$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6d202cfe-bd4c-416e-b2cc-fb5457f771bd.roa File: 6d202cfe-bd4c-416e-b2cc-fb5457f771bd.roa (raw, json) Hash identifier: wCc4KDWgZXd86iYFeE6C9M8/FvUDXXZGPwqVTLygZiU= Subject key identifier: 15:37:BF:4D:C1:BF:B6:7F:65:62:4A:FD:D3:FB:CB:1A:04:EC:4C:49 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0783E5D677C3E35CFE4BAF32BFA587263298162C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6d202cfe-bd4c-416e-b2cc-fb5457f771bd.roa Signing time: Mon 21 Jul 2025 15:10:57 +0000 ROA not before: Mon 21 Jul 2025 15:10:57 +0000 ROA not after: Mon 25 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:83:e5:d6:77:c3:e3:5c:fe:4b:af:32:bf:a5:87:26:32:98:16:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 21 15:10:57 2025 GMT Not After : Aug 25 23:59:59 2025 GMT Subject: serialNumber=b81b4a5b48502651ff87298720de365cefe27fc2c97827a05a364da16f99d887, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:39:08:84:16:36:38:52:9e:ff:13:63:22:ec: 7a:3c:dc:6e:63:31:9c:77:c4:58:d0:e9:48:79:0d: bc:2b:16:41:64:df:29:6a:bd:5f:79:0e:3e:be:c1: f0:0a:cc:43:4c:40:a7:3f:e6:6e:0a:4a:8e:62:58: 08:7b:6e:c0:5e:8f:da:0e:49:c7:7e:5b:91:45:50: 78:57:ba:eb:da:c4:d4:7f:67:02:d7:ae:d3:47:d5: 02:a8:64:78:9f:2d:14:30:73:f2:81:40:74:0f:3c: bc:ab:51:17:31:ec:f0:0b:0e:18:7a:7f:15:96:56: bf:0f:e6:1b:bc:3c:bb:aa:ba:cc:9b:f6:78:47:4e: 6a:61:88:0b:36:16:24:de:06:4b:32:85:79:e7:9d: d1:7f:97:7d:dc:ac:c5:4e:f5:38:c8:66:5c:9a:cc: d3:de:e1:a2:d9:87:60:0c:bc:7c:86:9b:9f:ee:a7: 01:41:15:fd:e1:e0:69:50:65:b3:74:de:65:8f:75: 2b:34:bd:8b:7e:01:dc:51:ce:6d:bb:d4:07:a9:1e: bf:13:a5:84:bf:94:28:a9:75:7f:34:39:7b:3a:b6: 7f:f7:12:76:5d:63:87:69:f2:cf:d7:db:0c:5c:cf: e0:f1:a4:91:e1:d8:64:75:3a:41:66:76:00:7b:da: 33:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:37:BF:4D:C1:BF:B6:7F:65:62:4A:FD:D3:FB:CB:1A:04:EC:4C:49 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6d202cfe-bd4c-416e-b2cc-fb5457f771bd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:800::/40 Signature Algorithm: sha256WithRSAEncryption 83:78:68:e8:c2:1f:01:3f:2c:6b:b5:2c:ed:c0:b5:ad:3f:cf: b3:34:0f:ae:16:0b:c1:6c:6a:ab:ad:e6:e4:9f:5a:45:37:29: 84:2f:e0:fa:83:52:7a:fe:a7:47:e9:fb:92:67:3f:c8:cd:6e: 62:87:db:cb:fc:2a:30:89:88:11:bf:b1:c5:d8:99:bd:2a:ac: 75:09:56:cf:7b:6d:ac:8b:fc:14:f9:6f:29:ae:ff:5c:6d:14: dc:d2:ad:cc:65:8b:2e:d0:3e:f5:56:cb:6c:d3:0b:77:68:58: 2e:d7:08:9a:d9:8a:76:3c:59:0c:4e:5b:51:cd:cb:ab:ae:b2: 95:4c:dc:91:71:be:e6:4c:e5:a7:ca:78:1f:52:09:b5:1f:95: ba:d9:be:f7:a3:42:cb:0c:a5:e6:06:f1:77:ff:08:5c:32:0a: 2b:20:31:db:84:06:e4:6a:5c:e6:f6:d6:36:7f:33:37:d3:0a: ac:f1:27:8c:de:5a:79:89:54:d4:85:9c:a0:92:4d:99:cc:13: ff:dd:ab:38:94:7d:85:17:f9:2e:eb:d8:ca:b7:f1:58:3a:86: ec:ee:ce:41:94:29:59:09:38:22:2f:25:7a:81:87:f8:71:6d: 3f:bc:7d:02:0c:db:7c:10:57:a6:d4:ad:25:95:1f:10:53:85: 22:04:1c:6d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUB4Pl1nfD41z+S68yv6WHJjKYFiwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMTE1MTA1N1oX DTI1MDgyNTIzNTk1OVowejFJMEcGA1UEBRNAYjgxYjRhNWI0ODUwMjY1MWZmODcy OTg3MjBkZTM2NWNlZmUyN2ZjMmM5NzgyN2EwNWEzNjRkYTE2Zjk5ZDg4NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzkIhBY2OFKe/xNjIux6PNxuYzGc d8RY0OlIeQ28KxZBZN8par1feQ4+vsHwCsxDTECnP+ZuCkqOYlgIe27AXo/aDknH fluRRVB4V7rr2sTUf2cC167TR9UCqGR4ny0UMHPygUB0Dzy8q1EXMezwCw4Yen8V lla/D+YbvDy7qrrMm/Z4R05qYYgLNhYk3gZLMoV5553Rf5d93KzFTvU4yGZcmszT 3uGi2YdgDLx8hpuf7qcBQRX94eBpUGWzdN5lj3UrNL2LfgHcUc5tu9QHqR6/E6WE v5QoqXV/NDl7OrZ/9xJ2XWOHafLP19sMXM/g8aSR4dhkdTpBZnYAe9ozEQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBU3v03Bv7Z/ZWJK/dP7yxoE7ExJMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZkMjAyY2ZlLWJkNGMtNDE2ZS1iMmNjLWZiNTQ1N2Y3NzFiZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8wgwDQYJKoZIhvcNAQELBQADggEBAIN4aOjCHwE/LGu1LO3A ta0/z7M0D64WC8Fsaqut5uSfWkU3KYQv4PqDUnr+p0fp+5JnP8jNbmKH28v8KjCJ iBG/scXYmb0qrHUJVs97bayL/BT5bymu/1xtFNzSrcxliy7QPvVWy2zTC3doWC7X CJrZinY8WQxOW1HNy6uuspVM3JFxvuZM5afKeB9SCbUflbrZvvejQssMpeYG8Xf/ CFwyCisgMduEBuRqXOb21jZ/MzfTCqzxJ4zeWnmJVNSFnKCSTZnME//dqziUfYUX +S7r2Mq38Vg6huzuzkGUKVkJOCIvJXqBh/hxbT+8fQIM23wQV6bUrSWVHxBThSIE HG0= -----END CERTIFICATE-----Generated at Mon Aug 4 14:55:34 2025 by rpki-client