$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/413a21d9-48ac-481c-9e81-c3f530176f78.roa File: 413a21d9-48ac-481c-9e81-c3f530176f78.roa (raw, json) Hash identifier: sV1ikfoVv4qwN5qcIzhOOr1PTdn6MrF8oT4Am48XO9k= Subject key identifier: 74:8B:06:36:DB:1B:F1:4B:F0:01:CB:12:49:BD:69:CF:9D:C0:51:C6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 22472B4BFEB6F5F3539875894DE59C2E02A2D5EC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/413a21d9-48ac-481c-9e81-c3f530176f78.roa Signing time: Fri 01 Aug 2025 00:40:56 +0000 ROA not before: Fri 01 Aug 2025 00:40:56 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da14:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:47:2b:4b:fe:b6:f5:f3:53:98:75:89:4d:e5:9c:2e:02:a2:d5:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:40:56 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=dbadb0725565ed97ad7c0aa98b437d69fb7e347ded5fe47a38cd4ce7944b67d4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:22:71:ba:49:f1:13:c6:11:ff:77:98:d3:ed: e3:05:43:37:3c:66:ea:3e:4a:ec:84:85:54:80:dd: f5:09:e3:a8:b6:14:bf:7e:0d:58:29:4f:f5:ad:29: b3:b6:b6:ac:f2:4a:d4:50:9d:65:c6:ef:f1:cf:de: 71:78:b0:65:11:0d:75:c6:c5:ba:65:29:24:45:88: 40:b5:ec:b0:e9:e9:ae:72:ee:00:c1:09:52:74:77: e3:16:59:98:d7:c0:a1:e6:19:47:3d:99:23:e7:4b: e2:24:d7:3f:cf:b6:c5:76:ad:33:84:45:91:8e:3e: 3c:db:fd:67:4a:13:22:68:c2:7b:38:a9:1c:2a:d4: 6d:68:a7:c8:f6:e7:60:ed:83:02:85:5f:29:ba:d7: d2:2c:8c:b4:5c:75:a0:df:b5:39:4f:68:4c:b5:72: 0e:20:26:1c:17:80:75:0e:b6:57:a4:a9:e0:92:1b: cf:86:78:75:cd:a2:06:1f:15:e9:a0:4a:c3:a9:42: 4c:82:da:1b:4c:7b:37:ed:7d:01:81:f4:cd:40:c3: 53:39:f6:d9:a6:7a:d5:4c:19:77:36:3c:b0:d0:11: 84:c0:27:ff:69:b6:14:94:19:d6:21:9c:f2:54:ad: 40:d0:2f:0e:7e:bc:88:84:cb:78:34:60:f1:84:d6: f0:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:8B:06:36:DB:1B:F1:4B:F0:01:CB:12:49:BD:69:CF:9D:C0:51:C6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/413a21d9-48ac-481c-9e81-c3f530176f78.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da14:800::/38 Signature Algorithm: sha256WithRSAEncryption 77:b5:6c:53:29:28:a9:f5:b6:1f:27:2c:9a:49:8f:05:3b:ed: 38:6f:a8:a7:0e:6c:70:ba:3f:71:8f:a4:f1:0c:b0:a8:41:bb: 17:ac:d3:bc:21:13:20:22:f6:a3:11:ef:8f:34:a7:d3:00:ec: 80:76:d9:b9:49:ea:ad:ac:05:cd:6c:53:78:85:e0:0e:d5:3c: 3d:48:8d:2e:19:6a:22:1a:bd:46:0f:b5:d7:ba:c1:93:4b:45: 68:9e:5b:7d:e8:88:ab:d1:8d:cc:2b:71:30:27:2e:ca:a8:c1: de:a8:be:2d:61:2c:f2:c8:a2:74:14:8e:13:ac:81:b7:3c:f9: 69:62:2e:75:cd:0e:53:88:f0:3e:d6:af:dc:fc:64:08:c3:5c: ce:2b:63:7c:17:58:76:3d:62:a3:d0:42:b5:1c:79:f2:f9:ad: e1:b0:1c:1f:05:87:27:c4:58:5e:1f:f1:2e:db:b4:5b:6a:90: 61:b1:a3:8a:b7:4a:a4:25:28:6a:8a:96:57:89:98:84:da:7d: 61:72:b4:0b:10:ca:51:91:b8:14:b9:02:78:64:81:e0:5f:4b: 75:0a:f6:cc:ba:a0:d4:98:5f:07:d9:43:76:6d:2b:3c:57:a5: 8b:e7:66:34:f6:1a:05:df:a6:b4:2f:4f:4e:45:b3:6f:21:77: 3f:c2:f8:d9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIkcrS/629fNTmHWJTeWcLgKi1ewwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwNDA1NloX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAZGJhZGIwNzI1NTY1ZWQ5N2FkN2Mw YWE5OGI0MzdkNjlmYjdlMzQ3ZGVkNWZlNDdhMzhjZDRjZTc5NDRiNjdkNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyJxuknxE8YR/3eY0+3jBUM3PGbq PkrshIVUgN31CeOothS/fg1YKU/1rSmztras8krUUJ1lxu/xz95xeLBlEQ11xsW6 ZSkkRYhAteyw6emucu4AwQlSdHfjFlmY18Ch5hlHPZkj50viJNc/z7bFdq0zhEWR jj482/1nShMiaMJ7OKkcKtRtaKfI9udg7YMChV8putfSLIy0XHWg37U5T2hMtXIO ICYcF4B1DrZXpKngkhvPhnh1zaIGHxXpoErDqUJMgtobTHs37X0BgfTNQMNTOfbZ pnrVTBl3Njyw0BGEwCf/abYUlBnWIZzyVK1A0C8OfryIhMt4NGDxhNbw9QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHSLBjbbG/FL8AHLEkm9ac+dwFHGMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQxM2EyMWQ5LTQ4YWMtNDgxYy05ZTgxLWMzZjUzMDE3NmY3OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaFAgwDQYJKoZIhvcNAQELBQADggEBAHe1bFMpKKn1th8nLJpJ jwU77ThvqKcObHC6P3GPpPEMsKhBuxes07whEyAi9qMR7480p9MA7IB22blJ6q2s Bc1sU3iF4A7VPD1IjS4ZaiIavUYPtde6wZNLRWieW33oiKvRjcwrcTAnLsqowd6o vi1hLPLIonQUjhOsgbc8+WliLnXNDlOI8D7Wr9z8ZAjDXM4rY3wXWHY9YqPQQrUc efL5reGwHB8FhyfEWF4f8S7btFtqkGGxo4q3SqQlKGqKlleJmITafWFytAsQylGR uBS5AnhkgeBfS3UK9sy6oNSYXwfZQ3ZtKzxXpYvnZjT2GgXfprQvT05Fs28hdz/C +Nk= -----END CERTIFICATE-----Generated at Mon Aug 4 18:58:01 2025 by rpki-client