$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa File: 49a679dd-b6ba-4b54-beeb-b3e83302b998.roa (raw, json) Hash identifier: JBKjWtN3TAzwrApuFxRewfcKA38Y/e93MQqwOFvT64M= Subject key identifier: E5:53:B4:1D:06:6C:C0:B4:B5:52:89:6E:BB:31:57:2C:CB:87:51:86 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2CB631DFA4792626EE1CB1B86524D449AA40822C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa Signing time: Sat 02 Aug 2025 00:00:09 +0000 ROA not before: Sat 02 Aug 2025 00:00:09 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:b6:31:df:a4:79:26:26:ee:1c:b1:b8:65:24:d4:49:aa:40:82:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 2 00:00:09 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=69dacb28c73da3c7acc255ae1510a8bec50a605ff3c6f7cb5abd7b6a63c3253f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:0d:eb:24:4f:67:a3:6d:91:97:ea:7f:5f:89: 07:89:e7:08:2e:c4:23:d1:0e:64:ca:08:d0:ea:7d: 3a:31:0c:b3:c0:a1:9a:e9:e9:5e:2d:f1:dc:07:82: b4:fa:2e:db:02:20:3b:e4:d9:19:1d:12:c6:8c:7d: aa:1e:c8:21:2a:5f:e4:a0:78:f7:4c:62:80:ce:06: a7:57:d4:53:29:3b:26:33:89:83:c4:08:da:57:c5: 1f:67:0a:11:59:13:1b:96:97:35:cd:b0:cd:bc:3d: aa:65:34:a7:7b:a2:c4:c2:8b:8c:af:c3:4e:2b:22: 1b:4b:9d:78:7e:58:5b:8d:2f:cc:bc:d3:be:bc:e7: 74:de:45:ad:b7:20:a0:03:34:fd:46:83:a7:62:15: 57:bb:91:1b:9a:6e:e9:60:2f:ad:dc:99:57:98:26: f2:84:25:32:54:86:9b:e3:69:7f:28:ca:49:2b:d0: bf:0a:4b:5c:92:f3:d5:ad:ce:7c:e3:cf:10:6c:98: df:a4:94:10:9c:27:fb:77:9e:82:a5:b2:01:f6:12: a2:9b:d0:e5:a7:03:00:1f:6e:01:79:71:37:05:91: d3:ec:d3:0e:ec:98:51:8c:c3:5a:c0:db:f4:5e:0e: 7d:60:02:e1:51:c4:5c:53:94:bc:a5:c9:62:54:af: 61:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:53:B4:1D:06:6C:C0:B4:B5:52:89:6E:BB:31:57:2C:CB:87:51:86 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:800::/40 Signature Algorithm: sha256WithRSAEncryption 06:f5:40:9f:e7:a9:02:7e:68:3f:76:15:5c:66:42:b7:60:9c: 1a:02:ba:18:39:07:6c:be:fb:ca:b1:2f:ef:12:82:db:00:e2: b7:8f:34:4a:93:f4:9f:7a:b6:b0:23:60:9a:24:2a:6a:4c:6a: 08:22:69:7d:94:1a:62:b2:0d:96:f0:3d:f1:2d:09:c5:7c:e4: c0:00:f2:38:07:73:15:6a:2a:61:10:6e:9a:96:05:d3:72:e9: 03:55:1f:9a:14:5b:c6:fe:a8:d1:8e:54:e9:e1:49:21:2f:0a: e9:88:dc:5b:08:59:9d:2f:f2:43:6e:3c:5e:2c:2c:86:10:3d: 9d:0d:ec:b3:f9:18:c0:3d:a7:9b:ad:2b:7f:f6:14:8f:f3:38: dc:4d:52:93:35:4b:84:2a:79:8f:f0:14:f0:7b:91:0b:75:34: 40:74:18:40:f0:24:81:d8:d7:8f:b9:0b:ef:6e:01:98:9e:70: ae:df:37:e1:dd:6f:ef:de:8f:e2:ab:2c:74:34:83:11:ac:3a: d4:64:94:6f:c6:5d:f3:ca:3b:5d:94:52:d1:b6:2e:7f:09:9f: 32:ea:ba:f5:f0:5c:ec:a1:a1:6a:9a:5c:be:f0:06:3c:08:1f: 78:36:69:70:ff:4a:03:17:63:a2:ff:cf:60:9e:b1:c6:86:21: 7e:5c:1e:86 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULLYx36R5JibuHLG4ZSTUSapAgiwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMjAwMDAwOVoX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNANjlkYWNiMjhjNzNkYTNjN2FjYzI1 NWFlMTUxMGE4YmVjNTBhNjA1ZmYzYzZmN2NiNWFiZDdiNmE2M2MzMjUzZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkw3rJE9no22Rl+p/X4kHiecILsQj 0Q5kygjQ6n06MQyzwKGa6eleLfHcB4K0+i7bAiA75NkZHRLGjH2qHsghKl/koHj3 TGKAzganV9RTKTsmM4mDxAjaV8UfZwoRWRMblpc1zbDNvD2qZTSne6LEwouMr8NO KyIbS514flhbjS/MvNO+vOd03kWttyCgAzT9RoOnYhVXu5Ebmm7pYC+t3JlXmCby hCUyVIab42l/KMpJK9C/CktckvPVrc58488QbJjfpJQQnCf7d56CpbIB9hKim9Dl pwMAH24BeXE3BZHT7NMO7JhRjMNawNv0Xg59YALhUcRcU5S8pcliVK9hHwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOVTtB0GbMC0tVKJbrsxVyzLh1GGMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5YTY3OWRkLWI2YmEtNGI1NC1iZWViLWIzZTgzMzAyYjk5OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8QgwDQYJKoZIhvcNAQELBQADggEBAAb1QJ/nqQJ+aD92FVxm QrdgnBoCuhg5B2y++8qxL+8SgtsA4rePNEqT9J96trAjYJokKmpMaggiaX2UGmKy DZbwPfEtCcV85MAA8jgHcxVqKmEQbpqWBdNy6QNVH5oUW8b+qNGOVOnhSSEvCumI 3FsIWZ0v8kNuPF4sLIYQPZ0N7LP5GMA9p5utK3/2FI/zONxNUpM1S4QqeY/wFPB7 kQt1NEB0GEDwJIHY14+5C+9uAZiecK7fN+Hdb+/ej+KrLHQ0gxGsOtRklG/GXfPK O12UUtG2Ln8JnzLquvXwXOyhoWqaXL7wBjwIH3g2aXD/SgMXY6L/z2CescaGIX5c HoY= -----END CERTIFICATE-----Generated at Mon Aug 4 14:54:10 2025 by rpki-client