$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/817269f2-96fa-459a-a02d-a57162c8041a.roa File: 817269f2-96fa-459a-a02d-a57162c8041a.roa (raw, json) Hash identifier: O09No+OxLfWyfS6NssJxP1NQ67FYduNzMozcogU9JBQ= Subject key identifier: 94:29:65:4A:DC:26:96:38:DD:C7:A8:40:F5:FE:08:71:40:33:34:3E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6FA326C281BB5FFB9457C3B98CB010B0DEE82559 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/817269f2-96fa-459a-a02d-a57162c8041a.roa Signing time: Fri 01 Aug 2025 00:51:18 +0000 ROA not before: Fri 01 Aug 2025 00:51:18 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:a3:26:c2:81:bb:5f:fb:94:57:c3:b9:8c:b0:10:b0:de:e8:25:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:51:18 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=47079aaf1d69cd81bb78daf8e8e48480c73732ec8a55bf1786780bf470f299b6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:82:77:94:36:cd:75:55:65:c8:12:31:90:2c: bd:c0:fb:be:88:15:dc:85:18:05:60:64:e3:ca:2d: 0d:ac:01:a2:24:48:fc:69:e0:03:12:d1:2b:ca:a6: a0:07:4c:53:75:1d:22:ae:81:f3:3c:2a:63:29:a4: e9:a2:ff:b9:cd:ed:f7:ea:fa:c2:4c:c8:3b:f7:99: 21:fb:76:c8:e2:e6:0b:c4:4f:05:16:c5:16:2c:e3: 0f:ae:7d:5d:c7:60:33:3c:5c:b6:5f:22:50:b9:5a: a8:9d:4e:37:b6:67:bd:ca:0a:76:0d:7d:4b:4f:b0: 41:07:5a:73:e0:6e:52:c9:9d:0d:84:5c:69:bf:9e: c0:d0:64:b5:81:ce:bc:08:25:78:86:b2:65:ce:7e: 9c:92:50:68:28:8b:00:58:98:26:43:c1:86:c5:b8: 1f:e0:65:67:e2:56:4c:3f:46:4a:5f:89:30:aa:58: e6:17:a0:70:96:21:0a:5f:6e:26:56:c0:3a:47:4f: 2e:27:42:4d:05:21:55:c6:4f:82:79:a7:78:e4:2a: eb:43:88:4d:12:e4:71:8c:6a:17:0c:a1:c8:71:38: 30:54:37:05:92:f8:fe:ca:29:49:3f:34:86:17:7a: 5d:a2:8c:2d:dd:35:d9:d2:f7:37:57:a4:62:58:05: d0:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:29:65:4A:DC:26:96:38:DD:C7:A8:40:F5:FE:08:71:40:33:34:3E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/817269f2-96fa-459a-a02d-a57162c8041a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1e::/32 Signature Algorithm: sha256WithRSAEncryption 7b:d9:cc:e4:37:04:8a:29:50:98:ea:d3:2d:b2:bd:d3:96:ce: dc:f6:13:7f:9e:30:aa:40:1e:ca:41:f1:05:4b:3a:64:78:0a: ee:43:9a:54:a6:09:27:a5:7c:e2:a2:2f:3c:fe:80:a8:ff:b5: 4c:e0:d2:3f:87:49:ac:c4:2f:87:07:c2:d2:ff:af:ff:58:51: 76:f6:0b:36:97:87:df:d0:ef:7d:e0:0e:dd:8f:9a:ae:b3:22: 94:5a:14:94:3d:61:97:c4:ae:db:89:8f:89:28:b5:80:97:11: 18:b1:be:5e:56:17:50:2e:e6:12:ea:7f:11:cc:01:5c:f8:fc: 1c:b1:f9:22:cd:d9:b8:09:41:0e:1a:b9:f2:e3:0d:df:85:f2: 2c:44:71:55:dd:69:c4:39:f3:e5:dd:06:f3:8e:c9:7a:aa:73: 16:f8:07:61:c7:4e:b8:6e:1d:42:22:4a:3c:42:ca:5a:a5:c6: a0:47:bf:68:fa:0f:8f:b4:64:66:e2:af:8a:53:45:55:e3:c6: d8:1e:d4:95:10:9e:33:47:4c:8f:74:5a:79:a7:8d:5c:fb:b6: 97:f1:12:2c:c2:16:85:1e:ff:c1:a5:cf:25:bf:74:d6:31:78: 05:f9:6e:0f:36:57:30:a4:98:cc:e4:7f:34:ff:43:41:ca:79: d9:ff:06:85 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUb6MmwoG7X/uUV8O5jLAQsN7oJVkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwNTExOFoX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNANDcwNzlhYWYxZDY5Y2Q4MWJiNzhk YWY4ZThlNDg0ODBjNzM3MzJlYzhhNTViZjE3ODY3ODBiZjQ3MGYyOTliNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4J3lDbNdVVlyBIxkCy9wPu+iBXc hRgFYGTjyi0NrAGiJEj8aeADEtEryqagB0xTdR0iroHzPCpjKaTpov+5ze336vrC TMg795kh+3bI4uYLxE8FFsUWLOMPrn1dx2AzPFy2XyJQuVqonU43tme9ygp2DX1L T7BBB1pz4G5SyZ0NhFxpv57A0GS1gc68CCV4hrJlzn6cklBoKIsAWJgmQ8GGxbgf 4GVn4lZMP0ZKX4kwqljmF6BwliEKX24mVsA6R08uJ0JNBSFVxk+Cead45CrrQ4hN EuRxjGoXDKHIcTgwVDcFkvj+yilJPzSGF3pdoowt3TXZ0vc3V6RiWAXQ+wIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFJQpZUrcJpY43ceoQPX+CHFAMzQ+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzgxNzI2OWYyLTk2ZmEtNDU5YS1hMDJkLWE1NzE2MmM4MDQxYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbaHjANBgkqhkiG9w0BAQsFAAOCAQEAe9nM5DcEiilQmOrTLbK9 05bO3PYTf54wqkAeykHxBUs6ZHgK7kOaVKYJJ6V84qIvPP6AqP+1TODSP4dJrMQv hwfC0v+v/1hRdvYLNpeH39DvfeAO3Y+arrMilFoUlD1hl8Su24mPiSi1gJcRGLG+ XlYXUC7mEup/EcwBXPj8HLH5Is3ZuAlBDhq58uMN34XyLERxVd1pxDnz5d0G847J eqpzFvgHYcdOuG4dQiJKPELKWqXGoEe/aPoPj7RkZuKvilNFVePG2B7UlRCeM0dM j3RaeaeNXPu2l/ESLMIWhR7/waXPJb901jF4BfluDzZXMKSYzOR/NP9DQcp52f8G hQ== -----END CERTIFICATE-----Generated at Mon Aug 4 14:14:10 2025 by rpki-client