$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3cf33701-1ea5-43c6-b291-763d0e06817e.roa File: 3cf33701-1ea5-43c6-b291-763d0e06817e.roa (raw, json) Hash identifier: oVmcr3/OGan/WxJ8sLpRz5zF6SeyeNqA9n4cH88044E= Subject key identifier: 9A:51:5E:C6:3B:E9:18:8C:12:5D:B9:C9:B9:2E:AB:2B:7A:D2:77:83 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 41B973460CED332558F4C357F14FBD5263396C1D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3cf33701-1ea5-43c6-b291-763d0e06817e.roa Signing time: Fri 01 Aug 2025 00:31:26 +0000 ROA not before: Fri 01 Aug 2025 00:31:26 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1c:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:b9:73:46:0c:ed:33:25:58:f4:c3:57:f1:4f:bd:52:63:39:6c:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:31:26 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=003d181512b8a66d81bcd2b44eed55041c08ec12caeda1380f37e7290f2af892, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:20:37:76:e8:48:60:01:a4:b0:05:3e:2d:59: 5e:45:4e:46:76:d3:48:ff:6d:83:25:6a:19:50:80: c0:80:ef:8f:de:1c:f8:b2:ca:b6:41:df:09:a6:eb: 94:b4:60:48:7c:ee:5a:30:47:9d:9b:dc:71:ef:48: 44:97:81:32:92:b4:ec:64:c1:20:ac:48:52:34:ee: 3d:2f:54:a7:8e:3f:01:27:95:5e:cb:e0:61:5b:d1: 77:97:c7:00:12:8b:07:e5:75:14:08:df:9b:34:70: a6:87:aa:f1:13:c8:b7:df:28:29:79:65:de:e7:47: 21:f4:8e:0a:1a:fa:56:57:91:44:50:8d:ec:db:c0: be:f9:72:32:37:bb:ae:be:b4:06:dd:07:90:68:9e: 8b:bc:54:9b:7e:13:d0:84:bb:a7:25:15:28:90:fe: e6:33:db:ce:f6:ad:28:af:09:c3:d8:87:c8:45:3a: f2:e7:b5:01:11:d5:b9:22:2b:18:07:4c:81:95:c5: 2f:c8:80:73:b9:fd:6f:98:31:26:b1:4b:11:69:ad: b0:6c:75:5c:2a:d2:d7:6b:a1:6e:7e:ee:56:49:3d: 91:49:fa:c2:00:c1:e6:7a:79:36:1d:fd:30:38:73: 6d:bd:ba:11:86:3a:ae:95:44:01:c9:e9:f6:e6:34: 9b:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:51:5E:C6:3B:E9:18:8C:12:5D:B9:C9:B9:2E:AB:2B:7A:D2:77:83 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3cf33701-1ea5-43c6-b291-763d0e06817e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1c:400::/38 Signature Algorithm: sha256WithRSAEncryption 28:8b:35:f5:97:54:29:95:e2:a2:e0:cd:27:14:cb:96:8b:ac: d4:50:18:1a:fd:94:b5:5a:dc:e5:cd:bd:36:e4:65:55:2a:5b: a5:fe:f7:d4:20:4f:b0:cf:c0:98:0e:96:47:a5:46:f0:42:8d: 43:b9:c3:21:56:77:4f:15:99:80:2f:95:7e:e6:dc:52:89:67: dd:5d:42:b8:c3:86:ac:4a:ce:b4:cb:67:19:78:2a:84:7a:bb: 02:c4:81:3d:18:be:9f:18:ca:2f:e9:0d:93:6e:b5:7c:3f:12: 50:dd:38:70:4c:04:94:39:ef:17:48:8e:b6:81:8c:77:4a:da: b9:e4:de:7c:56:e8:fc:e3:4a:59:14:68:93:34:16:84:37:4f: 25:21:c0:7c:35:9a:99:25:de:df:07:e2:dc:b7:46:1f:37:54: 58:19:4d:f1:a4:28:48:6d:2c:a3:07:28:33:d7:9a:a0:07:b6: 24:c2:cf:9d:fb:fb:4c:59:37:10:8a:d2:66:50:43:0f:58:4f: e7:66:86:38:c0:fd:a5:a4:8a:4a:80:6f:f1:e4:bd:eb:3b:78: 75:e6:09:62:b9:f5:b3:45:d0:d3:72:2a:92:15:11:e6:23:9d: 10:06:04:62:c3:7d:da:6e:6b:d0:03:40:39:a0:a6:ee:94:2b: bd:52:eb:ff -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQblzRgztMyVY9MNX8U+9UmM5bB0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwMzEyNloX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAMDAzZDE4MTUxMmI4YTY2ZDgxYmNk MmI0NGVlZDU1MDQxYzA4ZWMxMmNhZWRhMTM4MGYzN2U3MjkwZjJhZjg5MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSA3duhIYAGksAU+LVleRU5GdtNI /22DJWoZUIDAgO+P3hz4ssq2Qd8JpuuUtGBIfO5aMEedm9xx70hEl4EykrTsZMEg rEhSNO49L1Snjj8BJ5Vey+BhW9F3l8cAEosH5XUUCN+bNHCmh6rxE8i33ygpeWXe 50ch9I4KGvpWV5FEUI3s28C++XIyN7uuvrQG3QeQaJ6LvFSbfhPQhLunJRUokP7m M9vO9q0orwnD2IfIRTry57UBEdW5IisYB0yBlcUvyIBzuf1vmDEmsUsRaa2wbHVc KtLXa6Fufu5WST2RSfrCAMHmenk2Hf0wOHNtvboRhjqulUQByen25jSbnQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJpRXsY76RiMEl25ybkuqyt60neDMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNjZjMzNzAxLTFlYTUtNDNjNi1iMjkxLTc2M2QwZTA2ODE3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaHAQwDQYJKoZIhvcNAQELBQADggEBACiLNfWXVCmV4qLgzScU y5aLrNRQGBr9lLVa3OXNvTbkZVUqW6X+99QgT7DPwJgOlkelRvBCjUO5wyFWd08V mYAvlX7m3FKJZ91dQrjDhqxKzrTLZxl4KoR6uwLEgT0Yvp8Yyi/pDZNutXw/ElDd OHBMBJQ57xdIjraBjHdK2rnk3nxW6PzjSlkUaJM0FoQ3TyUhwHw1mpkl3t8H4ty3 Rh83VFgZTfGkKEhtLKMHKDPXmqAHtiTCz537+0xZNxCK0mZQQw9YT+dmhjjA/aWk ikqAb/Hkves7eHXmCWK59bNF0NNyKpIVEeYjnRAGBGLDfdpua9ADQDmgpu6UK71S 6/8= -----END CERTIFICATE-----Generated at Mon Aug 4 19:05:38 2025 by rpki-client