$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/931330f5-9897-4b1f-9582-a81df9bb0324.roa File: 931330f5-9897-4b1f-9582-a81df9bb0324.roa (raw, json) Hash identifier: e1O2DMuapqpPgEZGel1+FjK7iI/zGgNpO3lBPWt9Cfk= Subject key identifier: 0C:95:A0:5B:DD:96:BB:CE:88:D7:CA:67:A4:A6:5F:BC:8E:72:0A:62 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 416DC76BBA580F2676118DFB4FA41806612B2D50 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/931330f5-9897-4b1f-9582-a81df9bb0324.roa Signing time: Fri 01 Aug 2025 00:00:21 +0000 ROA not before: Fri 01 Aug 2025 00:00:21 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:6d:c7:6b:ba:58:0f:26:76:11:8d:fb:4f:a4:18:06:61:2b:2d:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:00:21 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=deac9e7f8a3851e6d115c291c20d8b8fcefcba2445d09aae1a3a7c9b6bf937df, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:e6:a0:59:b5:09:5d:71:1c:e2:05:77:cf:e0: 57:df:1e:c1:7a:a3:18:eb:d1:c7:9e:80:18:86:8f: 15:21:65:a4:41:79:32:6c:ba:43:29:05:70:ab:d6: a1:aa:55:e4:00:a0:ba:ff:24:b4:0a:84:5c:cd:94: a2:1e:57:67:31:fa:b8:ef:55:81:2b:1e:14:3f:5a: 6b:ad:5a:c0:46:81:ff:8a:49:bc:c2:55:ca:62:90: 13:c6:6b:d0:2f:d6:d3:52:bb:aa:c7:9c:59:5a:ee: 7a:1f:6e:90:76:64:fe:7e:a1:70:32:d3:57:41:10: ae:b6:bc:bc:a8:9f:a9:eb:f9:37:d3:ff:77:b1:38: d2:5a:16:5e:39:d4:e5:e2:29:91:83:f2:ce:cc:00: 95:26:19:6b:18:33:a5:b2:76:69:70:fa:1b:98:e0: bc:4a:5a:fe:88:ec:44:a4:6c:3a:5b:f5:1a:e1:a6: 1b:08:17:66:66:01:8a:92:5a:41:fe:c9:26:33:9a: 35:5b:89:8d:36:66:ae:bc:f3:b5:ec:15:fe:7c:df: 75:46:85:69:6f:2d:0b:20:ad:a7:af:07:f2:1c:d3: 83:f5:47:43:3e:88:b1:f7:06:a9:c2:0c:02:7a:ab: 67:98:d6:39:f4:96:26:55:88:ef:e7:d5:54:93:f1: 80:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:95:A0:5B:DD:96:BB:CE:88:D7:CA:67:A4:A6:5F:BC:8E:72:0A:62 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/931330f5-9897-4b1f-9582-a81df9bb0324.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:6000::/40 Signature Algorithm: sha256WithRSAEncryption 3d:ea:56:f9:fe:4a:f9:b4:5a:ab:63:89:24:72:52:ad:29:2e: 1a:76:3d:09:ba:4f:33:3e:96:ca:6b:ab:33:b4:d7:13:07:3d: 8b:11:7e:e3:fd:36:9b:40:ac:0c:ef:3a:b6:be:ce:5e:c8:65: 1d:67:e4:ff:c6:03:b2:1e:fe:a1:1d:af:9e:f7:b6:8b:a6:d4: c9:04:a3:8b:6f:bb:99:84:71:c9:f2:5b:9e:c7:a9:a2:7c:43: bc:4c:32:92:74:4e:83:f6:ba:fd:82:d5:db:85:44:34:2d:46: 13:ff:e2:00:71:44:09:d7:a0:10:a8:e6:36:4e:c1:e5:96:a9: 95:4c:9a:cc:6e:a8:ba:35:c8:48:06:8a:8c:63:51:3f:1f:f5: a4:c8:86:4a:c0:cb:54:a6:f5:75:09:b5:26:b2:1c:cf:1b:34: ba:9b:04:6e:e1:03:a3:a6:5d:68:c7:d7:33:d0:02:23:ea:45: 4b:a6:a2:55:cf:1b:cc:34:b3:ed:16:86:f9:08:dc:b3:2a:64: 8d:8f:04:c6:37:84:d2:76:96:d7:ac:2f:04:f2:ba:6a:cd:a7: 2e:08:97:58:ea:6b:86:0e:d9:e7:b4:c2:d4:1f:c5:8d:9b:7b: 4e:39:ec:25:b2:f9:84:5a:7b:67:73:74:7a:9a:d0:ee:2d:df: 46:3a:0f:39 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQW3Ha7pYDyZ2EY37T6QYBmErLVAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwMDAyMVoX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAZGVhYzllN2Y4YTM4NTFlNmQxMTVj MjkxYzIwZDhiOGZjZWZjYmEyNDQ1ZDA5YWFlMWEzYTdjOWI2YmY5MzdkZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+agWbUJXXEc4gV3z+BX3x7BeqMY 69HHnoAYho8VIWWkQXkybLpDKQVwq9ahqlXkAKC6/yS0CoRczZSiHldnMfq471WB Kx4UP1prrVrARoH/ikm8wlXKYpATxmvQL9bTUruqx5xZWu56H26QdmT+fqFwMtNX QRCutry8qJ+p6/k30/93sTjSWhZeOdTl4imRg/LOzACVJhlrGDOlsnZpcPobmOC8 Slr+iOxEpGw6W/Ua4aYbCBdmZgGKklpB/skmM5o1W4mNNmauvPO17BX+fN91RoVp by0LIK2nrwfyHNOD9UdDPoix9wapwgwCeqtnmNY59JYmVYjv59VUk/GAVwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAyVoFvdlrvOiNfKZ6SmX7yOcgpiMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkzMTMzMGY1LTk4OTctNGIxZi05NTgyLWE4MWRmOWJiMDMyNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/mAwDQYJKoZIhvcNAQELBQADggEBAD3qVvn+Svm0WqtjiSRy Uq0pLhp2PQm6TzM+lsprqzO01xMHPYsRfuP9NptArAzvOra+zl7IZR1n5P/GA7Ie /qEdr573toum1MkEo4tvu5mEccnyW57HqaJ8Q7xMMpJ0ToP2uv2C1duFRDQtRhP/ 4gBxRAnXoBCo5jZOweWWqZVMmsxuqLo1yEgGioxjUT8f9aTIhkrAy1Sm9XUJtSay HM8bNLqbBG7hA6OmXWjH1zPQAiPqRUumolXPG8w0s+0WhvkI3LMqZI2PBMY3hNJ2 ltesLwTyumrNpy4Il1jqa4YO2ee0wtQfxY2be0457CWy+YRae2dzdHqa0O4t30Y6 Dzk= -----END CERTIFICATE-----Generated at Mon Aug 4 16:01:27 2025 by rpki-client