$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/524c65cc-d022-4b07-863e-495ad7b730c6.roa File: 524c65cc-d022-4b07-863e-495ad7b730c6.roa (raw, json) Hash identifier: r/lnUKsTdf+Nv9hMuI6Uy3S5gs8HLZDAJrcxu43Hozs= Subject key identifier: AA:7C:88:2B:94:1F:67:5C:2E:CD:C6:E2:E6:43:F8:F3:B4:0E:2C:84 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 54695EF56FCB686EE4B5090FE138D8B33964860E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/524c65cc-d022-4b07-863e-495ad7b730c6.roa Signing time: Fri 01 Aug 2025 00:11:13 +0000 ROA not before: Fri 01 Aug 2025 00:11:13 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:69:5e:f5:6f:cb:68:6e:e4:b5:09:0f:e1:38:d8:b3:39:64:86:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:11:13 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=7d157baa26723aa770e05475dee812621c91256312d45e82b08126b865283096, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:b9:23:fb:a3:55:e7:a6:03:d2:17:03:10:11: a7:c1:fd:f6:a4:79:cc:17:39:15:55:3a:4b:58:ff: 4d:99:88:f1:88:65:89:c7:d5:58:64:a3:f6:8f:bb: ef:45:06:e9:29:20:34:49:1b:29:18:34:a2:dc:30: 9d:81:7f:3d:f3:6e:65:65:d8:e2:67:73:cd:d4:15: 9a:6a:7d:9b:a2:25:9e:0c:0e:0d:61:01:94:0d:45: d9:1a:ed:ab:f9:d0:81:70:ed:e2:f6:5b:3f:69:68: 3a:b7:ed:78:61:d3:1b:b5:8f:48:bf:3e:d8:63:09: 02:04:a0:8e:08:51:6a:64:e5:52:a9:11:61:52:3d: 05:b5:8d:fb:f9:09:ac:09:3d:c9:35:4d:81:46:5d: ab:b9:8e:6c:5d:e6:c5:4f:27:83:5a:8e:52:08:01: 77:16:fc:b8:61:e2:de:0d:c5:71:b1:20:d1:02:ae: a4:2a:88:2a:aa:e5:e6:87:1e:f7:fc:6b:0b:28:5f: 84:ee:02:97:88:3a:30:40:cd:43:6d:5a:35:43:e2: bf:3d:aa:ed:2c:d4:6d:d2:db:23:c2:5b:10:7a:70: a8:c4:da:12:1d:85:b0:93:b4:68:3d:25:7c:10:59: 07:81:70:9c:59:dc:ac:64:19:64:78:f6:7d:04:57: e1:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:7C:88:2B:94:1F:67:5C:2E:CD:C6:E2:E6:43:F8:F3:B4:0E:2C:84 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/524c65cc-d022-4b07-863e-495ad7b730c6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:2800::/40 Signature Algorithm: sha256WithRSAEncryption 75:0c:83:c0:d8:e8:75:ed:25:1f:d4:16:bb:7b:78:a9:e2:f3: 39:f1:ff:4d:e7:93:99:2e:6b:62:6d:bb:37:81:a7:52:39:13: 42:1a:a5:73:49:76:6c:10:85:9a:31:aa:1a:73:b1:ae:06:b2: d9:d4:83:4b:ef:56:16:1a:5e:54:48:4e:1e:98:d4:3f:63:b5: af:65:bb:61:c2:62:e1:79:22:f1:c4:3e:da:a8:be:c5:34:eb: 48:46:85:92:27:ff:0a:5e:82:ef:83:47:30:28:e7:58:0d:a6: 6a:d8:a2:8c:2b:02:d6:0f:3b:37:e4:45:6f:5b:db:63:3c:cc: 4f:6a:97:f2:f4:7c:ab:7b:e4:4b:6b:6a:5f:b4:21:da:46:3b: bc:82:d1:59:1a:9e:26:c2:b3:a4:f5:65:aa:3f:7d:a2:6a:ed: d8:4b:a7:cb:f0:62:68:93:73:94:cf:05:c7:09:ad:6f:18:e3: cd:5e:67:b8:2c:ed:2b:2d:63:43:db:45:48:57:fb:21:52:4f: 2b:de:ac:a0:1f:a9:12:de:b8:46:1f:c8:90:b1:e4:b8:69:29: 14:d4:ff:18:02:3d:4c:1d:c7:f0:34:d1:40:ba:b4:2a:12:5b: 6c:79:e1:fe:7d:bd:f6:22:30:d4:be:36:7f:f3:37:a0:d5:ce: 8e:99:c6:8e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVGle9W/LaG7ktQkP4TjYszlkhg4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwMTExM1oX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAN2QxNTdiYWEyNjcyM2FhNzcwZTA1 NDc1ZGVlODEyNjIxYzkxMjU2MzEyZDQ1ZTgyYjA4MTI2Yjg2NTI4MzA5NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubkj+6NV56YD0hcDEBGnwf32pHnM FzkVVTpLWP9NmYjxiGWJx9VYZKP2j7vvRQbpKSA0SRspGDSi3DCdgX89825lZdji Z3PN1BWaan2boiWeDA4NYQGUDUXZGu2r+dCBcO3i9ls/aWg6t+14YdMbtY9Ivz7Y YwkCBKCOCFFqZOVSqRFhUj0FtY37+QmsCT3JNU2BRl2ruY5sXebFTyeDWo5SCAF3 Fvy4YeLeDcVxsSDRAq6kKogqquXmhx73/GsLKF+E7gKXiDowQM1DbVo1Q+K/Part LNRt0tsjwlsQenCoxNoSHYWwk7RoPSV8EFkHgXCcWdysZBlkePZ9BFfhgwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKp8iCuUH2dcLs3G4uZD+PO0DiyEMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzUyNGM2NWNjLWQwMjItNGIwNy04NjNlLTQ5NWFkN2I3MzBjNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaCgwDQYJKoZIhvcNAQELBQADggEBAHUMg8DY6HXtJR/UFrt7 eKni8znx/03nk5kua2JtuzeBp1I5E0IapXNJdmwQhZoxqhpzsa4GstnUg0vvVhYa XlRITh6Y1D9jta9lu2HCYuF5IvHEPtqovsU060hGhZIn/wpegu+DRzAo51gNpmrY oowrAtYPOzfkRW9b22M8zE9ql/L0fKt75Etral+0IdpGO7yC0VkanibCs6T1Zao/ faJq7dhLp8vwYmiTc5TPBccJrW8Y481eZ7gs7SstY0PbRUhX+yFSTyverKAfqRLe uEYfyJCx5LhpKRTU/xgCPUwdx/A00UC6tCoSW2x54f59vfYiMNS+Nn/zN6DVzo6Z xo4= -----END CERTIFICATE-----Generated at Mon Aug 4 15:07:42 2025 by rpki-client