$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4bf75457-0f4b-44d1-8979-1a161522685b.roa File: 4bf75457-0f4b-44d1-8979-1a161522685b.roa (raw, json) Hash identifier: vRM0pIBEqFH5Z9iMgK1mR75qP0Wup3mSyaY6Tu0xlpY= Subject key identifier: 90:C4:4B:ED:63:52:99:3A:EE:D9:77:0D:03:33:A9:D7:D3:88:0B:BA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 129157C7939431F2CCECFDC266E84465E6DB252C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4bf75457-0f4b-44d1-8979-1a161522685b.roa Signing time: Mon 21 Jul 2025 15:10:06 +0000 ROA not before: Mon 21 Jul 2025 15:10:06 +0000 ROA not after: Mon 25 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:2000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 00:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:91:57:c7:93:94:31:f2:cc:ec:fd:c2:66:e8:44:65:e6:db:25:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 21 15:10:06 2025 GMT Not After : Aug 25 23:59:59 2025 GMT Subject: serialNumber=94341a2ea38e76f2b744580f2ef8e51e28ffb2e3784b138b432c9c46fc7f440b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:98:38:a9:61:90:25:3c:c8:f8:e4:97:4b:df: 2e:17:b6:75:fe:f9:a7:98:1e:2e:3d:60:49:ab:cd: 34:0a:f0:8f:bd:17:27:60:aa:9c:2e:dc:b3:cb:71: b2:ac:a6:85:d2:95:0b:03:fa:ba:ed:10:22:35:a0: 16:89:48:26:31:6c:2d:b7:76:e0:70:da:2c:5a:87: 12:6e:31:54:14:2e:55:73:72:bb:c5:84:79:b1:a9: 00:41:ff:cc:c0:4e:bf:89:11:dd:b3:10:a8:20:db: 16:94:e7:61:c7:51:87:12:42:8d:ef:ec:dc:b4:2f: 02:51:6a:0b:a2:95:9b:f4:67:f8:fa:5e:71:97:11: 56:83:36:f1:9a:4d:0e:41:3f:5e:ab:09:27:89:2b: 2c:a1:9f:48:e6:27:76:9b:75:5c:c0:ce:8a:7d:f2: 32:83:61:90:13:15:18:cd:5e:0c:e6:eb:60:e8:95: fb:35:1e:a8:b9:d4:99:8c:63:62:78:7c:39:9c:fb: f7:55:0e:57:9c:4b:74:cf:96:d4:81:92:5d:77:8f: ee:10:de:cc:95:c9:1d:9f:74:a5:47:e1:8e:53:61: 3c:fa:bc:03:45:dc:a5:e4:92:b7:d1:cd:2f:82:90: ae:00:e4:e3:dd:8f:8b:d1:92:56:fe:63:94:e7:e6: 46:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:C4:4B:ED:63:52:99:3A:EE:D9:77:0D:03:33:A9:D7:D3:88:0B:BA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4bf75457-0f4b-44d1-8979-1a161522685b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:2000::/40 Signature Algorithm: sha256WithRSAEncryption 7e:ed:bb:12:0c:29:53:a4:50:ff:7c:12:c1:19:7b:28:f8:ab: 50:34:dc:d4:28:28:d6:f4:48:d4:39:9e:04:9f:d5:6b:0b:29: 44:12:96:3e:53:6b:a1:d2:93:5e:3c:27:18:3e:3f:7f:09:35: e4:6b:e4:d0:04:db:51:4f:59:7c:bb:9c:75:54:6f:55:c4:e1: 11:b0:2e:2c:af:66:3d:e7:f7:49:25:f2:c3:d9:98:b1:bd:bd: 1a:44:3f:40:48:98:d6:b4:8a:8c:ef:73:5a:59:26:75:f5:1b: 3a:a1:aa:60:d1:92:77:b8:d9:5e:d4:2a:a0:3b:63:a9:2f:e0: 3a:39:b6:bd:9e:26:a8:71:e0:37:cc:92:68:bc:5c:67:67:46: 1f:82:80:fc:4a:e0:01:ee:f3:02:78:70:19:a8:96:87:6e:eb: 7f:38:d5:49:7e:4c:f5:4b:3d:b7:55:f2:30:eb:16:a9:21:a3: 0a:62:4c:03:08:cc:f6:d9:b4:e6:d5:81:e8:ca:51:52:63:d8: 60:86:17:2c:8c:0d:01:5c:c7:cc:46:97:8d:fe:18:f2:f4:b4: 5e:ee:40:5f:84:8a:e9:71:6f:61:2a:60:37:cf:84:fa:c1:a6: 9e:92:7d:3c:95:27:f4:1c:6f:d2:f5:78:97:7b:6c:d6:6f:63: 6d:b8:a4:57 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEpFXx5OUMfLM7P3CZuhEZebbJSwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMTE1MTAwNloX DTI1MDgyNTIzNTk1OVowejFJMEcGA1UEBRNAOTQzNDFhMmVhMzhlNzZmMmI3NDQ1 ODBmMmVmOGU1MWUyOGZmYjJlMzc4NGIxMzhiNDMyYzljNDZmYzdmNDQwYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZg4qWGQJTzI+OSXS98uF7Z1/vmn mB4uPWBJq800CvCPvRcnYKqcLtyzy3GyrKaF0pULA/q67RAiNaAWiUgmMWwtt3bg cNosWocSbjFUFC5Vc3K7xYR5sakAQf/MwE6/iRHdsxCoINsWlOdhx1GHEkKN7+zc tC8CUWoLopWb9Gf4+l5xlxFWgzbxmk0OQT9eqwkniSssoZ9I5id2m3VcwM6KffIy g2GQExUYzV4M5utg6JX7NR6oudSZjGNieHw5nPv3VQ5XnEt0z5bUgZJdd4/uEN7M lckdn3SlR+GOU2E8+rwDRdyl5JK30c0vgpCuAOTj3Y+L0ZJW/mOU5+ZGKQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJDES+1jUpk67tl3DQMzqdfTiAu6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRiZjc1NDU3LTBmNGItNDRkMS04OTc5LTFhMTYxNTIyNjg1Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8yAwDQYJKoZIhvcNAQELBQADggEBAH7tuxIMKVOkUP98EsEZ eyj4q1A03NQoKNb0SNQ5ngSf1WsLKUQSlj5Ta6HSk148Jxg+P38JNeRr5NAE21FP WXy7nHVUb1XE4RGwLiyvZj3n90kl8sPZmLG9vRpEP0BImNa0iozvc1pZJnX1Gzqh qmDRkne42V7UKqA7Y6kv4Do5tr2eJqhx4DfMkmi8XGdnRh+CgPxK4AHu8wJ4cBmo lodu63841Ul+TPVLPbdV8jDrFqkhowpiTAMIzPbZtObVgejKUVJj2GCGFyyMDQFc x8xGl43+GPL0tF7uQF+Eiulxb2EqYDfPhPrBpp6SfTyVJ/Qcb9L1eJd7bNZvY224 pFc= -----END CERTIFICATE-----Generated at Wed Aug 6 00:41:19 2025 by rpki-client