$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c3824f8-42e9-4418-8966-1b2766cf39bd.roa File: 5c3824f8-42e9-4418-8966-1b2766cf39bd.roa (raw, json) Hash identifier: YOS4g8a5ZbndnZUA/RW+esQ8nVQqdc+EMume7w7hXmI= Subject key identifier: C6:4E:64:DA:DE:FD:3D:3E:F3:8C:FE:E9:29:51:3F:92:F8:A8:D9:30 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0BA09C3CB6C4DE47818C8828AE3317282437D194 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c3824f8-42e9-4418-8966-1b2766cf39bd.roa Signing time: Fri 01 Aug 2025 00:01:40 +0000 ROA not before: Fri 01 Aug 2025 00:01:40 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:a0:9c:3c:b6:c4:de:47:81:8c:88:28:ae:33:17:28:24:37:d1:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:01:40 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=ff3d5c053597e72eac2cc8c7f93cb6f0122b0856a86e22fce2e0700d9edeee6b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:39:43:8b:cf:c3:40:28:68:fd:35:14:6b:c1: 7c:ed:e4:7b:69:43:1d:8f:5b:00:fd:95:a8:04:96: cc:46:00:8f:d1:99:93:ec:86:ff:d1:e6:b2:dc:ad: 1d:c8:a7:20:66:c9:56:14:eb:70:fc:de:a4:a8:77: 23:6c:53:58:01:6b:7a:16:29:f2:06:3d:8a:9a:1e: d2:86:1b:b5:17:30:f5:1b:fe:eb:cd:e1:83:28:a9: 2b:5b:c6:de:ba:15:8a:0d:18:36:a4:52:7c:60:a5: f9:79:fa:6c:09:b8:e5:85:47:12:2d:36:87:e1:05: d7:14:45:75:a0:34:46:b6:78:5f:d5:dc:c8:19:ed: 89:51:8b:73:e1:12:bc:a9:33:e4:8c:73:d9:7c:e7: ba:f6:12:a0:79:1c:04:d2:7a:40:5e:f9:be:b8:1f: d6:29:9d:3a:d0:a5:9a:26:8d:a1:6e:7e:e9:30:b2: 66:f3:42:f7:81:41:e3:7c:93:0c:6e:a7:5f:9b:29: e0:7c:69:98:82:6c:fe:45:63:91:37:0a:86:fb:cd: 4b:3a:ad:78:76:8c:03:ab:d1:02:fb:ae:ee:00:b6: 3e:9d:00:21:e9:75:24:f1:1d:51:e6:c9:ec:1c:06: a4:58:9b:a4:9b:c0:83:81:7d:65:e7:cc:1e:81:a5: f8:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:4E:64:DA:DE:FD:3D:3E:F3:8C:FE:E9:29:51:3F:92:F8:A8:D9:30 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c3824f8-42e9-4418-8966-1b2766cf39bd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:7000::/40 Signature Algorithm: sha256WithRSAEncryption 6d:09:40:a5:4b:9e:a1:30:50:e6:d2:62:0f:db:b8:45:34:7b: ee:d3:3e:32:2c:d4:31:bd:6c:2e:e2:b4:8a:0b:b7:37:63:d0: c6:3e:48:43:1f:06:fa:d7:59:0c:bb:ab:a2:26:5d:49:4b:07: ad:da:49:18:8c:0d:26:0a:6b:9c:ce:91:0b:eb:3e:30:8f:03: f2:7a:40:88:ba:78:be:40:7d:2b:51:92:93:a1:e9:ec:93:27: c1:39:cf:78:97:9f:0e:4b:f3:2e:f8:1b:02:fc:c3:0f:1a:3b: 7c:7b:16:79:3e:55:40:a5:34:70:c2:59:19:f3:d5:c4:46:0d: bf:a9:36:0e:d5:37:7b:fb:0d:8f:14:13:e1:d0:41:8c:53:72: 36:41:95:8f:5a:ea:80:c1:ac:c3:60:2d:5a:3f:6d:bf:a2:99: e6:48:ec:bb:dc:a7:97:83:72:fd:11:6a:50:3b:98:f7:49:05: 84:ab:15:58:1c:f4:ec:ac:a3:25:f4:86:97:f0:8a:b5:8d:ef: 61:12:0c:26:2c:86:61:d4:0b:ea:c1:e8:7e:10:d8:9c:a1:81: 34:83:66:7a:e9:2a:eb:a8:dc:28:44:61:1d:3d:a5:b5:73:e7: f3:88:e3:75:6a:0c:98:94:54:f8:64:28:06:b4:5a:e6:7e:e9: 9b:bb:0e:1b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUC6CcPLbE3keBjIgorjMXKCQ30ZQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwMDE0MFoX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAZmYzZDVjMDUzNTk3ZTcyZWFjMmNj OGM3ZjkzY2I2ZjAxMjJiMDg1NmE4NmUyMmZjZTJlMDcwMGQ5ZWRlZWU2YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTlDi8/DQCho/TUUa8F87eR7aUMd j1sA/ZWoBJbMRgCP0ZmT7Ib/0eay3K0dyKcgZslWFOtw/N6kqHcjbFNYAWt6Finy Bj2Kmh7Shhu1FzD1G/7rzeGDKKkrW8beuhWKDRg2pFJ8YKX5efpsCbjlhUcSLTaH 4QXXFEV1oDRGtnhf1dzIGe2JUYtz4RK8qTPkjHPZfOe69hKgeRwE0npAXvm+uB/W KZ060KWaJo2hbn7pMLJm80L3gUHjfJMMbqdfmyngfGmYgmz+RWORNwqG+81LOq14 dowDq9EC+67uALY+nQAh6XUk8R1R5snsHAakWJukm8CDgX1l58wegaX4iQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMZOZNre/T0+84z+6SlRP5L4qNkwMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVjMzgyNGY4LTQyZTktNDQxOC04OTY2LTFiMjc2NmNmMzliZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8XAwDQYJKoZIhvcNAQELBQADggEBAG0JQKVLnqEwUObSYg/b uEU0e+7TPjIs1DG9bC7itIoLtzdj0MY+SEMfBvrXWQy7q6ImXUlLB63aSRiMDSYK a5zOkQvrPjCPA/J6QIi6eL5AfStRkpOh6eyTJ8E5z3iXnw5L8y74GwL8ww8aO3x7 Fnk+VUClNHDCWRnz1cRGDb+pNg7VN3v7DY8UE+HQQYxTcjZBlY9a6oDBrMNgLVo/ bb+imeZI7Lvcp5eDcv0RalA7mPdJBYSrFVgc9OysoyX0hpfwirWN72ESDCYshmHU C+rB6H4Q2JyhgTSDZnrpKuuo3ChEYR09pbVz5/OI43VqDJiUVPhkKAa0WuZ+6Zu7 Dhs= -----END CERTIFICATE-----Generated at Mon Aug 4 14:52:10 2025 by rpki-client