$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/442fee67-f3d9-4889-94d4-2a3b8bb5cfac.roa File: 442fee67-f3d9-4889-94d4-2a3b8bb5cfac.roa (raw, json) Hash identifier: igsWp6ai5fj317bScsebOsMKf5i9osPDiMgsMtgiBdE= Subject key identifier: E8:4C:EA:04:3F:54:C6:D4:FF:8B:31:BE:67:0A:29:51:F5:09:C5:75 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 05F9BD9B1AB0FDA31CB1374AD162A682B9A5D9A0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/442fee67-f3d9-4889-94d4-2a3b8bb5cfac.roa Signing time: Fri 01 Aug 2025 00:00:57 +0000 ROA not before: Fri 01 Aug 2025 00:00:57 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:8800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:f9:bd:9b:1a:b0:fd:a3:1c:b1:37:4a:d1:62:a6:82:b9:a5:d9:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:00:57 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=3c8786fdefd6dddad634aef033a0d9f97914ee0d460c1d696910dddab3c9b487, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:95:de:69:a8:09:b3:42:c0:d5:bf:35:fe:a1: 2a:80:23:92:80:2f:b4:9e:9a:94:b7:aa:93:23:47: 1e:b1:26:66:f1:bd:d8:32:c6:ab:ab:f7:0f:2b:26: 2b:4b:4b:6f:d5:29:45:2b:a7:f4:79:e0:13:fd:fb: 7b:51:a4:e7:85:b4:0a:d5:54:a5:29:86:f6:fb:40: 8c:39:bb:52:5f:52:4a:f3:79:8d:98:a4:2f:ae:a7: 3f:a3:8b:c6:c6:47:d2:2a:29:2d:63:17:d6:2b:8f: 88:7d:fe:6b:73:d7:7e:41:0a:57:01:04:61:93:f4: c3:08:94:81:08:32:37:c0:b8:a5:6a:48:58:8f:9f: f0:59:b8:f0:2b:3b:d0:a0:8a:ff:48:17:a8:b4:f8: f0:61:70:1f:ea:4c:e0:48:a4:3d:7a:2c:b6:f5:d7: f9:91:6e:08:61:6f:5c:5a:b8:ad:5a:33:52:ed:f4: 12:fe:6f:ca:7d:ba:f5:c4:63:31:c7:15:c6:05:d4: c0:eb:70:b7:dc:4a:b0:cc:1c:62:4c:b1:4d:4e:1b: 75:4c:93:a0:29:4f:28:f9:d5:c7:6d:6b:e0:af:2e: b3:c3:2e:f5:5b:5d:2c:74:06:51:43:79:fb:ba:b4: 4c:07:db:2b:30:75:71:1f:96:a0:81:e8:18:0b:d7: 51:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:4C:EA:04:3F:54:C6:D4:FF:8B:31:BE:67:0A:29:51:F5:09:C5:75 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/442fee67-f3d9-4889-94d4-2a3b8bb5cfac.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:8800::/40 Signature Algorithm: sha256WithRSAEncryption 71:5e:8e:d8:20:07:05:65:12:b1:e0:32:12:fd:a8:62:8c:b6: c8:61:92:71:c2:c4:f9:fa:57:bb:9b:91:eb:2e:d7:af:7f:62: 63:44:30:1a:22:c1:b2:30:b0:83:fc:52:ef:58:08:3d:7a:25: bb:1c:3e:5e:1b:78:eb:6a:0a:f0:de:54:02:cc:4b:5e:4e:f3: 7f:37:02:d5:4c:9b:0b:55:67:84:42:90:d0:2d:eb:51:4a:c8: 28:07:2a:30:69:fe:09:ed:fa:ff:38:7b:b0:7d:6e:62:39:22: c5:70:e6:ad:5b:91:dd:1c:52:b6:ec:a4:03:17:83:e7:84:76: 95:25:33:54:e6:22:d0:af:21:bc:bc:ca:f5:2e:1c:f2:9a:5b: 5b:89:03:ae:99:ed:d4:03:d9:dd:41:cc:89:71:32:cb:f5:fd: 52:7b:52:12:09:70:10:23:e0:00:6a:8d:24:94:e9:e8:0c:d4: 94:eb:23:ff:a0:cb:48:cc:2a:c9:14:63:41:63:03:64:4c:00: 20:8c:5e:ca:99:96:2a:fd:34:8e:9e:69:f5:13:bb:c2:fd:b8: ce:f0:f6:07:de:21:2b:91:99:21:cd:63:24:cc:86:ce:ab:64: e9:d0:57:55:63:5a:f1:cc:c7:c4:36:9f:4f:59:68:89:b2:18: 34:17:0a:b4 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBfm9mxqw/aMcsTdK0WKmgrml2aAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwMDA1N1oX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAM2M4Nzg2ZmRlZmQ2ZGRkYWQ2MzRh ZWYwMzNhMGQ5Zjk3OTE0ZWUwZDQ2MGMxZDY5NjkxMGRkZGFiM2M5YjQ4NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZXeaagJs0LA1b81/qEqgCOSgC+0 npqUt6qTI0cesSZm8b3YMsarq/cPKyYrS0tv1SlFK6f0eeAT/ft7UaTnhbQK1VSl KYb2+0CMObtSX1JK83mNmKQvrqc/o4vGxkfSKiktYxfWK4+Iff5rc9d+QQpXAQRh k/TDCJSBCDI3wLilakhYj5/wWbjwKzvQoIr/SBeotPjwYXAf6kzgSKQ9eiy29df5 kW4IYW9cWritWjNS7fQS/m/Kfbr1xGMxxxXGBdTA63C33EqwzBxiTLFNTht1TJOg KU8o+dXHbWvgry6zwy71W10sdAZRQ3n7urRMB9srMHVxH5aggegYC9dRewIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOhM6gQ/VMbU/4sxvmcKKVH1CcV1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ0MmZlZTY3LWYzZDktNDg4OS05NGQ0LTJhM2I4YmI1Y2ZhYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8YgwDQYJKoZIhvcNAQELBQADggEBAHFejtggBwVlErHgMhL9 qGKMtshhknHCxPn6V7ubkesu169/YmNEMBoiwbIwsIP8Uu9YCD16JbscPl4beOtq CvDeVALMS15O8383AtVMmwtVZ4RCkNAt61FKyCgHKjBp/gnt+v84e7B9bmI5IsVw 5q1bkd0cUrbspAMXg+eEdpUlM1TmItCvIby8yvUuHPKaW1uJA66Z7dQD2d1BzIlx Msv1/VJ7UhIJcBAj4ABqjSSU6egM1JTrI/+gy0jMKskUY0FjA2RMACCMXsqZlir9 NI6eafUTu8L9uM7w9gfeISuRmSHNYyTMhs6rZOnQV1VjWvHMx8Q2n09ZaImyGDQX CrQ= -----END CERTIFICATE-----Generated at Mon Aug 4 14:46:13 2025 by rpki-client