$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d316ef2-56e4-4581-990e-015883180353.roa File: 5d316ef2-56e4-4581-990e-015883180353.roa (raw, json) Hash identifier: XzaSlfsHl3gIJ9x39YT+H8vATJg2WHRjGyeKeSGQ/WY= Subject key identifier: 47:FD:59:F7:10:0B:DA:37:B6:72:18:3B:42:10:94:31:41:DB:DD:33 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2F18918092F4A9B817D3B5BD0530988A11BFD566 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d316ef2-56e4-4581-990e-015883180353.roa Signing time: Mon 21 Jul 2025 15:11:02 +0000 ROA not before: Mon 21 Jul 2025 15:11:02 +0000 ROA not after: Mon 25 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 00:01:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:18:91:80:92:f4:a9:b8:17:d3:b5:bd:05:30:98:8a:11:bf:d5:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 21 15:11:02 2025 GMT Not After : Aug 25 23:59:59 2025 GMT Subject: serialNumber=b092c7d58caeaaca294aee30ff8e69cb65aec398511d5e7cea746bc66a3ea049, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:a0:dd:5d:7f:a8:5b:3a:b7:84:8a:ec:3a:16: 0e:82:4d:f9:d7:c1:99:0b:c4:a9:29:f9:47:86:12: 64:0b:28:30:eb:9b:8f:96:6a:23:d3:b4:10:79:0e: 8c:a3:c2:2a:9e:a0:b8:0e:50:4e:35:89:4b:6f:dc: 4c:bc:17:4f:0d:d4:2c:23:40:5d:99:2e:fc:8c:c3: ca:ea:52:62:6f:0c:b9:b7:6c:5c:9e:28:e8:e0:d2: 94:74:4e:8c:2c:62:09:f7:8e:b4:2c:95:31:ec:8b: 0f:07:4c:7f:71:0b:c3:62:4b:a7:4e:96:d9:cc:b0: 50:d1:49:7b:30:d9:4f:5d:55:ca:97:13:2c:bf:7b: 2b:2e:7a:65:41:de:9a:7a:1b:96:d6:31:ab:dc:8f: f6:65:b5:24:e9:11:47:83:0b:3d:8e:1f:33:bb:7e: 2e:f2:b5:f1:f6:75:91:1f:6f:17:bd:c4:91:67:2d: 3a:17:c6:18:3c:2d:fe:4d:fe:9d:34:f4:1d:65:55: 20:9c:99:28:a8:d0:54:87:29:5f:a5:cb:57:28:f1: a1:e6:e4:b7:f4:2e:7b:db:8a:68:b7:f3:ed:a6:c2: 45:00:04:0f:4f:f8:be:56:db:35:65:9f:f5:ce:d1: 46:05:1d:82:36:27:38:fc:92:e5:63:36:f6:e5:7b: b3:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:FD:59:F7:10:0B:DA:37:B6:72:18:3B:42:10:94:31:41:DB:DD:33 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d316ef2-56e4-4581-990e-015883180353.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:4000::/40 Signature Algorithm: sha256WithRSAEncryption b9:b0:6f:69:eb:02:25:98:50:d8:83:81:98:dd:98:02:93:62: e5:4b:0b:ac:ec:f4:ad:10:22:1f:1e:ff:61:e0:03:57:e6:cf: ad:0c:5a:c5:94:17:34:04:77:0f:42:6f:1c:cd:b9:1e:19:68: 2d:b8:59:aa:ef:a3:d7:32:94:14:f7:38:be:0e:92:d2:75:15: 66:b2:42:fe:79:4d:20:74:c3:5c:54:7a:cd:3c:f8:19:a9:5a: cc:10:1c:e6:4e:fb:9c:7e:48:3b:13:be:61:bf:e8:17:8e:26: 77:7b:92:61:92:f7:7b:58:7f:cc:31:b8:77:5a:01:af:03:47: b3:bf:df:1e:8f:44:9e:01:7a:4c:5e:65:3f:4e:ef:03:4c:fd: 19:05:23:04:a0:9a:ce:64:40:40:53:78:24:b6:18:df:98:69: 49:c8:ff:dd:b2:30:28:7b:12:eb:a9:bb:8c:c9:50:7e:b3:c4: c8:aa:fb:5b:71:0b:56:89:dd:18:0f:f1:26:42:2a:1d:3d:0c: ff:0f:16:fb:3e:fa:b8:c1:a5:62:73:37:fe:e4:92:a0:19:39: 8a:d0:bd:ae:2f:6b:2d:3f:0d:f2:11:de:ed:34:7b:7f:d7:ca: aa:7c:bf:1b:e1:52:ef:cc:5f:bf:e1:d6:70:72:ec:aa:8b:af: e8:16:52:d4 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULxiRgJL0qbgX07W9BTCYihG/1WYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMTE1MTEwMloX DTI1MDgyNTIzNTk1OVowejFJMEcGA1UEBRNAYjA5MmM3ZDU4Y2FlYWFjYTI5NGFl ZTMwZmY4ZTY5Y2I2NWFlYzM5ODUxMWQ1ZTdjZWE3NDZiYzY2YTNlYTA0OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqDdXX+oWzq3hIrsOhYOgk3518GZ C8SpKflHhhJkCygw65uPlmoj07QQeQ6Mo8IqnqC4DlBONYlLb9xMvBdPDdQsI0Bd mS78jMPK6lJibwy5t2xcnijo4NKUdE6MLGIJ9460LJUx7IsPB0x/cQvDYkunTpbZ zLBQ0Ul7MNlPXVXKlxMsv3srLnplQd6aehuW1jGr3I/2ZbUk6RFHgws9jh8zu34u 8rXx9nWRH28XvcSRZy06F8YYPC3+Tf6dNPQdZVUgnJkoqNBUhylfpctXKPGh5uS3 9C5724pot/PtpsJFAAQPT/i+Vts1ZZ/1ztFGBR2CNic4/JLlYzb25XuzxQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEf9WfcQC9o3tnIYO0IQlDFB290zMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVkMzE2ZWYyLTU2ZTQtNDU4MS05OTBlLTAxNTg4MzE4MDM1My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba80AwDQYJKoZIhvcNAQELBQADggEBALmwb2nrAiWYUNiDgZjd mAKTYuVLC6zs9K0QIh8e/2HgA1fmz60MWsWUFzQEdw9CbxzNuR4ZaC24Warvo9cy lBT3OL4OktJ1FWayQv55TSB0w1xUes08+BmpWswQHOZO+5x+SDsTvmG/6BeOJnd7 kmGS93tYf8wxuHdaAa8DR7O/3x6PRJ4BekxeZT9O7wNM/RkFIwSgms5kQEBTeCS2 GN+YaUnI/92yMCh7Euupu4zJUH6zxMiq+1txC1aJ3RgP8SZCKh09DP8PFvs++rjB pWJzN/7kkqAZOYrQva4vay0/DfIR3u00e3/Xyqp8vxvhUu/MX7/h1nBy7KqLr+gW UtQ= -----END CERTIFICATE-----Generated at Thu Aug 7 04:34:41 2025 by rpki-client