$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa File: 6966423c-fa27-4cd5-898f-a147e75cdcb6.roa (raw, json) Hash identifier: Qj/QZ469yqNMNUDxmXol52jBC7xfMX6iEAtDhKPEnL8= Subject key identifier: D1:F0:94:63:CD:F7:C5:06:0E:E7:38:FB:54:3E:E6:15:F4:15:56:1A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5AE21014FFA1AB8DDC741375081C5B7E6AC28424 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa Signing time: Fri 01 Aug 2025 00:11:35 +0000 ROA not before: Fri 01 Aug 2025 00:11:35 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:e2:10:14:ff:a1:ab:8d:dc:74:13:75:08:1c:5b:7e:6a:c2:84:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:11:35 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=bf0892d9c250684a67b52be0577894fa65ce4a770faf7689c5af8ab27e69f3c8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:18:c2:69:dc:ea:df:6f:92:6d:63:1e:79:86: 47:de:19:19:5e:1d:36:c7:37:03:74:5c:5e:4f:37: b1:59:8e:fd:b3:d0:16:fb:97:21:d5:a3:bb:b2:c7: ad:49:ef:dc:c3:4a:c0:76:b8:0b:38:68:b9:c2:cd: a3:b9:3e:c8:ea:5c:bf:2a:6a:71:e5:a9:6f:06:56: c6:9a:fe:ae:24:db:d9:fe:7a:a5:29:3b:4d:e1:a5: 8c:44:4c:02:1f:69:ff:78:65:4a:5b:c1:44:19:f8: 53:7b:66:17:35:34:7b:4d:a7:61:1e:61:23:75:f2: 09:4f:8a:ea:94:fb:55:1a:aa:42:b5:37:18:d8:a5: 90:f3:12:f5:3a:e6:b5:52:07:9f:77:ca:72:0d:37: 02:9a:00:53:b7:a6:d6:7c:4a:2e:cb:b4:d2:92:45: ad:e1:7c:57:73:a1:c8:b0:5c:dd:8b:f7:83:9b:1f: 6c:0b:77:af:7c:21:22:f8:50:e2:f5:38:1d:1c:9e: 8b:c8:b8:e9:f3:70:55:b2:d0:36:50:43:8f:c2:ab: 0e:c7:65:e4:38:d9:bc:3b:bc:6f:33:76:d5:94:cd: dd:aa:a9:d7:f1:55:20:5f:6c:70:39:af:73:f2:30: cb:5d:ed:63:17:8f:02:18:d9:7f:e4:c7:13:37:2a: f2:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:F0:94:63:CD:F7:C5:06:0E:E7:38:FB:54:3E:E6:15:F4:15:56:1A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:a000::/40 Signature Algorithm: sha256WithRSAEncryption 51:d4:ad:c9:5c:aa:e1:43:71:bf:02:61:e2:c9:03:76:e3:c6: 83:54:b4:a1:8b:3f:50:69:4f:5f:d1:de:5f:09:3b:71:9c:d7: 8a:a6:78:7b:81:3f:7a:46:63:cc:6b:58:4f:92:fa:bc:5c:37: 98:c3:14:74:5e:14:c0:ee:03:69:c3:52:87:ef:3f:af:0d:32: e5:61:ae:b2:5e:8b:fc:e9:37:35:dc:30:36:21:9f:61:7b:1e: e9:55:bb:92:85:16:cc:f2:1d:f1:51:68:dc:45:bf:66:65:13: c5:a7:70:fa:a3:41:40:3c:e7:f1:50:3e:e7:45:24:fb:65:f8: 8f:68:f0:92:20:a7:27:bd:d9:3c:69:4e:91:68:db:e3:58:4f: 4b:82:7a:11:ad:c0:6e:e9:d5:b7:11:b9:5e:79:35:76:41:c5: f1:27:17:09:6d:14:74:28:1c:65:99:b4:e7:4c:b5:a5:97:d9: e2:96:d3:46:9f:41:ec:01:e1:c7:8f:27:8c:1f:f8:62:61:0c: 1d:68:18:be:47:c7:e3:08:52:1d:fb:d7:b3:16:7f:a7:62:d8: ed:06:8b:b7:1b:bb:1f:43:31:a6:00:e9:fe:86:71:6e:61:5a: e8:22:03:99:8b:6f:6b:42:14:05:c9:74:41:2f:96:fc:b3:bf: f1:fc:3d:09 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWuIQFP+hq43cdBN1CBxbfmrChCQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwMTEzNVoX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAYmYwODkyZDljMjUwNjg0YTY3YjUy YmUwNTc3ODk0ZmE2NWNlNGE3NzBmYWY3Njg5YzVhZjhhYjI3ZTY5ZjNjODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6BjCadzq32+SbWMeeYZH3hkZXh02 xzcDdFxeTzexWY79s9AW+5ch1aO7ssetSe/cw0rAdrgLOGi5ws2juT7I6ly/Kmpx 5alvBlbGmv6uJNvZ/nqlKTtN4aWMREwCH2n/eGVKW8FEGfhTe2YXNTR7TadhHmEj dfIJT4rqlPtVGqpCtTcY2KWQ8xL1Oua1Ugefd8pyDTcCmgBTt6bWfEouy7TSkkWt 4XxXc6HIsFzdi/eDmx9sC3evfCEi+FDi9TgdHJ6LyLjp83BVstA2UEOPwqsOx2Xk ONm8O7xvM3bVlM3dqqnX8VUgX2xwOa9z8jDLXe1jF48CGNl/5McTNyryzQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNHwlGPN98UGDuc4+1Q+5hX0FVYaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY5NjY0MjNjLWZhMjctNGNkNS04OThmLWExNDdlNzVjZGNiNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauaAwDQYJKoZIhvcNAQELBQADggEBAFHUrclcquFDcb8CYeLJ A3bjxoNUtKGLP1BpT1/R3l8JO3Gc14qmeHuBP3pGY8xrWE+S+rxcN5jDFHReFMDu A2nDUofvP68NMuVhrrJei/zpNzXcMDYhn2F7HulVu5KFFszyHfFRaNxFv2ZlE8Wn cPqjQUA85/FQPudFJPtl+I9o8JIgpye92TxpTpFo2+NYT0uCehGtwG7p1bcRuV55 NXZBxfEnFwltFHQoHGWZtOdMtaWX2eKW00afQewB4cePJ4wf+GJhDB1oGL5Hx+MI Uh3717MWf6di2O0Gi7cbux9DMaYA6f6GcW5hWugiA5mLb2tCFAXJdEEvlvyzv/H8 PQk= -----END CERTIFICATE-----Generated at Mon Aug 4 14:16:19 2025 by rpki-client