$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/805b67b5-4a3c-4df5-ba24-7f671bea2f7d.roa File: 805b67b5-4a3c-4df5-ba24-7f671bea2f7d.roa (raw, json) Hash identifier: OqzuJZXq2n7kG7O577+VmJSfNCIKTW9eiSbYbfOdhZM= Subject key identifier: C0:89:04:8A:1B:8A:ED:0C:70:02:05:73:54:34:B8:04:05:0E:BE:BC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 197A450E728171B59449DD050B11F18AEE0142FC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/805b67b5-4a3c-4df5-ba24-7f671bea2f7d.roa Signing time: Wed 30 Jul 2025 17:38:32 +0000 ROA not before: Wed 30 Jul 2025 17:38:32 +0000 ROA not after: Wed 03 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:7a:45:0e:72:81:71:b5:94:49:dd:05:0b:11:f1:8a:ee:01:42:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 30 17:38:32 2025 GMT Not After : Sep 3 23:59:59 2025 GMT Subject: serialNumber=444c885051f49d27673d94a5d86467e6bc393476607a7cccc7d101c6f2b4622f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:52:63:e0:59:15:54:5e:5c:c2:cf:b7:d9:f1: a2:7e:03:36:6e:54:9f:cb:6b:9e:9a:14:44:9d:f8: 72:f5:88:37:9c:fc:28:c0:b7:d8:0d:c2:52:66:89: 8a:f5:46:fa:63:f9:4a:a3:ab:fc:8a:c0:16:2b:ba: 59:60:6d:69:05:a9:c5:b9:4d:1e:64:43:96:52:fd: d7:40:65:e4:e1:18:55:de:be:31:5a:50:27:47:27: 88:35:57:32:75:44:51:60:e2:a9:34:65:60:73:88: 9e:2e:4c:c4:3e:65:19:85:91:21:30:53:b9:ed:df: de:a1:0b:f6:68:24:8a:b3:f0:0f:e7:99:c6:f0:b1: 5d:17:80:a2:6e:6c:68:c1:6e:b5:65:78:ce:d0:10: dc:f3:68:aa:67:3d:01:61:69:e2:e0:f3:05:a6:0e: ee:19:ba:e6:c2:28:f1:53:4b:c2:78:79:55:a7:4c: df:a8:06:bf:64:55:c0:0b:11:18:fd:05:27:ed:31: c3:63:19:1e:42:91:56:23:65:b5:36:6b:32:b6:2b: 20:90:1e:4f:ec:74:33:30:f7:4b:0b:9c:6d:90:a0: 39:b4:e9:7d:95:47:87:a0:29:2b:3d:7d:af:51:d9: 4b:36:8d:43:b1:f4:82:dc:35:39:1d:55:57:39:d3: d0:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:89:04:8A:1B:8A:ED:0C:70:02:05:73:54:34:B8:04:05:0E:BE:BC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/805b67b5-4a3c-4df5-ba24-7f671bea2f7d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:8000::/40 Signature Algorithm: sha256WithRSAEncryption 3d:80:a5:6c:1b:42:af:24:00:ac:ab:d1:be:48:80:49:77:34: c8:3a:e2:cc:79:06:3b:57:bc:0b:71:01:70:8c:12:6a:5d:22: 68:5c:fc:8f:26:2f:d0:6b:93:8d:73:0a:7b:7a:32:ae:f5:64: f4:80:ef:30:89:60:f7:a1:1e:44:8c:d6:17:e3:e8:3b:17:43: 09:1f:dc:8c:9b:e1:bc:e9:63:36:c1:1a:2b:ad:62:af:2a:75: 96:f4:e2:45:cf:2e:03:05:bb:78:93:8c:dd:49:01:80:c1:ca: 2a:ee:64:3f:dc:2a:67:8d:f7:3f:7a:6c:be:3e:2b:31:9d:90: 57:94:3b:b9:a8:01:29:16:db:19:4e:47:66:44:cf:5b:c8:14: f8:a6:e1:03:1a:12:ea:17:5f:71:0b:0f:c0:de:48:6d:aa:13: 3d:d4:df:22:9a:c3:0d:6c:ca:20:89:e2:66:c9:31:9a:e6:61: 86:07:43:11:96:1c:05:e2:0a:56:79:e1:ca:c9:ae:c1:ea:24: d7:e7:e7:6f:dc:0d:c2:72:ba:0e:d3:fb:19:2f:73:9b:ef:78: 89:0c:b4:bb:8d:be:29:c6:fa:6d:a3:98:6c:cc:2d:3c:25:7b: 8e:4c:98:1e:f1:80:29:2a:67:9c:57:30:77:2e:58:ab:31:72: ae:29:bb:fb -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGXpFDnKBcbWUSd0FCxHxiu4BQvwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDE3MzgzMloX DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNANDQ0Yzg4NTA1MWY0OWQyNzY3M2Q5 NGE1ZDg2NDY3ZTZiYzM5MzQ3NjYwN2E3Y2NjYzdkMTAxYzZmMmI0NjIyZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlJj4FkVVF5cws+32fGifgM2blSf y2uemhREnfhy9Yg3nPwowLfYDcJSZomK9Ub6Y/lKo6v8isAWK7pZYG1pBanFuU0e ZEOWUv3XQGXk4RhV3r4xWlAnRyeINVcydURRYOKpNGVgc4ieLkzEPmUZhZEhMFO5 7d/eoQv2aCSKs/AP55nG8LFdF4CibmxowW61ZXjO0BDc82iqZz0BYWni4PMFpg7u GbrmwijxU0vCeHlVp0zfqAa/ZFXACxEY/QUn7THDYxkeQpFWI2W1NmsytisgkB5P 7HQzMPdLC5xtkKA5tOl9lUeHoCkrPX2vUdlLNo1DsfSC3DU5HVVXOdPQnQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMCJBIobiu0McAIFc1Q0uAQFDr68MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzgwNWI2N2I1LTRhM2MtNGRmNS1iYTI0LTdmNjcxYmVhMmY3ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaYAwDQYJKoZIhvcNAQELBQADggEBAD2ApWwbQq8kAKyr0b5I gEl3NMg64sx5BjtXvAtxAXCMEmpdImhc/I8mL9Brk41zCnt6Mq71ZPSA7zCJYPeh HkSM1hfj6DsXQwkf3Iyb4bzpYzbBGiutYq8qdZb04kXPLgMFu3iTjN1JAYDByiru ZD/cKmeN9z96bL4+KzGdkFeUO7moASkW2xlOR2ZEz1vIFPim4QMaEuoXX3ELD8De SG2qEz3U3yKaww1syiCJ4mbJMZrmYYYHQxGWHAXiClZ54crJrsHqJNfn52/cDcJy ug7T+xkvc5vveIkMtLuNvinG+m2jmGzMLTwle45MmB7xgCkqZ5xXMHcuWKsxcq4p u/s= -----END CERTIFICATE-----Generated at Mon Aug 4 14:06:50 2025 by rpki-client