$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/46bb148e-b1fe-4d40-9bbe-51d7ced3806f.roa File: 46bb148e-b1fe-4d40-9bbe-51d7ced3806f.roa (raw, json) Hash identifier: L3nV8wWNAvR4cnc3ZHtoClDFdFUAj4+KXeg+rVU3fxE= Subject key identifier: 7B:6B:19:41:1F:12:9E:5A:5C:CA:A8:23:E4:0B:96:64:62:5A:83:3C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 16B1998C967CB2694F784351A4E46648067AD7A6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/46bb148e-b1fe-4d40-9bbe-51d7ced3806f.roa Signing time: Mon 21 Jul 2025 15:00:17 +0000 ROA not before: Mon 21 Jul 2025 15:00:17 +0000 ROA not after: Mon 25 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:90c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:b1:99:8c:96:7c:b2:69:4f:78:43:51:a4:e4:66:48:06:7a:d7:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 21 15:00:17 2025 GMT Not After : Aug 25 23:59:59 2025 GMT Subject: serialNumber=587517d443bb4f047888a2b10e17000fae75241dc4e61514b01cb83fdbb5a48c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:0f:f0:45:8a:b8:c8:83:82:65:1e:3b:32:a2: 3e:32:9c:a8:95:64:d3:5e:47:05:62:55:61:71:fb: 54:92:e5:08:7b:c4:6c:c6:a9:c9:c1:c4:d0:80:0f: e5:86:81:ec:0b:8f:06:66:8b:2b:0f:0e:86:32:bf: 0c:39:29:63:a8:5d:81:58:0d:2c:f5:99:eb:d5:9b: 75:89:a0:b1:a7:85:43:bc:4a:14:ee:b0:d8:4a:e8: d8:73:cd:84:24:7d:3a:5e:dc:12:e6:25:fd:f9:bc: d0:f1:79:da:de:b8:cd:b4:c2:e0:e0:9e:33:45:d3: d3:55:0b:ad:c9:14:b5:cd:6c:c0:2e:b6:81:de:fd: b6:4f:ae:80:6a:83:6d:92:c8:1d:ab:22:ae:c1:4b: a5:75:81:74:04:5a:fc:d0:4d:19:32:a7:f7:8d:bf: 9a:26:18:ef:f5:87:81:d7:2a:fa:ea:25:92:b7:f2: ac:91:40:3d:93:fd:3f:14:e4:9c:26:34:22:8c:19: 5f:96:43:d3:6b:d6:58:fd:c4:1c:cb:91:99:42:62: f0:db:77:f3:f5:36:80:df:90:2a:a9:55:b2:b5:0f: 05:e0:87:c2:93:98:12:bb:cd:1f:b4:22:1d:52:6e: 10:5d:a5:ee:68:35:64:d0:54:e1:f3:1d:a3:9f:83: c1:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:6B:19:41:1F:12:9E:5A:5C:CA:A8:23:E4:0B:96:64:62:5A:83:3C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/46bb148e-b1fe-4d40-9bbe-51d7ced3806f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:90c0::/46 Signature Algorithm: sha256WithRSAEncryption 4c:36:21:23:7c:72:f7:42:dd:2b:d4:16:f8:f9:8d:59:e2:24: 5c:39:05:91:d8:1b:8c:9d:72:53:13:d2:5a:f5:4c:59:d9:86: e5:1e:52:01:7a:44:01:ec:ff:1d:96:0d:80:65:fe:a4:b1:d7: 2f:b9:1c:fa:ed:cf:68:81:d5:61:7b:e8:3d:73:e4:60:64:f1: 92:12:3a:1d:c2:9e:91:f6:6f:17:c3:d7:51:b6:03:25:13:59: 43:9a:2c:ac:eb:e8:39:a1:22:ac:49:f0:3b:d0:39:ec:02:41: 60:6f:1f:91:24:a7:46:31:32:43:5a:d0:38:c6:05:62:63:94: 30:28:84:69:d9:a2:f7:69:5a:85:60:39:35:9a:12:18:3f:e9: 3a:57:44:03:30:9b:de:a2:a5:fc:f6:22:62:c9:32:c5:8a:aa: 5b:8c:1b:73:98:08:88:a1:b1:11:35:ca:bb:03:ed:a0:1a:a2: cb:a9:99:e3:d1:b7:81:9b:5c:84:05:64:99:a4:f9:69:11:9b: 8e:85:49:85:16:ca:77:4c:a0:ba:3e:fb:5e:5e:d2:e0:de:db: 5f:7d:89:94:dd:d5:b8:61:2d:9d:bf:b4:99:95:6f:a7:fd:ee: f4:3f:8f:b3:61:22:b9:f4:b2:d4:11:85:15:13:66:7c:5c:09: 11:0e:15:76 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUFrGZjJZ8smlPeENRpORmSAZ616YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMTE1MDAxN1oX DTI1MDgyNTIzNTk1OVowejFJMEcGA1UEBRNANTg3NTE3ZDQ0M2JiNGYwNDc4ODhh MmIxMGUxNzAwMGZhZTc1MjQxZGM0ZTYxNTE0YjAxY2I4M2ZkYmI1YTQ4YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQ/wRYq4yIOCZR47MqI+MpyolWTT XkcFYlVhcftUkuUIe8RsxqnJwcTQgA/lhoHsC48GZosrDw6GMr8MOSljqF2BWA0s 9Znr1Zt1iaCxp4VDvEoU7rDYSujYc82EJH06XtwS5iX9+bzQ8Xna3rjNtMLg4J4z RdPTVQutyRS1zWzALraB3v22T66AaoNtksgdqyKuwUuldYF0BFr80E0ZMqf3jb+a Jhjv9YeB1yr66iWSt/KskUA9k/0/FOScJjQijBlflkPTa9ZY/cQcy5GZQmLw23fz 9TaA35AqqVWytQ8F4IfCk5gSu80ftCIdUm4QXaXuaDVk0FTh8x2jn4PB7wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHtrGUEfEp5aXMqoI+QLlmRiWoM8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ2YmIxNDhlLWIxZmUtNGQ0MC05YmJlLTUxZDdjZWQzODA2Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba85DAMA0GCSqGSIb3DQEBCwUAA4IBAQBMNiEjfHL3Qt0r1Bb4 +Y1Z4iRcOQWR2BuMnXJTE9Ja9UxZ2YblHlIBekQB7P8dlg2AZf6ksdcvuRz67c9o gdVhe+g9c+RgZPGSEjodwp6R9m8Xw9dRtgMlE1lDmiys6+g5oSKsSfA70DnsAkFg bx+RJKdGMTJDWtA4xgViY5QwKIRp2aL3aVqFYDk1mhIYP+k6V0QDMJveoqX89iJi yTLFiqpbjBtzmAiIobERNcq7A+2gGqLLqZnj0beBm1yEBWSZpPlpEZuOhUmFFsp3 TKC6PvteXtLg3ttffYmU3dW4YS2dv7SZlW+n/e70P4+zYSK59LLUEYUVE2Z8XAkR DhV2 -----END CERTIFICATE-----Generated at Mon Aug 4 14:50:22 2025 by rpki-client