$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/326b5e17-ace3-4579-8ae9-5219c81c9034.roa File: 326b5e17-ace3-4579-8ae9-5219c81c9034.roa (raw, json) Hash identifier: KFAbfUgEv4nz/DYR2IaQEAu482j427sfjZa4LydQgBY= Subject key identifier: 4F:47:7F:CE:2D:2C:CC:DE:5C:20:F4:F4:98:06:92:D6:AE:2C:34:25 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 07798EE77C19E3BA38A2D7F37B605A0445C05ACF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/326b5e17-ace3-4579-8ae9-5219c81c9034.roa Signing time: Wed 23 Jul 2025 00:00:09 +0000 ROA not before: Wed 23 Jul 2025 00:00:09 +0000 ROA not after: Wed 27 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da2e::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:79:8e:e7:7c:19:e3:ba:38:a2:d7:f3:7b:60:5a:04:45:c0:5a:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 23 00:00:09 2025 GMT Not After : Aug 27 23:59:59 2025 GMT Subject: serialNumber=f259c932176d3a3f4d4ac83f4d7d47068a4a0c26a1509a6e1a6872b2ba1be622, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:d2:16:f0:9b:c5:71:ec:65:8a:a5:5d:2e:e4: a4:b3:53:a8:f4:c3:b8:b5:bd:28:df:17:02:16:09: 6b:10:ca:75:b8:e6:65:c4:c2:1b:b5:c5:cb:6f:05: 6a:c7:8e:f9:94:7e:7b:ec:cd:ca:9e:31:c1:08:51: 57:c4:a6:f7:85:62:0d:11:82:b1:bb:5f:01:b8:52: 34:c8:c4:ae:a6:58:23:0a:4e:51:1c:88:3a:ff:71: 75:46:d1:cc:46:99:d3:02:99:3f:4f:e1:7f:07:5e: 9d:5d:3c:53:7a:0d:a5:4e:26:f3:4c:ea:b9:0f:c3: 21:56:bd:c1:70:19:e6:94:6d:eb:53:06:0c:87:ef: 4d:13:f6:98:79:2c:8e:3f:d0:76:bc:fa:b8:01:05: e3:3d:62:af:71:77:75:93:21:75:84:b6:2d:2a:2b: 67:04:eb:ac:c6:a7:e9:01:64:39:22:87:da:3e:2c: cb:1e:02:6c:79:b6:47:8e:f0:76:cb:02:f0:90:ac: a6:12:b9:58:f8:cc:2c:c6:e4:7e:c1:d5:e7:2d:3f: 08:12:36:17:d7:f4:27:27:56:46:c0:83:cb:0e:48: 76:7e:c7:23:e0:fa:24:0c:f0:ec:d7:9b:4d:04:b1: ad:f0:7d:fb:dd:ae:4f:eb:ac:32:27:3e:16:02:d0: e0:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:47:7F:CE:2D:2C:CC:DE:5C:20:F4:F4:98:06:92:D6:AE:2C:34:25 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/326b5e17-ace3-4579-8ae9-5219c81c9034.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da2e::/36 Signature Algorithm: sha256WithRSAEncryption b3:43:18:9c:63:32:4f:31:e0:dd:0f:24:a4:53:2d:c1:6d:4a: c2:57:40:e5:e5:c0:28:d3:ae:a9:59:17:45:3c:07:0b:fc:1c: 0b:ae:99:99:6c:27:a6:56:f6:bb:10:47:a0:b5:a2:d3:f1:ac: 76:a4:79:06:d8:98:53:20:f6:ef:f5:a0:56:dc:71:16:c8:41: c7:b9:92:07:d2:a8:70:6a:a7:48:ea:b5:d4:63:17:c9:ba:a8: b4:88:60:87:59:5b:f6:59:ef:21:73:f7:b4:69:0a:b0:ce:52: 30:5f:b1:65:04:69:13:68:eb:df:ba:e8:5b:66:62:66:8f:80: fe:46:1b:47:95:98:3c:c2:5e:b4:d8:3d:17:ea:a9:ab:45:37: 2c:0f:96:0c:95:51:28:06:41:71:8f:94:0f:c7:1d:4e:ca:a9: 7d:c1:9b:06:eb:8d:9f:de:eb:2f:da:75:12:c6:79:ef:10:58: 64:0c:36:3b:89:db:50:2b:ef:8d:d5:83:9e:36:a5:05:d2:b3: 18:9f:38:d5:d0:28:d2:25:65:43:af:96:37:98:2c:0d:5f:b0: 29:64:29:92:0f:2c:bd:2b:86:7a:f3:43:9b:83:2b:2c:d1:72: dd:d5:57:4b:68:ce:f9:fd:4d:8e:1f:40:46:17:65:09:a0:cb: 07:0b:a5:f3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUB3mO53wZ47o4otfze2BaBEXAWs8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMzAwMDAwOVoX DTI1MDgyNzIzNTk1OVowejFJMEcGA1UEBRNAZjI1OWM5MzIxNzZkM2EzZjRkNGFj ODNmNGQ3ZDQ3MDY4YTRhMGMyNmExNTA5YTZlMWE2ODcyYjJiYTFiZTYyMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdIW8JvFcexliqVdLuSks1Oo9MO4 tb0o3xcCFglrEMp1uOZlxMIbtcXLbwVqx475lH577M3KnjHBCFFXxKb3hWINEYKx u18BuFI0yMSuplgjCk5RHIg6/3F1RtHMRpnTApk/T+F/B16dXTxTeg2lTibzTOq5 D8MhVr3BcBnmlG3rUwYMh+9NE/aYeSyOP9B2vPq4AQXjPWKvcXd1kyF1hLYtKitn BOusxqfpAWQ5IofaPizLHgJsebZHjvB2ywLwkKymErlY+MwsxuR+wdXnLT8IEjYX 1/QnJ1ZGwIPLDkh2fscj4PokDPDs15tNBLGt8H373a5P66wyJz4WAtDg8wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFE9Hf84tLMzeXCD09JgGktauLDQlMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyNmI1ZTE3LWFjZTMtNDU3OS04YWU5LTUyMTljODFjOTAzNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaLgAwDQYJKoZIhvcNAQELBQADggEBALNDGJxjMk8x4N0PJKRT LcFtSsJXQOXlwCjTrqlZF0U8Bwv8HAuumZlsJ6ZW9rsQR6C1otPxrHakeQbYmFMg 9u/1oFbccRbIQce5kgfSqHBqp0jqtdRjF8m6qLSIYIdZW/ZZ7yFz97RpCrDOUjBf sWUEaRNo69+66FtmYmaPgP5GG0eVmDzCXrTYPRfqqatFNywPlgyVUSgGQXGPlA/H HU7KqX3BmwbrjZ/e6y/adRLGee8QWGQMNjuJ21Ar743Vg542pQXSsxifONXQKNIl ZUOvljeYLA1fsClkKZIPLL0rhnrzQ5uDKyzRct3VV0tozvn9TY4fQEYXZQmgywcL pfM= -----END CERTIFICATE-----Generated at Mon Aug 4 22:21:33 2025 by rpki-client