$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/982d87a7-4e0b-42ab-a73f-f497b43a2a36.roa File: 982d87a7-4e0b-42ab-a73f-f497b43a2a36.roa (raw, json) Hash identifier: 2qIAcSeoAnKQzGQybXbCoJ3qcYC9/ENVOnxvpmCRFrs= Subject key identifier: 73:97:3A:27:59:22:D0:4C:AB:BB:74:62:EA:C6:F9:C0:B3:7F:76:39 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 38540135D91BCD60DF3BCCC909B5DFC06B93868B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/982d87a7-4e0b-42ab-a73f-f497b43a2a36.roa Signing time: Wed 23 Jul 2025 00:01:22 +0000 ROA not before: Wed 23 Jul 2025 00:01:22 +0000 ROA not after: Wed 27 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:54:01:35:d9:1b:cd:60:df:3b:cc:c9:09:b5:df:c0:6b:93:86:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 23 00:01:22 2025 GMT Not After : Aug 27 23:59:59 2025 GMT Subject: serialNumber=13e371f2684021b9bc95db2a7d63bb26d90c2e383d1c27b4e4a32602d0764f55, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:f7:82:1c:73:29:aa:28:c6:e7:fd:76:d2:5d: 7b:e8:de:f3:45:05:d2:61:71:a4:64:95:e7:be:81: b2:87:b8:88:65:9b:d2:6e:36:b0:9f:7a:89:37:16: 41:fe:8a:4b:ec:c8:36:98:82:c2:e9:e0:75:5a:fd: 48:d6:c7:4f:db:c6:2c:bb:d9:21:4c:e3:45:b8:0d: 8b:55:e8:e6:26:ba:41:4d:8a:08:71:42:71:70:de: 71:69:ba:2f:32:d7:e3:4c:27:a0:77:49:e9:53:24: 4b:c0:34:1f:13:7b:45:69:b0:a5:60:24:2b:64:5b: a3:af:a6:b0:2d:e5:17:d2:95:d6:cd:b5:2f:60:1d: 5c:c7:51:b9:3a:f6:42:68:ac:74:52:52:6b:53:00: a5:16:ec:03:05:94:2d:f9:77:12:bd:b0:85:bf:b1: a7:23:63:74:25:c7:f6:63:4d:7d:60:23:f4:6b:0a: 17:23:98:3c:22:27:d1:ae:7e:c0:f2:6c:2e:21:7f: 55:8e:a8:f1:4a:98:f3:47:b6:2b:30:e2:ab:24:e7: 99:99:9e:3f:b6:7d:c4:b8:3b:9a:d2:5c:3c:4a:59: 9e:c0:ac:c3:0b:8b:58:f5:61:ab:6e:dc:1d:b2:51: 10:fe:d2:d7:57:d0:27:29:4b:5f:55:9f:2c:fb:7a: 86:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:97:3A:27:59:22:D0:4C:AB:BB:74:62:EA:C6:F9:C0:B3:7F:76:39 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/982d87a7-4e0b-42ab-a73f-f497b43a2a36.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:800::/40 Signature Algorithm: sha256WithRSAEncryption 45:fb:99:af:d4:ad:70:90:45:49:89:a2:f5:6c:7f:8c:4b:7b: 47:6a:d7:f2:91:da:a0:42:15:e4:0e:a5:d4:26:d3:d5:22:4e: 79:08:78:18:1d:c6:c9:99:ef:88:e6:72:96:57:20:a3:4a:c4: d0:84:a3:15:9a:57:90:07:28:30:18:cf:3b:7b:3d:03:e4:91: a9:56:dd:e2:c1:84:dd:73:68:e7:ac:b4:4b:3d:0f:22:a6:a6: 82:ef:1c:f8:c0:87:0a:3a:f9:1b:bc:73:dd:4b:a2:17:ca:1e: 48:fe:97:42:70:30:44:9d:36:15:34:08:cf:67:a0:29:8d:a9: 14:de:7e:44:24:ed:d3:1c:68:1d:2f:7e:23:97:0e:c3:ec:1a: 7b:0a:40:a9:ab:03:b4:3d:cc:42:1f:2b:52:dd:03:78:64:d2: 31:0f:3f:a1:6e:6b:e5:46:85:43:ba:7b:ad:d5:b0:cd:1d:73: 4f:e7:b4:e3:70:54:87:06:cd:8f:da:88:88:94:48:2e:cc:c3: f3:2d:d1:2b:b3:45:2d:c5:8a:56:c4:8b:3e:f9:d4:3b:d9:87: bf:e1:20:f6:3a:6c:64:af:ae:e6:4f:b3:df:b1:64:6a:d7:62: fd:32:94:26:84:d1:7e:c7:75:48:fd:74:b4:40:11:e1:ce:48: 35:2e:33:2d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOFQBNdkbzWDfO8zJCbXfwGuThoswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMzAwMDEyMloX DTI1MDgyNzIzNTk1OVowejFJMEcGA1UEBRNAMTNlMzcxZjI2ODQwMjFiOWJjOTVk YjJhN2Q2M2JiMjZkOTBjMmUzODNkMWMyN2I0ZTRhMzI2MDJkMDc2NGY1NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1feCHHMpqijG5/120l176N7zRQXS YXGkZJXnvoGyh7iIZZvSbjawn3qJNxZB/opL7Mg2mILC6eB1Wv1I1sdP28Ysu9kh TONFuA2LVejmJrpBTYoIcUJxcN5xabovMtfjTCegd0npUyRLwDQfE3tFabClYCQr ZFujr6awLeUX0pXWzbUvYB1cx1G5OvZCaKx0UlJrUwClFuwDBZQt+XcSvbCFv7Gn I2N0Jcf2Y019YCP0awoXI5g8IifRrn7A8mwuIX9VjqjxSpjzR7YrMOKrJOeZmZ4/ tn3EuDua0lw8SlmewKzDC4tY9WGrbtwdslEQ/tLXV9AnKUtfVZ8s+3qGcQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHOXOidZItBMq7t0YurG+cCzf3Y5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk4MmQ4N2E3LTRlMGItNDJhYi1hNzNmLWY0OTdiNDNhMmEzNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauQgwDQYJKoZIhvcNAQELBQADggEBAEX7ma/UrXCQRUmJovVs f4xLe0dq1/KR2qBCFeQOpdQm09UiTnkIeBgdxsmZ74jmcpZXIKNKxNCEoxWaV5AH KDAYzzt7PQPkkalW3eLBhN1zaOestEs9DyKmpoLvHPjAhwo6+Ru8c91LohfKHkj+ l0JwMESdNhU0CM9noCmNqRTefkQk7dMcaB0vfiOXDsPsGnsKQKmrA7Q9zEIfK1Ld A3hk0jEPP6Fua+VGhUO6e63VsM0dc0/ntONwVIcGzY/aiIiUSC7Mw/Mt0SuzRS3F ilbEiz751DvZh7/hIPY6bGSvruZPs9+xZGrXYv0ylCaE0X7HdUj9dLRAEeHOSDUu My0= -----END CERTIFICATE-----Generated at Mon Aug 4 14:53:08 2025 by rpki-client