$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/964875b1-60c6-4631-a709-ba5faa0c06e7.roa File: 964875b1-60c6-4631-a709-ba5faa0c06e7.roa (raw, json) Hash identifier: S9+aXQdOBem+dQUTNUnoTKEt8X+6Agu2fnyxUK6ZEkk= Subject key identifier: 42:43:FA:F2:17:2B:36:3D:EF:83:EA:EA:A9:65:8B:12:26:2F:1E:4A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 091E6BD97455595BC8DF05690ABAA8329CDFB19C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/964875b1-60c6-4631-a709-ba5faa0c06e7.roa Signing time: Wed 30 Jul 2025 17:38:43 +0000 ROA not before: Wed 30 Jul 2025 17:38:43 +0000 ROA not after: Wed 03 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 10 Aug 2025 00:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:1e:6b:d9:74:55:59:5b:c8:df:05:69:0a:ba:a8:32:9c:df:b1:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 30 17:38:43 2025 GMT Not After : Sep 3 23:59:59 2025 GMT Subject: serialNumber=7f01d4e19a0c4d4459e2a8bcda535424105ce018ba4c3088bac69a0f0d1699be, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:a8:91:f4:81:3f:3b:9b:5b:c2:07:92:cb:5d: 2c:ee:59:e9:30:24:c5:22:f7:c5:33:81:45:d6:c6: 50:58:bc:40:64:07:06:7a:26:62:20:38:87:e5:02: be:34:dd:c5:ec:08:5d:bf:fe:a2:90:1f:7e:7e:ef: 57:ca:62:23:78:5c:0b:c2:66:84:1b:15:ac:41:bd: d3:99:21:52:62:31:59:22:af:ce:ac:74:04:ef:2a: 4d:48:77:73:a3:ef:19:5e:a3:cb:40:02:56:72:f8: c1:50:1f:41:51:b4:e8:91:50:ff:0d:61:23:1d:24: f0:9f:25:d7:59:3c:09:d9:52:c7:d7:63:7e:6f:c1: 48:f4:44:bc:02:f0:0f:c2:86:9e:55:e5:90:3c:36: da:28:12:fc:7e:ca:38:ad:cd:95:b1:df:90:09:58: dc:bc:c1:e6:6b:7b:72:35:5f:e6:a5:44:e3:63:c0: 9c:b9:b4:38:f5:af:65:e8:eb:e0:d8:21:cc:e0:92: 01:ed:fe:db:dc:43:a9:86:e2:07:93:0e:3f:de:cd: 49:96:d0:f3:1b:8d:07:34:a0:32:75:e3:0e:da:f2: 15:eb:44:a4:ba:6f:0f:8c:cc:64:7c:fd:d2:76:c6: 91:67:04:9f:eb:d5:96:a4:ca:7b:66:54:9f:0c:77: 2f:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:43:FA:F2:17:2B:36:3D:EF:83:EA:EA:A9:65:8B:12:26:2F:1E:4A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/964875b1-60c6-4631-a709-ba5faa0c06e7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:2000::/40 Signature Algorithm: sha256WithRSAEncryption 1f:91:8f:64:cd:b7:e7:d3:31:da:93:31:4f:62:f7:09:69:86: be:c3:d0:86:f7:1a:70:ba:1a:4f:45:35:1c:fb:51:a9:11:5f: 88:b6:c9:49:3e:d6:c2:cd:53:88:08:d0:d7:b9:55:7b:b8:eb: 96:41:a4:43:41:89:9c:fd:5b:3e:ee:fc:62:fe:33:99:f9:1a: 09:d6:68:05:93:a9:0b:97:7c:f6:12:e8:25:8c:53:88:21:c5: 28:d0:3b:9c:5a:58:f1:7e:81:94:dd:b4:b1:b6:a8:cd:aa:bd: ce:fc:a6:6e:4c:16:8d:41:90:91:ce:7d:e9:05:1a:df:93:94: 9a:6d:57:b7:ea:05:be:15:d2:49:39:52:0e:53:bb:45:3c:82: 08:e1:39:55:8b:98:cd:1f:10:de:10:ca:59:e6:b4:eb:ea:84: 08:8c:64:a5:dd:48:ea:31:41:f3:66:cc:7b:7e:1c:1a:16:8e: e4:1e:bc:35:2d:a5:2f:86:44:c6:3a:68:37:46:3a:0d:74:fe: c4:5d:2c:29:b3:34:82:75:a5:06:d1:4f:9d:7b:fe:10:a8:e5: 3e:31:47:49:42:99:7b:3e:b3:e3:58:8d:ab:4e:23:4f:7d:8c: ed:aa:4a:02:60:b1:73:ed:4c:a8:0c:3c:87:3d:e9:da:2a:65: 8f:f3:3d:c1 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCR5r2XRVWVvI3wVpCrqoMpzfsZwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDE3Mzg0M1oX DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAN2YwMWQ0ZTE5YTBjNGQ0NDU5ZTJh OGJjZGE1MzU0MjQxMDVjZTAxOGJhNGMzMDg4YmFjNjlhMGYwZDE2OTliZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqiR9IE/O5tbwgeSy10s7lnpMCTF IvfFM4FF1sZQWLxAZAcGeiZiIDiH5QK+NN3F7Ahdv/6ikB9+fu9XymIjeFwLwmaE GxWsQb3TmSFSYjFZIq/OrHQE7ypNSHdzo+8ZXqPLQAJWcvjBUB9BUbTokVD/DWEj HSTwnyXXWTwJ2VLH12N+b8FI9ES8AvAPwoaeVeWQPDbaKBL8fso4rc2Vsd+QCVjc vMHma3tyNV/mpUTjY8CcubQ49a9l6Ovg2CHM4JIB7f7b3EOphuIHkw4/3s1JltDz G40HNKAydeMO2vIV60Skum8PjMxkfP3SdsaRZwSf69WWpMp7ZlSfDHcv3wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEJD+vIXKzY974Pq6qllixImLx5KMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk2NDg3NWIxLTYwYzYtNDYzMS1hNzA5LWJhNWZhYTBjMDZlNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+yAwDQYJKoZIhvcNAQELBQADggEBAB+Rj2TNt+fTMdqTMU9i 9wlphr7D0Ib3GnC6Gk9FNRz7UakRX4i2yUk+1sLNU4gI0Ne5VXu465ZBpENBiZz9 Wz7u/GL+M5n5GgnWaAWTqQuXfPYS6CWMU4ghxSjQO5xaWPF+gZTdtLG2qM2qvc78 pm5MFo1BkJHOfekFGt+TlJptV7fqBb4V0kk5Ug5Tu0U8ggjhOVWLmM0fEN4Qylnm tOvqhAiMZKXdSOoxQfNmzHt+HBoWjuQevDUtpS+GRMY6aDdGOg10/sRdLCmzNIJ1 pQbRT517/hCo5T4xR0lCmXs+s+NYjatOI099jO2qSgJgsXPtTKgMPIc96doqZY/z PcE= -----END CERTIFICATE-----Generated at Wed Aug 6 10:17:02 2025 by rpki-client