc1-97dc-e08be80f4299.roa (raw, json) Hash identifier: RiNcAsB+XtT6Eq9NtQNTJ4ijBg4v7r1MzmvNkY3vPSo= Subject key identifier: 0C:EE:27:54:6C:5D:32:5C:F4:EE:01:38:62:33:5B:D2:67:11:9C:63 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 09D7B43EEFEE4EF79AB1EAA3D375B3114BB9F7C0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2a177984-44c1-4fc1-97dc-e08be80f4299.roa Signing time: Mon 21 Jul 2025 15:10:08 +0000 ROA not before: Mon 21 Jul 2025 15:10:08 +0000 ROA not after: Mon 25 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:4840::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:d7:b4:3e:ef:ee:4e:f7:9a:b1:ea:a3:d3:75:b3:11:4b:b9:f7:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 21 15:10:08 2025 GMT Not After : Aug 25 23:59:59 2025 GMT Subject: serialNumber=ad5c137a160ba38c7fb638b3478c1aff67c934e7dc641c1af2caeee5d2708e71, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:92:60:e2:9e:53:65:cf:73:3d:5c:f1:38:1d: 0b:31:9b:87:de:09:1f:68:83:b9:05:00:34:7c:71: f2:5a:8d:5f:66:71:03:1f:2e:f8:ca:49:76:c7:85: b1:d2:38:40:cb:28:fe:8a:5a:0d:c4:d8:9f:f9:bb: c5:f7:0b:05:4d:f1:86:51:ad:35:f2:78:4a:b5:98: 01:7e:a7:25:2c:e2:3c:41:68:15:cb:92:ad:93:2b: c2:11:1e:2c:b8:7b:cc:12:4c:d4:c6:73:d6:37:28: f3:86:15:fd:c4:09:46:8a:74:6f:a0:b8:2d:79:68: 7b:13:79:e9:c1:7e:61:46:9a:6c:db:0a:47:2b:71: fe:0f:d5:f1:05:7c:c4:90:b7:1c:c8:fa:d2:3c:d7: fd:67:cc:1d:d1:bc:e0:63:51:cc:a6:f6:d1:87:aa: ee:94:e0:f4:2a:3a:fe:38:04:43:10:1b:25:c8:76: 86:82:ac:d7:64:d9:d0:cf:f3:c5:a7:22:a4:52:86: 56:c3:de:d5:7b:80:bb:58:ac:c4:58:90:e7:7e:51: fc:c1:74:6b:cc:b0:ba:10:ab:77:b4:eb:6e:a3:1d: 92:44:e3:4c:d4:16:5a:e0:eb:e9:6f:c4:b9:42:36: e2:5f:40:03:c1:05:32:76:24:8b:1f:03:d3:88:0d: 43:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:EE:27:54:6C:5D:32:5C:F4:EE:01:38:62:33:5B:D2:67:11:9C:63 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2a177984-44c1-4fc1-97dc-e08be80f4299.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:4840::/46 Signature Algorithm: sha256WithRSAEncryption 7e:15:c2:ca:07:d7:72:85:c6:1d:bb:57:95:3b:5c:3b:50:cf: 63:b4:ab:48:00:17:78:20:1e:40:d7:fb:73:85:c4:da:6b:85: e2:d2:98:d7:38:71:9b:e9:91:66:8e:16:9b:87:5e:81:e7:22: 32:d0:fb:2b:62:13:a1:37:ca:de:3f:05:d2:07:62:35:1e:33: 6c:ca:04:b8:96:82:53:fd:d0:3a:9e:81:c1:fa:86:a1:4a:a1: 07:ca:e5:a4:5d:c7:d2:9b:91:af:c8:c3:01:df:b9:d4:76:88: 42:e3:b0:02:ac:5f:80:3d:f0:c7:ac:98:b9:fc:78:e9:0d:2a: 93:9f:8a:b0:39:eb:5e:f8:82:ba:55:78:32:56:a5:25:ef:20: 78:af:10:83:4d:b2:b6:81:ed:38:07:2c:cf:1d:03:dc:9f:a3: da:03:b0:12:c6:12:37:1d:6e:a7:32:2c:70:8a:90:ee:69:49: e0:10:3a:d5:ed:9c:a0:25:3f:d7:42:ce:e9:27:76:bf:27:65: e2:a7:14:e6:98:72:f5:05:ca:52:54:09:9f:41:9e:db:f3:2e: e6:b1:36:a2:34:e0:43:32:a0:86:af:43:58:8a:aa:c5:5a:fc: f3:93:1b:e8:1d:6c:08:c5:4a:98:2f:94:1f:c3:be:d6:0d:dc: 82:52:4b:10 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUCde0Pu/uTveaseqj03WzEUu598AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMTE1MTAwOFoX DTI1MDgyNTIzNTk1OVowejFJMEcGA1UEBRNAYWQ1YzEzN2ExNjBiYTM4YzdmYjYz OGIzNDc4YzFhZmY2N2M5MzRlN2RjNjQxYzFhZjJjYWVlZTVkMjcwOGU3MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5Jg4p5TZc9zPVzxOB0LMZuH3gkf aIO5BQA0fHHyWo1fZnEDHy74ykl2x4Wx0jhAyyj+iloNxNif+bvF9wsFTfGGUa01 8nhKtZgBfqclLOI8QWgVy5KtkyvCER4suHvMEkzUxnPWNyjzhhX9xAlGinRvoLgt eWh7E3npwX5hRpps2wpHK3H+D9XxBXzEkLccyPrSPNf9Z8wd0bzgY1HMpvbRh6ru lOD0Kjr+OARDEBslyHaGgqzXZNnQz/PFpyKkUoZWw97Ve4C7WKzEWJDnflH8wXRr zLC6EKt3tOtuox2SRONM1BZa4Ovpb8S5QjbiX0ADwQUydiSLHwPTiA1DzQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAzuJ1RsXTJc9O4BOGIzW9JnEZxjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJhMTc3OTg0LTQ0YzEtNGZjMS05N2RjLWUwOGJlODBmNDI5OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba80hAMA0GCSqGSIb3DQEBCwUAA4IBAQB+FcLKB9dyhcYdu1eV O1w7UM9jtKtIABd4IB5A1/tzhcTaa4Xi0pjXOHGb6ZFmjhabh16B5yIy0PsrYhOh N8rePwXSB2I1HjNsygS4loJT/dA6noHB+oahSqEHyuWkXcfSm5GvyMMB37nUdohC 47ACrF+APfDHrJi5/HjpDSqTn4qwOete+IK6VXgyVqUl7yB4rxCDTbK2ge04ByzP HQPcn6PaA7ASxhI3HW6nMixwipDuaUngEDrV7ZygJT/XQs7pJ3a/J2XipxTmmHL1 BcpSVAmfQZ7b8y7msTaiNOBDMqCGr0NYiqrFWvzzkxvoHWwIxUqYL5Qfw77WDdyC UksQ -----END CERTIFICATE-----Generated at Mon Aug 4 14:45:22 2025 by rpki-client