$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b0ca5e8d-a5db-413e-a44b-fb88d0d8f8ce.roa File: b0ca5e8d-a5db-413e-a44b-fb88d0d8f8ce.roa (raw, json) Hash identifier: zP+mS3gZsEGW0PELKsJ0eHRTKfYU2niA+YclLYFBhI0= Subject key identifier: 80:DB:B6:5D:3B:72:CD:FD:89:EB:E3:88:12:50:BB:77:D9:1A:4A:C0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 46734E7089D0C4CDD65A3510FD8A3FB325E012 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b0ca5e8d-a5db-413e-a44b-fb88d0d8f8ce.roa Signing time: Mon 21 Jul 2025 15:10:02 +0000 ROA not before: Mon 21 Jul 2025 15:10:02 +0000 ROA not after: Mon 25 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:9000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:73:4e:70:89:d0:c4:cd:d6:5a:35:10:fd:8a:3f:b3:25:e0:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 21 15:10:02 2025 GMT Not After : Aug 25 23:59:59 2025 GMT Subject: serialNumber=bb699ba6f01ed36297e3b553d1c35b6d3f676d44508e8989a8613d070f41f4d7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:2a:7e:f2:8d:ac:0c:08:fe:69:9e:67:6d:31: 55:66:01:39:1e:8e:f7:67:ad:34:c3:dd:71:fb:e1: 0a:5c:83:41:44:63:8c:96:eb:6f:54:8f:35:0d:37: 81:cb:9a:56:aa:65:ba:24:59:cb:61:a2:0f:86:93: a7:aa:46:73:a0:91:d0:ec:f5:cb:34:eb:85:ab:25: dd:31:05:01:6a:08:85:92:2c:d9:6a:bb:0d:ad:3a: 11:48:3f:cf:9b:a9:8d:f7:b0:28:3a:3e:5e:58:84: 2c:97:37:c7:0d:cc:95:4c:03:4f:75:3a:2a:a8:ec: d8:f0:d7:33:15:ec:08:6e:e1:d7:b8:84:09:b9:0b: a9:ee:25:81:8c:2d:66:ce:8b:9e:89:76:7e:9e:7a: 36:a7:4e:b9:c0:0b:3e:1e:5f:de:6d:b1:c2:ca:2c: b3:0e:b4:7a:7d:d9:bd:6b:7d:02:a4:a8:cc:b8:12: 5f:47:2e:8a:cf:a7:16:b1:52:44:b2:4d:13:6c:fa: 25:b9:e7:85:1c:e7:b7:27:ad:cb:e6:3e:fc:13:21: af:a9:1a:d5:96:b9:fd:12:44:73:49:1a:a4:97:83: b0:77:78:b5:7d:84:4e:21:f8:61:46:47:68:97:e6: e3:eb:30:97:88:ab:49:05:5d:f7:73:8c:bb:96:c8: 78:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:DB:B6:5D:3B:72:CD:FD:89:EB:E3:88:12:50:BB:77:D9:1A:4A:C0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b0ca5e8d-a5db-413e-a44b-fb88d0d8f8ce.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:9000::/40 Signature Algorithm: sha256WithRSAEncryption 60:f1:12:03:18:65:88:3a:a8:c7:c6:b9:5a:ea:83:ee:2c:d0: 83:3e:7d:1d:ee:94:69:da:e7:bb:82:f0:c2:65:05:fe:18:3e: 1f:9a:bf:f2:a7:91:03:f9:33:cf:7e:55:e5:5c:96:b0:ce:8f: a9:84:44:3e:c0:16:45:91:1c:04:eb:66:aa:bf:29:a3:43:c6: da:98:41:81:c2:01:62:c5:14:fc:b5:d3:7d:1d:fa:9a:c4:e0: b6:8f:10:32:ce:60:73:8a:21:92:e3:59:fc:2f:93:d9:be:65: fd:52:a6:5f:da:5d:a9:d6:d7:85:b8:fc:30:5d:56:be:43:73: e6:bf:ad:a9:53:df:5f:bf:3f:45:b1:c3:20:20:2b:2c:5c:d3: e2:0e:23:36:28:37:bc:f1:05:28:25:3a:d6:06:88:b0:e8:c4: 7c:40:0e:ac:c3:18:42:42:b6:2d:a7:7c:a6:0a:72:14:88:04: 0f:6b:cd:cd:69:09:80:42:44:d2:7c:9b:52:49:74:1b:d9:83: e8:34:f8:77:0d:a6:8f:b7:70:bd:fa:c5:5a:ca:51:d6:a9:da: 90:08:32:a7:99:78:98:1d:78:54:d9:da:9a:ab:25:51:8c:1e: 6c:61:48:25:63:f3:9a:60:d8:61:ef:9a:f1:40:55:d4:66:5c: ea:b0:41:6a -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgITRnNOcInQxM3WWjUQ/Yo/syXgEjANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjUwNzIxMTUxMDAyWhcN MjUwODI1MjM1OTU5WjB6MUkwRwYDVQQFE0BiYjY5OWJhNmYwMWVkMzYyOTdlM2I1 NTNkMWMzNWI2ZDNmNjc2ZDQ0NTA4ZTg5ODlhODYxM2QwNzBmNDFmNGQ3MS0wKwYD VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcKn7yjawMCP5pnmdtMVVmATkejvdn rTTD3XH74Qpcg0FEY4yW629UjzUNN4HLmlaqZbokWcthog+Gk6eqRnOgkdDs9cs0 64WrJd0xBQFqCIWSLNlquw2tOhFIP8+bqY33sCg6Pl5YhCyXN8cNzJVMA091Oiqo 7Njw1zMV7Ahu4de4hAm5C6nuJYGMLWbOi56Jdn6eejanTrnACz4eX95tscLKLLMO tHp92b1rfQKkqMy4El9HLorPpxaxUkSyTRNs+iW554Uc57cnrcvmPvwTIa+pGtWW uf0SRHNJGqSXg7B3eLV9hE4h+GFGR2iX5uPrMJeIq0kFXfdzjLuWyHiJAgMBAAGj ggJKMIICRjAdBgNVHQ4EFgQUgNu2XTtyzf2J6+OIElC7d9kaSsAwHwYDVR0jBBgw FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv YjBjYTVlOGQtYTVkYi00MTNlLWE0NGItZmI4OGQwZDhmOGNlLnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E AgACMAgDBgAkBtrzkDANBgkqhkiG9w0BAQsFAAOCAQEAYPESAxhliDqox8a5WuqD 7izQgz59He6Uadrnu4LwwmUF/hg+H5q/8qeRA/kzz35V5VyWsM6PqYREPsAWRZEc BOtmqr8po0PG2phBgcIBYsUU/LXTfR36msTgto8QMs5gc4ohkuNZ/C+T2b5l/VKm X9pdqdbXhbj8MF1WvkNz5r+tqVPfX78/RbHDICArLFzT4g4jNig3vPEFKCU61gaI sOjEfEAOrMMYQkK2Lad8pgpyFIgED2vNzWkJgEJE0nybUkl0G9mD6DT4dw2mj7dw vfrFWspR1qnakAgyp5l4mB14VNnamqslUYwebGFIJWPzmmDYYe+a8UBV1GZc6rBB ag== -----END CERTIFICATE-----Generated at Mon Aug 4 15:58:41 2025 by rpki-client