$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6edf2912-47ba-4d32-af54-cfec67c5a726.roa File: 6edf2912-47ba-4d32-af54-cfec67c5a726.roa (raw, json) Hash identifier: E9ASjVFMZaC9emjrGfCfihL+mhwBJHdziob1yX2JkJ0= Subject key identifier: FD:38:7A:A6:61:60:C9:B0:03:05:DD:9E:3F:EE:2A:D6:1D:C1:52:18 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5BD5E7EBEF46FF342DEC0566FA62A5F19A8BF42A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6edf2912-47ba-4d32-af54-cfec67c5a726.roa Signing time: Fri 01 Aug 2025 00:10:21 +0000 ROA not before: Fri 01 Aug 2025 00:10:21 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:d5:e7:eb:ef:46:ff:34:2d:ec:05:66:fa:62:a5:f1:9a:8b:f4:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:10:21 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=9a0f51ac10d7dcc390ee29de5816e899ba44f10806bd92a0b93b232d4e5ef119, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fb:01:ae:13:2d:d3:ec:ba:ec:7f:00:64:9d:5f: 71:7d:59:09:b7:e9:c7:f4:d1:35:88:7e:a5:c4:ec: cf:23:3d:ba:ec:48:b4:d5:d2:03:20:42:5c:af:05: e8:7a:9c:47:ad:63:b8:7b:68:3b:b3:cc:95:dc:32: 7e:62:40:39:47:8a:49:7c:ef:de:b2:4a:f9:8d:af: 97:29:0e:40:11:e0:3e:29:90:c8:e6:48:48:60:83: 69:ea:84:f6:60:88:24:14:ff:29:9a:fe:ae:1e:d4: 0c:d4:70:ed:74:54:a7:c9:70:a8:5b:d4:5f:d1:5c: 1a:5e:ee:28:24:07:ff:4f:f3:ce:aa:47:f8:15:05: c4:aa:bf:69:75:b2:44:c1:e1:90:6d:dd:87:34:18: 22:58:a6:75:62:b5:d9:27:9c:51:e4:63:fc:a4:9f: 2f:63:27:8b:89:c1:88:74:12:38:31:7b:3e:77:d2: bb:63:c7:e5:ad:7a:37:40:9d:57:79:a2:6f:4e:ef: c4:6d:f7:d0:57:f6:55:b0:12:ed:c8:9f:5b:1f:7c: bf:1f:b7:be:29:f5:c8:3c:c2:5f:7b:26:c9:17:2e: 78:2a:da:f5:14:fa:5f:09:f2:5a:9e:3d:00:b6:1a: 0b:ed:ca:73:b5:99:5d:75:17:5b:ee:bb:6c:61:3b: d5:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:38:7A:A6:61:60:C9:B0:03:05:DD:9E:3F:EE:2A:D6:1D:C1:52:18 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6edf2912-47ba-4d32-af54-cfec67c5a726.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:800::/40 Signature Algorithm: sha256WithRSAEncryption 0f:4e:76:27:f8:d2:b0:8b:83:a1:75:52:0a:db:6d:75:17:c0: 1e:7f:11:68:50:d4:15:8f:b6:50:42:db:b8:20:6f:fe:9b:94: 1a:f6:3f:5b:8f:79:33:3d:9c:ac:51:b2:50:76:23:bf:48:0c: ae:3c:48:16:0d:ec:c7:cd:4e:e7:76:c1:4c:06:2b:7a:ac:43: 16:99:56:09:0f:ab:8f:15:32:23:93:d9:f6:32:24:cd:e5:55: f2:40:bc:19:80:0c:69:19:bc:3a:25:ec:11:fa:46:ba:c0:17: 05:c7:b9:c1:81:b3:41:fb:51:2a:01:49:36:30:4a:3d:82:97: 62:5d:a0:a9:e5:db:78:0d:7d:d1:b5:72:ca:96:44:08:d3:a9: 65:f7:78:6a:b5:e0:49:8a:b1:c8:00:29:d3:a3:99:1c:b1:5f: b7:07:f6:f6:7d:b8:78:4f:1b:7d:d1:e4:fa:d6:30:5e:6d:58: 06:00:5c:75:88:c7:cd:67:6f:af:38:6d:69:b1:ba:88:cf:f5: 05:64:e9:91:79:3e:c2:4d:74:fa:83:ac:ee:6b:62:e3:51:8c: d2:9a:70:3b:10:eb:7e:f4:24:04:5b:fb:2d:29:1b:56:37:63: 0c:1a:48:09:ef:12:46:fb:7a:92:6b:87:b0:1c:e0:a1:6a:fd: e0:5b:5b:29 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUW9Xn6+9G/zQt7AVm+mKl8ZqL9CowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwMTAyMVoX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAOWEwZjUxYWMxMGQ3ZGNjMzkwZWUy OWRlNTgxNmU4OTliYTQ0ZjEwODA2YmQ5MmEwYjkzYjIzMmQ0ZTVlZjExOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+wGuEy3T7LrsfwBknV9xfVkJt+nH 9NE1iH6lxOzPIz267Ei01dIDIEJcrwXoepxHrWO4e2g7s8yV3DJ+YkA5R4pJfO/e skr5ja+XKQ5AEeA+KZDI5khIYINp6oT2YIgkFP8pmv6uHtQM1HDtdFSnyXCoW9Rf 0VwaXu4oJAf/T/POqkf4FQXEqr9pdbJEweGQbd2HNBgiWKZ1YrXZJ5xR5GP8pJ8v YyeLicGIdBI4MXs+d9K7Y8flrXo3QJ1XeaJvTu/EbffQV/ZVsBLtyJ9bH3y/H7e+ KfXIPMJfeybJFy54Ktr1FPpfCfJanj0AthoL7cpztZlddRdb7rtsYTvVZwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFP04eqZhYMmwAwXdnj/uKtYdwVIYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZlZGYyOTEyLTQ3YmEtNGQzMi1hZjU0LWNmZWM2N2M1YTcyNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacAgwDQYJKoZIhvcNAQELBQADggEBAA9Odif40rCLg6F1Ugrb bXUXwB5/EWhQ1BWPtlBC27ggb/6blBr2P1uPeTM9nKxRslB2I79IDK48SBYN7MfN Tud2wUwGK3qsQxaZVgkPq48VMiOT2fYyJM3lVfJAvBmADGkZvDol7BH6RrrAFwXH ucGBs0H7USoBSTYwSj2Cl2JdoKnl23gNfdG1csqWRAjTqWX3eGq14EmKscgAKdOj mRyxX7cH9vZ9uHhPG33R5PrWMF5tWAYAXHWIx81nb684bWmxuojP9QVk6ZF5PsJN dPqDrO5rYuNRjNKacDsQ6370JARb+y0pG1Y3YwwaSAnvEkb7epJrh7Ac4KFq/eBb Wyk= -----END CERTIFICATE-----Generated at Mon Aug 4 15:59:42 2025 by rpki-client