$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5421f030-bd8e-457e-b9e5-ffbc49afebe1.roa File: 5421f030-bd8e-457e-b9e5-ffbc49afebe1.roa (raw, json) Hash identifier: HNDheAVrAskWwy4G+Vz0ZhPDToBdRJQtICyxoCVFZsM= Subject key identifier: 73:0E:D0:F8:83:59:91:61:01:0B:7A:87:13:C0:63:CC:D4:EE:64:A3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 26182081C9EA9BD38E583E42C05A5A1DC19E8CBA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5421f030-bd8e-457e-b9e5-ffbc49afebe1.roa Signing time: Wed 23 Jul 2025 00:01:16 +0000 ROA not before: Wed 23 Jul 2025 00:01:16 +0000 ROA not after: Wed 27 Aug 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:dab9:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:18:20:81:c9:ea:9b:d3:8e:58:3e:42:c0:5a:5a:1d:c1:9e:8c:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 23 00:01:16 2025 GMT Not After : Aug 27 23:59:59 2025 GMT Subject: serialNumber=7db2f6380eb451a648b25b0a1858b0e7d72454538b22534615128c9ff030c484, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:a7:61:73:7b:c0:cd:c8:ec:e0:6d:93:dd:fa: ba:1d:43:83:c5:e3:9e:bd:9b:90:77:93:35:38:bc: 1f:86:80:89:10:7d:78:7d:52:01:6d:bf:51:bd:9e: d2:80:2f:36:0f:2f:be:3c:1c:b5:ac:fe:5d:b6:79: 8a:cd:45:ac:c6:67:d5:df:31:34:53:da:da:d1:f5: 21:86:84:e1:af:cd:b5:9e:c6:f5:6a:c2:ee:90:ac: fd:06:97:52:9e:1b:3e:7c:d7:20:3c:0b:63:f6:48: cf:01:5d:5f:0d:10:35:d7:82:c1:de:12:35:17:aa: 66:b0:f0:ee:8a:7e:e8:63:ce:f2:a5:2a:b8:eb:6f: 29:84:1b:13:8d:b9:3b:3f:55:b0:3f:6a:f5:a3:e9: d7:be:fd:2a:a3:be:58:76:be:d5:b8:32:c3:bd:6c: fe:5f:23:ef:77:bb:7e:93:a3:fb:94:74:99:a9:a4: 70:ad:93:7f:cb:a8:d8:e4:9e:85:6f:42:e9:3b:52: f2:5a:97:86:ad:c3:8c:fe:8f:79:63:f4:00:0e:ce: a5:f3:aa:fb:ba:bd:89:54:08:71:6c:ff:78:96:a9: 79:47:1d:f9:43:6c:4c:98:6b:86:43:e4:18:9a:33: 8c:7d:42:36:89:81:36:4c:02:17:c7:28:37:ed:2f: 48:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:0E:D0:F8:83:59:91:61:01:0B:7A:87:13:C0:63:CC:D4:EE:64:A3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5421f030-bd8e-457e-b9e5-ffbc49afebe1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:b000::/40 Signature Algorithm: sha256WithRSAEncryption 1d:91:7e:32:ac:cc:7e:27:39:1f:9a:ac:5c:32:2f:49:9b:26: 3e:7b:f4:28:e6:9f:ff:cc:e8:1a:d0:5c:db:3c:25:50:11:00: 71:fc:b1:47:ae:0a:d7:39:e4:e7:d3:ea:e4:c9:fd:16:1a:fd: f7:05:df:72:ae:ff:7e:a2:3c:aa:0c:0b:76:64:8e:0c:8c:4b: 7a:90:89:8b:5e:78:99:b4:f3:e4:a5:32:4a:6f:57:43:4e:06: a9:b1:7c:52:80:65:9e:fd:50:ec:2e:6a:ef:70:f1:1b:a0:bf: f3:40:0b:d3:be:43:f7:87:78:22:66:32:0c:ab:50:97:32:58: 34:c1:30:16:c2:50:c0:7b:3b:db:48:c8:84:f3:70:a7:fd:ef: a6:af:e2:04:19:a7:44:1a:5d:26:eb:3e:f8:fa:2e:93:f2:e1: 60:69:1e:0e:93:a5:fa:0d:11:4b:1a:1c:ce:0d:3a:c9:87:b7: 5f:57:ee:44:24:52:1b:2e:8a:8d:c4:68:54:45:94:56:f4:72: cd:f1:a6:2f:96:74:fb:04:ee:7c:90:66:4b:26:4b:6e:bd:18: 88:c1:76:1d:c8:c9:05:e2:e9:b4:f8:b9:a4:c2:39:ea:14:f5: 35:2f:c0:a8:8a:f6:b0:52:66:6f:72:14:01:f1:c6:10:3e:bd: b3:f9:64:19 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJhgggcnqm9OOWD5CwFpaHcGejLowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMzAwMDExNloX DTI1MDgyNzIzNTk1OVowejFJMEcGA1UEBRNAN2RiMmY2MzgwZWI0NTFhNjQ4YjI1 YjBhMTg1OGIwZTdkNzI0NTQ1MzhiMjI1MzQ2MTUxMjhjOWZmMDMwYzQ4NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApadhc3vAzcjs4G2T3fq6HUODxeOe vZuQd5M1OLwfhoCJEH14fVIBbb9RvZ7SgC82Dy++PBy1rP5dtnmKzUWsxmfV3zE0 U9ra0fUhhoThr821nsb1asLukKz9BpdSnhs+fNcgPAtj9kjPAV1fDRA114LB3hI1 F6pmsPDuin7oY87ypSq4628phBsTjbk7P1WwP2r1o+nXvv0qo75Ydr7VuDLDvWz+ XyPvd7t+k6P7lHSZqaRwrZN/y6jY5J6Fb0LpO1LyWpeGrcOM/o95Y/QADs6l86r7 ur2JVAhxbP94lql5Rx35Q2xMmGuGQ+QYmjOMfUI2iYE2TAIXxyg37S9IKwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHMO0PiDWZFhAQt6hxPAY8zU7mSjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU0MjFmMDMwLWJkOGUtNDU3ZS1iOWU1LWZmYmM0OWFmZWJlMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaubAwDQYJKoZIhvcNAQELBQADggEBAB2RfjKszH4nOR+arFwy L0mbJj579Cjmn//M6BrQXNs8JVARAHH8sUeuCtc55OfT6uTJ/RYa/fcF33Ku/36i PKoMC3ZkjgyMS3qQiYteeJm08+SlMkpvV0NOBqmxfFKAZZ79UOwuau9w8Rugv/NA C9O+Q/eHeCJmMgyrUJcyWDTBMBbCUMB7O9tIyITzcKf976av4gQZp0QaXSbrPvj6 LpPy4WBpHg6TpfoNEUsaHM4NOsmHt19X7kQkUhsuio3EaFRFlFb0cs3xpi+WdPsE 7nyQZksmS269GIjBdh3IyQXi6bT4uaTCOeoU9TUvwKiK9rBSZm9yFAHxxhA+vbP5 ZBk= -----END CERTIFICATE-----Generated at Mon Aug 4 14:59:12 2025 by rpki-client