$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7148a1a-4b2d-4045-ae74-1ae201ddcacc.roa File: b7148a1a-4b2d-4045-ae74-1ae201ddcacc.roa (raw, json) Hash identifier: 72G612BSdNWf3QY0h9NBwf49EB7QLz2yW7MnqwVf7UU= Subject key identifier: 6D:0E:5E:B4:F2:88:77:4D:51:22:B9:84:49:2D:C8:36:25:AD:17:86 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4F8B543CE661AC0E6064C4E4E2CBDD41CE61B982 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7148a1a-4b2d-4045-ae74-1ae201ddcacc.roa Signing time: Fri 01 Aug 2025 00:10:22 +0000 ROA not before: Fri 01 Aug 2025 00:10:22 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 00:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:8b:54:3c:e6:61:ac:0e:60:64:c4:e4:e2:cb:dd:41:ce:61:b9:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:10:22 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=4d33448862d7ce96433a1d34599fe826014a22a396c345df2f81b0f3462df655, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:96:5e:d0:23:fb:60:6b:ca:17:80:ef:66:b9: 4e:bc:1d:6c:c7:04:2a:17:db:ee:4f:6f:2c:01:9c: 1a:77:b8:1f:82:31:6d:2b:7d:86:5c:aa:64:b5:c7: 83:87:72:e4:c3:40:30:8c:9a:db:0b:1a:b9:02:14: 2b:92:49:75:0d:ea:76:b5:41:ae:2a:4b:f0:e8:07: 70:ba:6c:4e:f7:33:11:71:b1:79:69:e8:ec:50:3b: 81:4e:12:6f:19:81:3f:e4:86:2f:e2:74:91:30:eb: e2:60:31:92:66:cc:9d:4e:4e:52:8e:26:41:2a:61: d7:7b:b0:a9:49:2a:5e:0f:dd:35:17:7c:71:e0:1b: 81:01:97:f2:7e:a0:3d:66:81:00:4d:b6:e9:88:62: a3:bb:a6:59:20:f6:07:50:7d:03:ce:fe:ec:ce:45: 56:4b:40:2f:a8:c0:e1:4d:25:bc:b3:b2:31:8e:9e: bd:f4:a3:51:0e:5d:15:9c:36:e9:e1:8b:bb:56:c1: 51:14:bf:13:79:55:5d:bc:79:fa:9e:14:ec:7b:a9: 39:9e:f0:66:12:a7:f7:31:24:7f:0c:75:cd:2b:7f: 6e:6d:67:9d:a2:0c:67:d8:65:5e:16:48:dd:4e:d0: 0d:db:54:ee:70:e1:e6:d3:c4:de:9b:6d:da:63:c9: bd:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:0E:5E:B4:F2:88:77:4D:51:22:B9:84:49:2D:C8:36:25:AD:17:86 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7148a1a-4b2d-4045-ae74-1ae201ddcacc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:b000::/40 Signature Algorithm: sha256WithRSAEncryption aa:23:ce:07:80:0c:69:e1:65:0e:7f:de:ff:ba:9b:b3:46:47: c0:10:74:12:3c:f0:5d:8e:fd:e2:da:f4:bc:8e:1d:24:c9:a8: f7:9c:5d:29:e2:8e:fc:57:c6:28:36:67:75:26:ec:01:12:57: 8f:bc:01:fe:29:e5:49:fd:07:a1:4a:f2:00:6b:de:5b:8d:47: 23:11:d4:f1:62:b1:dc:26:8a:bb:3c:81:7b:f9:ac:95:32:3d: 3c:63:6f:d1:c2:1f:e9:d9:59:0f:a2:c9:ca:2b:e0:4c:ad:7e: df:aa:c6:ac:2d:38:b3:85:3b:6c:cd:aa:d4:0e:13:73:f5:1a: b6:4b:70:7d:8a:cb:be:c6:0d:ca:4c:70:fb:04:f2:3b:1c:c7: b8:55:3e:93:f8:98:9b:dd:98:a0:8b:41:5a:1b:5d:6e:97:69: 0d:12:8c:10:3d:93:2f:19:91:20:37:26:e1:c2:c2:24:6d:ad: 36:78:e2:c2:d4:8f:38:ef:74:96:0a:c1:14:18:14:19:41:0e: f2:4a:75:8b:a8:66:03:11:25:29:70:04:43:d8:b2:95:9c:0b: ad:c4:d9:ba:40:80:c0:b3:48:c7:9f:22:99:01:7d:50:ff:ff: d9:c1:9a:7a:bb:c1:e9:62:bc:48:fa:ff:08:6a:de:a3:c6:06: ed:d4:f1:db -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUT4tUPOZhrA5gZMTk4svdQc5huYIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwMTAyMloX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNANGQzMzQ0ODg2MmQ3Y2U5NjQzM2Ex ZDM0NTk5ZmU4MjYwMTRhMjJhMzk2YzM0NWRmMmY4MWIwZjM0NjJkZjY1NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZZe0CP7YGvKF4DvZrlOvB1sxwQq F9vuT28sAZwad7gfgjFtK32GXKpktceDh3Lkw0AwjJrbCxq5AhQrkkl1Dep2tUGu Kkvw6AdwumxO9zMRcbF5aejsUDuBThJvGYE/5IYv4nSRMOviYDGSZsydTk5SjiZB KmHXe7CpSSpeD901F3xx4BuBAZfyfqA9ZoEATbbpiGKju6ZZIPYHUH0Dzv7szkVW S0AvqMDhTSW8s7Ixjp699KNRDl0VnDbp4Yu7VsFRFL8TeVVdvHn6nhTse6k5nvBm Eqf3MSR/DHXNK39ubWedogxn2GVeFkjdTtAN21TucOHm08Tem23aY8m9cwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG0OXrTyiHdNUSK5hEktyDYlrReGMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I3MTQ4YTFhLTRiMmQtNDA0NS1hZTc0LTFhZTIwMWRkY2FjYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaLAwDQYJKoZIhvcNAQELBQADggEBAKojzgeADGnhZQ5/3v+6 m7NGR8AQdBI88F2O/eLa9LyOHSTJqPecXSnijvxXxig2Z3Um7AESV4+8Af4p5Un9 B6FK8gBr3luNRyMR1PFisdwmirs8gXv5rJUyPTxjb9HCH+nZWQ+iycor4Eytft+q xqwtOLOFO2zNqtQOE3P1GrZLcH2Ky77GDcpMcPsE8jscx7hVPpP4mJvdmKCLQVob XW6XaQ0SjBA9ky8ZkSA3JuHCwiRtrTZ44sLUjzjvdJYKwRQYFBlBDvJKdYuoZgMR JSlwBEPYspWcC63E2bpAgMCzSMefIpkBfVD//9nBmnq7welivEj6/whq3qPGBu3U 8ds= -----END CERTIFICATE-----Generated at Wed Aug 6 00:35:07 2025 by rpki-client