$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ab754b4b-74fd-42c1-8298-33b9dac12e67.roa File: ab754b4b-74fd-42c1-8298-33b9dac12e67.roa (raw, json) Hash identifier: FPEKUlhVCmBnnzCFIcEaecMgt3fIDPkhQzT9Cm9v+/A= Subject key identifier: 0C:7F:3E:48:B7:25:82:16:88:4D:7E:62:F5:53:66:9E:5F:70:A8:8B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0CC58A3B84385EF8CA44DDD396352C12D95DB842 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ab754b4b-74fd-42c1-8298-33b9dac12e67.roa Signing time: Wed 23 Jul 2025 00:00:36 +0000 ROA not before: Wed 23 Jul 2025 00:00:36 +0000 ROA not after: Wed 27 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:c5:8a:3b:84:38:5e:f8:ca:44:dd:d3:96:35:2c:12:d9:5d:b8:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 23 00:00:36 2025 GMT Not After : Aug 27 23:59:59 2025 GMT Subject: serialNumber=9cad0a3ad2d0e974e9b94f689aef22ec84a7fca22747d03ac8219a83774501d3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:ea:4f:2a:7f:b4:1e:d3:be:b0:67:d2:37:3f: 61:82:69:f1:0f:c6:c7:61:01:0d:b6:f4:df:69:52: 91:25:27:e4:b2:b9:5a:a8:bd:1a:14:c3:ce:5e:e3: f3:54:2b:d3:43:ab:88:21:eb:01:34:8b:dc:b4:75: f4:64:5d:ba:6e:20:74:e7:96:e2:78:26:f4:27:9b: 34:2f:3e:4b:5b:46:83:1d:54:a8:21:f1:19:2a:5a: b0:2a:a5:87:8f:35:fd:c9:bf:bc:8a:12:2e:32:29: ed:1a:d2:7a:90:10:34:ce:0a:fc:07:e0:16:e8:22: e5:27:25:b3:7d:8a:c1:15:c8:a0:2b:41:88:b6:15: 43:aa:dc:de:b5:86:46:d9:ef:63:50:a5:c9:5d:e9: 10:07:9d:cd:2a:ae:68:69:01:dd:00:42:f0:b3:6c: a9:0b:1c:f1:66:3a:02:e7:71:74:37:92:5c:bf:45: e2:c2:4b:81:71:05:9b:80:99:57:f2:9b:df:38:f1: d2:2e:11:bd:88:e9:28:82:41:e0:e2:ea:e9:0b:08: a4:4b:3a:07:1c:a4:35:09:2e:ff:04:d5:c3:2e:1e: 2d:7a:25:0f:a2:36:ed:a8:bf:69:2a:fc:fb:40:86: 4c:4f:71:49:5d:6f:a7:bd:3b:8a:21:5f:b7:04:a1: b1:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:7F:3E:48:B7:25:82:16:88:4D:7E:62:F5:53:66:9E:5F:70:A8:8B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ab754b4b-74fd-42c1-8298-33b9dac12e67.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:c800::/40 Signature Algorithm: sha256WithRSAEncryption 60:b7:9e:dc:79:b5:df:4c:44:26:0f:9a:b3:63:76:f7:fa:9b: 94:87:7e:72:ee:da:43:1e:04:9f:4f:35:fb:31:5c:80:4f:9f: f6:c7:29:21:c1:07:ab:6c:aa:a7:02:13:1f:06:cc:bc:2f:d6: a0:8c:e2:38:77:91:a4:bf:1d:28:11:0b:5c:2f:73:63:e2:92: 6b:85:23:d4:15:62:1e:58:00:2c:2a:21:f3:c3:75:41:05:90: e2:f2:21:25:db:e0:ef:24:22:61:ae:46:0a:92:94:30:70:17: 24:9c:44:8f:85:32:77:8b:f7:66:fe:19:59:c5:56:81:53:58: 57:e1:19:67:4c:fa:76:e0:ef:bc:1e:b9:eb:09:3d:ef:b8:7b: 42:ce:a1:d4:8d:9d:06:92:0a:5b:17:94:5d:85:ec:f9:4b:93: d6:a0:32:8e:bc:1e:a0:dd:20:f2:66:91:3c:43:3b:4d:da:7f: 0f:65:b6:cb:d8:8c:68:76:e1:c1:85:fb:47:e7:47:5b:cb:e9: 35:ed:0d:68:0e:f7:ec:12:5b:4c:b4:4f:bb:3a:ba:d3:17:0d: 5b:9a:ab:ee:6c:2e:14:49:21:32:17:ec:60:10:f9:6f:52:00: 11:4b:4f:4f:cc:1c:9e:9e:74:2b:3e:44:d5:8b:de:3b:78:31: bd:07:6a:39 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDMWKO4Q4XvjKRN3TljUsEtlduEIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMzAwMDAzNloX DTI1MDgyNzIzNTk1OVowejFJMEcGA1UEBRNAOWNhZDBhM2FkMmQwZTk3NGU5Yjk0 ZjY4OWFlZjIyZWM4NGE3ZmNhMjI3NDdkMDNhYzgyMTlhODM3NzQ1MDFkMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8OpPKn+0HtO+sGfSNz9hgmnxD8bH YQENtvTfaVKRJSfksrlaqL0aFMPOXuPzVCvTQ6uIIesBNIvctHX0ZF26biB055bi eCb0J5s0Lz5LW0aDHVSoIfEZKlqwKqWHjzX9yb+8ihIuMintGtJ6kBA0zgr8B+AW 6CLlJyWzfYrBFcigK0GIthVDqtzetYZG2e9jUKXJXekQB53NKq5oaQHdAELws2yp CxzxZjoC53F0N5Jcv0XiwkuBcQWbgJlX8pvfOPHSLhG9iOkogkHg4urpCwikSzoH HKQ1CS7/BNXDLh4teiUPojbtqL9pKvz7QIZMT3FJXW+nvTuKIV+3BKGxvQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAx/Pki3JYIWiE1+YvVTZp5fcKiLMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FiNzU0YjRiLTc0ZmQtNDJjMS04Mjk4LTMzYjlkYWMxMmU2Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaucgwDQYJKoZIhvcNAQELBQADggEBAGC3ntx5td9MRCYPmrNj dvf6m5SHfnLu2kMeBJ9PNfsxXIBPn/bHKSHBB6tsqqcCEx8GzLwv1qCM4jh3kaS/ HSgRC1wvc2PikmuFI9QVYh5YACwqIfPDdUEFkOLyISXb4O8kImGuRgqSlDBwFySc RI+FMneL92b+GVnFVoFTWFfhGWdM+nbg77weuesJPe+4e0LOodSNnQaSClsXlF2F 7PlLk9agMo68HqDdIPJmkTxDO03afw9ltsvYjGh24cGF+0fnR1vL6TXtDWgO9+wS W0y0T7s6utMXDVuaq+5sLhRJITIX7GAQ+W9SABFLT0/MHJ6edCs+RNWL3jt4Mb0H ajk= -----END CERTIFICATE-----Generated at Mon Aug 4 15:41:53 2025 by rpki-client