$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a7b6771f-2f85-4683-b0d9-3a749bbe218a.roa File: a7b6771f-2f85-4683-b0d9-3a749bbe218a.roa (raw, json) Hash identifier: mimrmJkkwnGIWesu2TAxm5ryQ48/ME17qtbxfLKWExA= Subject key identifier: FD:E9:7B:E3:1E:E5:8A:EF:AC:D2:3B:9E:BF:1E:F1:19:B2:81:12:F7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 52596228D8CD347D885A45C99921D1CDBDAFF7D5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a7b6771f-2f85-4683-b0d9-3a749bbe218a.roa Signing time: Mon 21 Jul 2025 15:11:33 +0000 ROA not before: Mon 21 Jul 2025 15:11:33 +0000 ROA not after: Mon 25 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:59:62:28:d8:cd:34:7d:88:5a:45:c9:99:21:d1:cd:bd:af:f7:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 21 15:11:33 2025 GMT Not After : Aug 25 23:59:59 2025 GMT Subject: serialNumber=5993b462ee5801bb0d0528f6d013bf69a710d65bc6a0588ef3f59900b5f7c171, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:8f:a9:9b:fa:c2:01:af:9c:96:f1:ff:3d:68: d8:d8:de:e1:86:58:86:48:ed:61:03:93:5f:6e:34: 53:5c:8f:06:c1:b3:ad:fd:da:09:8f:4b:5f:03:94: f9:56:30:ac:6f:6f:f6:5d:b3:0e:fc:e0:a4:e1:5e: f2:7f:85:e0:37:28:13:04:87:f3:7d:e8:b5:a9:1d: c8:e7:b1:14:48:c2:29:a8:80:c8:ca:08:62:2e:4d: c4:c6:48:07:ab:92:c6:aa:32:c2:93:6c:6b:04:84: 9e:ce:f3:13:16:ad:6b:79:89:c3:10:5c:8b:f2:11: a3:0f:6b:65:ca:d7:50:41:b7:ba:93:ed:f6:0b:70: b5:b7:52:8c:ad:98:42:c2:94:7a:6f:2c:78:a3:a7: 28:62:5f:60:6c:55:08:18:88:1a:ef:d1:ca:c0:be: 78:5a:10:e0:ff:1b:99:67:e5:cb:fe:ef:c0:4e:9e: 50:a6:fa:7f:c4:ce:c5:bc:cc:60:ee:13:2f:e8:24: 9f:38:24:19:99:9c:cf:c4:ab:64:c9:02:03:69:67: 5e:d4:c6:66:8a:8d:97:e8:5c:5b:73:a1:e2:4d:01: c3:82:63:2f:fd:7a:41:4a:83:dc:fb:8c:0a:fd:8b: 7a:60:60:db:52:bb:1d:61:94:9e:17:ef:86:73:84: d5:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:E9:7B:E3:1E:E5:8A:EF:AC:D2:3B:9E:BF:1E:F1:19:B2:81:12:F7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a7b6771f-2f85-4683-b0d9-3a749bbe218a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:6000::/40 Signature Algorithm: sha256WithRSAEncryption 17:a4:17:e1:29:13:af:09:da:e1:b6:9a:00:e2:be:ad:45:e0: 30:be:0c:89:ff:a0:60:af:45:bc:4d:d0:76:43:81:ee:ab:df: 04:2b:f3:7e:04:69:24:5f:7f:13:28:71:7a:40:72:28:43:bc: e4:56:30:5d:ab:b5:72:f2:51:6f:be:61:f3:be:ce:1a:61:b9: aa:9e:29:69:f0:c2:3f:bc:9a:e4:7e:f7:1b:fd:de:af:72:db: 64:ea:09:af:a4:c6:46:43:25:ea:3f:22:fd:21:c2:95:52:2f: 24:4a:9a:56:7b:79:0a:71:28:3c:8b:90:c9:28:af:07:fb:b9: 66:13:e9:b2:a4:67:51:53:b4:4c:e8:e7:96:c0:65:d6:e0:5a: ba:c4:6b:ac:05:be:e5:f8:3e:96:c0:71:8e:15:ed:7e:e3:e4: 11:e8:f1:03:0d:ef:af:bf:a3:bf:30:3f:e8:2c:25:01:df:be: 00:b1:6f:5c:33:e5:6a:2d:a5:40:db:e5:74:75:e0:35:af:31: a4:af:ff:19:f0:1e:8c:9e:f6:6b:29:26:36:8e:e0:67:68:1c: fa:9e:0d:66:d7:61:8e:29:62:db:b5:33:20:d3:51:8e:1b:55: 09:12:39:13:f1:de:b3:89:84:3e:c6:57:e5:00:21:a1:1c:42: f1:65:37:b7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUUlliKNjNNH2IWkXJmSHRzb2v99UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMTE1MTEzM1oX DTI1MDgyNTIzNTk1OVowejFJMEcGA1UEBRNANTk5M2I0NjJlZTU4MDFiYjBkMDUy OGY2ZDAxM2JmNjlhNzEwZDY1YmM2YTA1ODhlZjNmNTk5MDBiNWY3YzE3MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiY+pm/rCAa+clvH/PWjY2N7hhliG SO1hA5NfbjRTXI8GwbOt/doJj0tfA5T5VjCsb2/2XbMO/OCk4V7yf4XgNygTBIfz fei1qR3I57EUSMIpqIDIyghiLk3ExkgHq5LGqjLCk2xrBISezvMTFq1reYnDEFyL 8hGjD2tlytdQQbe6k+32C3C1t1KMrZhCwpR6byx4o6coYl9gbFUIGIga79HKwL54 WhDg/xuZZ+XL/u/ATp5Qpvp/xM7FvMxg7hMv6CSfOCQZmZzPxKtkyQIDaWde1MZm io2X6Fxbc6HiTQHDgmMv/XpBSoPc+4wK/Yt6YGDbUrsdYZSeF++Gc4TVdQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFP3pe+Me5YrvrNI7nr8e8RmygRL3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E3YjY3NzFmLTJmODUtNDY4My1iMGQ5LTNhNzQ5YmJlMjE4YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauGAwDQYJKoZIhvcNAQELBQADggEBABekF+EpE68J2uG2mgDi vq1F4DC+DIn/oGCvRbxN0HZDge6r3wQr834EaSRffxMocXpAcihDvORWMF2rtXLy UW++YfO+zhphuaqeKWnwwj+8muR+9xv93q9y22TqCa+kxkZDJeo/Iv0hwpVSLyRK mlZ7eQpxKDyLkMkorwf7uWYT6bKkZ1FTtEzo55bAZdbgWrrEa6wFvuX4PpbAcY4V 7X7j5BHo8QMN76+/o78wP+gsJQHfvgCxb1wz5WotpUDb5XR14DWvMaSv/xnwHoye 9mspJjaO4GdoHPqeDWbXYY4pYtu1MyDTUY4bVQkSORPx3rOJhD7GV+UAIaEcQvFl N7c= -----END CERTIFICATE-----Generated at Mon Aug 4 14:14:34 2025 by rpki-client