$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/783b96f4-81ad-4d1d-a0e6-647a0ff39448.roa File: 783b96f4-81ad-4d1d-a0e6-647a0ff39448.roa (raw, json) Hash identifier: jwOjt8FqZ01sV02YngsWFgtzumCQ8O/y4asnqf+Eywk= Subject key identifier: A3:FF:2D:AC:24:C2:DB:B6:5B:23:97:5C:E6:51:06:A5:40:22:02:D5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 24DF4005FA5D072BB767BE526DEA6ABFA3E83FF9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/783b96f4-81ad-4d1d-a0e6-647a0ff39448.roa Signing time: Wed 23 Jul 2025 00:00:04 +0000 ROA not before: Wed 23 Jul 2025 00:00:04 +0000 ROA not after: Wed 27 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 00:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:df:40:05:fa:5d:07:2b:b7:67:be:52:6d:ea:6a:bf:a3:e8:3f:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 23 00:00:04 2025 GMT Not After : Aug 27 23:59:59 2025 GMT Subject: serialNumber=d4d25befd6c7435994e20e156586593cdd76b2239ab254945a657cd082d6867f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:75:42:b4:e9:d8:d5:43:a1:4f:47:0f:cc:7e: 88:23:a1:34:8f:98:ab:1d:9c:82:d2:95:bf:a4:8e: 9a:a1:44:44:01:8a:e1:dd:1d:60:f5:7c:ac:96:68: 4a:07:7c:4a:e4:5a:eb:65:dc:2f:c1:a8:98:7e:44: 4c:f4:dc:06:82:24:f3:0b:db:e3:20:ef:f8:52:6a: 86:f2:f9:77:c0:36:d1:5d:a5:32:6b:38:68:ab:59: 36:29:e1:f9:8c:c4:06:74:48:f8:ad:b1:64:39:b7: 91:37:ee:b2:f8:bf:fc:3d:75:d8:ff:d7:da:60:e3: 2d:f4:ad:63:1d:cb:dd:ab:0d:90:45:27:4d:0b:d7: 03:61:a8:bd:61:24:54:63:8e:08:7a:7a:ee:cf:f6: fc:65:ec:04:02:b9:cd:68:7d:14:22:40:45:9d:4f: 3d:36:4e:72:7e:60:d1:f6:26:38:48:f3:eb:49:e4: 0d:2e:94:02:32:4e:83:d9:ce:54:0a:6e:e6:2f:04: 04:b1:12:1c:1f:b7:c6:c9:10:83:ef:76:14:41:88: ba:ee:13:31:d6:58:ab:0d:c7:3d:b9:80:e8:19:f7: 9c:58:71:51:9c:89:89:82:a6:c1:c1:b2:af:d7:bf: 0b:e6:6b:a5:ed:34:6b:e6:58:2a:d4:6c:5f:58:19: 8c:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:FF:2D:AC:24:C2:DB:B6:5B:23:97:5C:E6:51:06:A5:40:22:02:D5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/783b96f4-81ad-4d1d-a0e6-647a0ff39448.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:9000::/40 Signature Algorithm: sha256WithRSAEncryption 09:70:77:eb:30:11:b5:de:97:85:46:24:b5:6d:7f:9a:a3:b7: 67:1f:69:d1:5f:b0:be:61:32:47:57:e7:ad:a8:95:1f:c9:c0: 7c:de:0b:d3:d8:db:0f:a7:42:00:f4:e8:bf:54:64:03:22:fb: e8:ec:fe:1f:7c:6b:3d:f8:66:c7:15:36:62:63:8b:65:f7:1f: bf:18:9a:68:c8:aa:82:4e:6f:b0:7b:60:a9:25:91:74:31:3d: 71:ed:45:fa:4e:1a:2e:db:9d:9b:df:f5:69:54:66:24:d7:d3: 4f:1d:82:5b:a3:11:9f:64:17:65:b9:cf:5b:25:e9:6e:56:8a: 10:0c:4e:82:75:92:9e:6e:00:de:3e:21:35:e6:44:88:95:4e: 81:b2:2f:d2:c3:25:f1:22:6d:2b:ab:77:f7:9e:db:b4:e0:37: 90:61:0a:da:57:6a:dc:e5:d6:85:10:cd:41:31:bf:23:61:23: fa:7d:04:b7:09:08:cf:4e:ab:c5:b9:62:2b:20:b2:a7:83:31: b2:67:9b:02:14:62:69:3e:18:9d:be:50:82:02:da:cc:11:09: b2:e3:8a:b9:02:e4:da:58:96:91:3f:8d:a5:ea:20:8b:fa:81: f1:69:d9:36:74:85:1b:89:34:aa:ba:a2:bd:87:e6:94:82:5f: 49:1d:7f:6a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJN9ABfpdByu3Z75Sbepqv6PoP/kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMzAwMDAwNFoX DTI1MDgyNzIzNTk1OVowejFJMEcGA1UEBRNAZDRkMjViZWZkNmM3NDM1OTk0ZTIw ZTE1NjU4NjU5M2NkZDc2YjIyMzlhYjI1NDk0NWE2NTdjZDA4MmQ2ODY3ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHVCtOnY1UOhT0cPzH6II6E0j5ir HZyC0pW/pI6aoUREAYrh3R1g9XyslmhKB3xK5FrrZdwvwaiYfkRM9NwGgiTzC9vj IO/4UmqG8vl3wDbRXaUyazhoq1k2KeH5jMQGdEj4rbFkObeRN+6y+L/8PXXY/9fa YOMt9K1jHcvdqw2QRSdNC9cDYai9YSRUY44Ienruz/b8ZewEArnNaH0UIkBFnU89 Nk5yfmDR9iY4SPPrSeQNLpQCMk6D2c5UCm7mLwQEsRIcH7fGyRCD73YUQYi67hMx 1lirDcc9uYDoGfecWHFRnImJgqbBwbKv178L5mul7TRr5lgq1GxfWBmMWQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKP/Lawkwtu2WyOXXOZRBqVAIgLVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc4M2I5NmY0LTgxYWQtNGQxZC1hMGU2LTY0N2EwZmYzOTQ0OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauZAwDQYJKoZIhvcNAQELBQADggEBAAlwd+swEbXel4VGJLVt f5qjt2cfadFfsL5hMkdX562olR/JwHzeC9PY2w+nQgD06L9UZAMi++js/h98az34 ZscVNmJji2X3H78YmmjIqoJOb7B7YKklkXQxPXHtRfpOGi7bnZvf9WlUZiTX008d glujEZ9kF2W5z1sl6W5WihAMToJ1kp5uAN4+ITXmRIiVToGyL9LDJfEibSurd/ee 27TgN5BhCtpXatzl1oUQzUExvyNhI/p9BLcJCM9Oq8W5YisgsqeDMbJnmwIUYmk+ GJ2+UIIC2swRCbLjirkC5NpYlpE/jaXqIIv6gfFp2TZ0hRuJNKq6or2H5pSCX0kd f2o= -----END CERTIFICATE-----Generated at Tue Aug 5 17:12:58 2025 by rpki-client