$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/38ae37ad-50db-4547-8df2-8cdcc56e5ca1.roa File: 38ae37ad-50db-4547-8df2-8cdcc56e5ca1.roa (raw, json) Hash identifier: r2IAUUPUs/mHW7ogBcT7nibSNcX6jH1HTs2I9btPKFA= Subject key identifier: 27:A3:1F:4E:5F:80:96:79:8F:52:D6:CC:57:E4:CD:41:65:2A:92:23 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6B2A657F0CA7176779BE53EA5893AB5AA946421E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/38ae37ad-50db-4547-8df2-8cdcc56e5ca1.roa Signing time: Fri 01 Aug 2025 00:30:40 +0000 ROA not before: Fri 01 Aug 2025 00:30:40 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:2a:65:7f:0c:a7:17:67:79:be:53:ea:58:93:ab:5a:a9:46:42:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:30:40 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=a44bdfa0cd8eb69e681bdc1c6c19c604bd4ec7e10a2a6bd4fb89ce56fef8efe7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:2c:d8:4b:f3:7f:cc:3f:9f:6f:10:8c:1a:2d: 40:14:ab:47:8b:12:4f:4c:94:c2:e2:1a:1c:f4:d5: 0a:6c:0e:57:ea:64:45:e9:29:c1:f1:b7:5a:0d:08: a5:55:6f:16:ca:a6:4b:46:e1:a8:1f:77:6f:e9:29: a8:fb:72:91:b8:f4:7f:f1:93:26:b3:0a:17:46:e7: 68:dd:54:f9:0d:f4:ef:87:d1:48:38:ed:4d:5b:81: 26:d9:45:52:49:74:93:e7:84:67:a2:ad:f6:23:50: b4:31:b5:03:85:7b:85:ad:22:30:b9:55:35:82:2e: d1:66:4f:a6:cc:b5:57:69:85:a7:52:4c:7d:4b:78: e8:bd:1c:b7:e0:93:2c:c6:6f:a6:b9:f2:8a:20:73: a5:21:d1:cb:a8:2b:51:16:ed:e7:00:3c:5d:f4:16: 26:a9:94:e5:81:72:41:37:43:40:8d:e0:c4:61:75: d6:a2:1d:fc:0a:47:f6:2f:7e:bf:1b:5b:bf:50:6d: e9:6f:6f:6c:83:07:d5:88:a6:f6:06:bd:8b:6b:57: a2:77:f3:d2:87:fb:72:fb:ec:b5:1f:1b:2e:58:a5: 2c:a2:ed:a9:7d:8c:cd:75:05:f5:7d:f3:81:1f:02: 8e:fc:6b:bb:ab:a7:af:cd:89:34:e0:f1:ba:25:6c: b3:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:A3:1F:4E:5F:80:96:79:8F:52:D6:CC:57:E4:CD:41:65:2A:92:23 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/38ae37ad-50db-4547-8df2-8cdcc56e5ca1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32::/32 Signature Algorithm: sha256WithRSAEncryption b0:bd:46:fb:df:cb:fd:90:32:ab:73:c9:1e:eb:21:63:d1:a0: 3c:c4:60:c6:87:1c:c2:d5:78:2c:ff:21:b8:82:c9:60:5e:4c: 6e:13:17:3a:be:7f:d0:a3:ca:45:5b:74:21:2e:04:e7:38:ff: ae:c2:ec:bf:09:bb:69:fe:f2:b0:56:c3:85:47:c5:32:94:c0: 7d:38:8a:0f:51:76:94:47:46:7f:44:f6:ac:f6:ca:58:3c:90: 0f:92:52:b0:5e:e4:61:77:8e:7b:6e:3c:ae:e0:09:d1:34:fc: 18:60:39:fc:51:93:92:01:32:98:06:85:fa:e8:59:2d:98:27: fa:3e:70:2c:3a:39:b7:97:ff:74:9b:e5:e6:e3:68:8f:7b:45: 7b:10:6d:04:a2:ed:01:20:5b:6d:92:36:9d:fb:1b:6b:5b:51: 84:a2:06:46:85:d8:46:0c:6c:d0:01:ae:63:e6:11:85:3b:35: f1:9a:45:93:57:b0:02:ce:a1:e6:f3:56:ae:68:b1:55:1b:67: 88:9d:a7:1a:f0:bc:3f:06:37:01:2c:b8:12:3d:3b:1b:b3:67: 3d:c6:d0:eb:ad:3d:c3:53:d5:3c:7f:19:45:f7:d2:01:e0:8a: f4:06:bb:95:c5:d3:bc:86:bf:48:ec:76:d7:7a:e3:55:1e:49: ce:53:dd:a2 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUayplfwynF2d5vlPqWJOrWqlGQh4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwMzA0MFoX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAYTQ0YmRmYTBjZDhlYjY5ZTY4MWJk YzFjNmMxOWM2MDRiZDRlYzdlMTBhMmE2YmQ0ZmI4OWNlNTZmZWY4ZWZlNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyzYS/N/zD+fbxCMGi1AFKtHixJP TJTC4hoc9NUKbA5X6mRF6SnB8bdaDQilVW8WyqZLRuGoH3dv6Smo+3KRuPR/8ZMm swoXRudo3VT5DfTvh9FIOO1NW4Em2UVSSXST54Rnoq32I1C0MbUDhXuFrSIwuVU1 gi7RZk+mzLVXaYWnUkx9S3jovRy34JMsxm+mufKKIHOlIdHLqCtRFu3nADxd9BYm qZTlgXJBN0NAjeDEYXXWoh38Ckf2L36/G1u/UG3pb29sgwfViKb2Br2La1eid/PS h/ty++y1HxsuWKUsou2pfYzNdQX1ffOBHwKO/Gu7q6evzYk04PG6JWyzUwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFCejH05fgJZ5j1LWzFfkzUFlKpIjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM4YWUzN2FkLTUwZGItNDU0Ny04ZGYyLThjZGNjNTZlNWNhMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbaMjANBgkqhkiG9w0BAQsFAAOCAQEAsL1G+9/L/ZAyq3PJHush Y9GgPMRgxoccwtV4LP8huILJYF5MbhMXOr5/0KPKRVt0IS4E5zj/rsLsvwm7af7y sFbDhUfFMpTAfTiKD1F2lEdGf0T2rPbKWDyQD5JSsF7kYXeOe248ruAJ0TT8GGA5 /FGTkgEymAaF+uhZLZgn+j5wLDo5t5f/dJvl5uNoj3tFexBtBKLtASBbbZI2nfsb a1tRhKIGRoXYRgxs0AGuY+YRhTs18ZpFk1ewAs6h5vNWrmixVRtniJ2nGvC8PwY3 ASy4Ej07G7NnPcbQ6609w1PVPH8ZRffSAeCK9Aa7lcXTvIa/SOx213rjVR5JzlPd og== -----END CERTIFICATE-----Generated at Mon Aug 4 14:04:20 2025 by rpki-client