$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d1b9282-680b-4992-beb1-19fa7dc7e043.roa File: 4d1b9282-680b-4992-beb1-19fa7dc7e043.roa (raw, json) Hash identifier: cxtC3t/TuLdRYXRpjC+vwr5lw+yoHTlzrxVSS/EfqiA= Subject key identifier: DF:39:11:D6:96:CC:5F:60:FB:A6:89:CF:02:F5:4B:29:B5:B2:2C:52 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 617B52EC1DDA044B40F762DACAC365AC84E966 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d1b9282-680b-4992-beb1-19fa7dc7e043.roa Signing time: Fri 01 Aug 2025 00:00:22 +0000 ROA not before: Fri 01 Aug 2025 00:00:22 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:dab9:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 00:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:7b:52:ec:1d:da:04:4b:40:f7:62:da:ca:c3:65:ac:84:e9:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:00:22 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=1d3492ae3e246b8ab03c5e113dafaa66b01677429f52a436e184a897d94a7d54, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:cb:cd:4a:92:61:4b:e4:9c:5c:74:02:aa:a1: e7:fc:56:e9:f8:92:fd:21:83:85:64:0f:d7:fb:58: 6d:7c:2f:4f:db:2b:04:92:b6:2b:97:fb:21:69:01: b4:b1:18:1b:8f:70:da:3f:d2:c1:fa:d5:ed:37:52: e4:7e:cc:ed:3f:66:5c:be:a6:da:fd:0a:a0:f9:34: 61:08:10:3c:44:a4:e9:ec:7b:65:57:94:53:64:82: df:4f:1a:4f:20:af:eb:2d:21:d0:24:08:56:f5:6f: ed:73:d5:d7:fe:ac:9f:29:dc:e0:5a:13:c3:b7:5d: df:77:b4:90:9c:59:06:8a:de:88:23:c0:aa:10:e7: 18:5e:f2:32:c6:a2:42:9a:b6:20:89:66:25:67:c8: 26:77:61:67:59:15:a3:ff:c6:0c:6c:a3:ae:50:21: 6c:98:8d:98:67:44:1c:37:e6:92:96:c7:9c:d9:b5: c7:c6:ec:20:2b:a9:11:ad:33:2a:61:6b:22:f9:3a: a6:a7:8e:37:e8:c5:ad:d9:7c:2d:ea:51:8e:d1:b2: bc:a3:4f:b2:2f:c8:6b:b7:4d:ae:3b:1b:b0:60:13: 5c:38:f5:ac:8e:80:cb:45:a9:2c:03:7c:94:4f:d1: 29:dd:e3:e8:24:af:3a:c6:df:e5:30:06:59:6d:11: 66:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:39:11:D6:96:CC:5F:60:FB:A6:89:CF:02:F5:4B:29:B5:B2:2C:52 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d1b9282-680b-4992-beb1-19fa7dc7e043.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:c000::/40 Signature Algorithm: sha256WithRSAEncryption c3:f9:95:fb:6b:d2:b8:40:86:c6:8c:6b:6f:11:16:bd:a3:4c: e1:e8:66:0a:a9:85:cb:db:3f:25:b7:93:85:d2:cc:5e:55:28: fa:e7:16:fd:21:4b:15:07:96:36:e8:5e:7b:fa:80:c9:da:07: 82:ba:88:49:45:95:5a:86:ee:36:3d:25:75:aa:a3:18:06:50: 16:15:87:04:b5:e3:88:9e:eb:4d:00:52:5a:b6:e1:24:6e:10: 2b:e3:cb:f7:00:b9:44:70:45:55:32:60:ba:25:62:a3:8f:4d: d6:30:09:0e:1d:7b:de:19:4f:39:3b:a6:86:a7:78:4b:5e:3e: 07:94:45:eb:45:29:21:b2:72:05:98:cf:2e:4c:aa:ce:d6:03: 57:2d:35:38:51:09:91:8d:2e:0d:19:b5:fb:41:b8:58:e6:30: 1a:93:c6:f8:56:24:6a:63:69:45:d2:09:25:a9:74:c6:b6:87: 65:d9:c9:76:6a:4d:2a:b0:85:55:4c:72:df:fa:02:e7:53:36: 0f:b0:65:56:8c:57:cb:1c:7c:35:8f:c9:af:2d:7e:f0:e8:74: f8:62:8e:e6:e5:87:53:7f:7c:30:ed:b4:7a:ce:83:3c:a8:20: c8:76:e2:68:d0:b7:57:b3:58:68:80:f0:bd:01:4c:2a:ff:10: 31:83:b2:55 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgITYXtS7B3aBEtA92LaysNlrITpZjANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjUwODAxMDAwMDIyWhcN MjUwOTA1MjM1OTU5WjB6MUkwRwYDVQQFE0AxZDM0OTJhZTNlMjQ2YjhhYjAzYzVl MTEzZGFmYWE2NmIwMTY3NzQyOWY1MmE0MzZlMTg0YTg5N2Q5NGE3ZDU0MS0wKwYD VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVy81KkmFL5JxcdAKqoef8Vun4kv0h g4VkD9f7WG18L0/bKwSStiuX+yFpAbSxGBuPcNo/0sH61e03UuR+zO0/Zly+ptr9 CqD5NGEIEDxEpOnse2VXlFNkgt9PGk8gr+stIdAkCFb1b+1z1df+rJ8p3OBaE8O3 Xd93tJCcWQaK3ogjwKoQ5xhe8jLGokKatiCJZiVnyCZ3YWdZFaP/xgxso65QIWyY jZhnRBw35pKWx5zZtcfG7CArqRGtMyphayL5Oqanjjfoxa3ZfC3qUY7RsryjT7Iv yGu3Ta47G7BgE1w49ayOgMtFqSwDfJRP0Snd4+gkrzrG3+UwBlltEWadAgMBAAGj ggJKMIICRjAdBgNVHQ4EFgQU3zkR1pbMX2D7ponPAvVLKbWyLFIwHwYDVR0jBBgw FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv NGQxYjkyODItNjgwYi00OTkyLWJlYjEtMTlmYTdkYzdlMDQzLnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E AgACMAgDBgAkBtq5wDANBgkqhkiG9w0BAQsFAAOCAQEAw/mV+2vSuECGxoxrbxEW vaNM4ehmCqmFy9s/JbeThdLMXlUo+ucW/SFLFQeWNuhee/qAydoHgrqISUWVWobu Nj0ldaqjGAZQFhWHBLXjiJ7rTQBSWrbhJG4QK+PL9wC5RHBFVTJguiVio49N1jAJ Dh173hlPOTumhqd4S14+B5RF60UpIbJyBZjPLkyqztYDVy01OFEJkY0uDRm1+0G4 WOYwGpPG+FYkamNpRdIJJal0xraHZdnJdmpNKrCFVUxy3/oC51M2D7BlVoxXyxx8 NY/Jry1+8Oh0+GKO5uWHU398MO20es6DPKggyHbiaNC3V7NYaIDwvQFMKv8QMYOy VQ== -----END CERTIFICATE-----Generated at Wed Aug 6 00:57:24 2025 by rpki-client