$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b834337f-a753-44b7-be9e-389ab2d2acad.roa File: b834337f-a753-44b7-be9e-389ab2d2acad.roa (raw, json) Hash identifier: tHp24ELqf+7zQudKOu8Y1WQFWUasLU5JVP6sYEu+pBs= Subject key identifier: 1F:48:EA:3E:11:0B:55:BD:FC:E9:FC:78:A4:8C:1E:6D:AD:3D:08:F4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 60C9DB67C7CAEA0308AAF9DA405F8EB414EBAC26 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b834337f-a753-44b7-be9e-389ab2d2acad.roa Signing time: Mon 21 Jul 2025 15:10:49 +0000 ROA not before: Mon 21 Jul 2025 15:10:49 +0000 ROA not after: Mon 25 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:c9:db:67:c7:ca:ea:03:08:aa:f9:da:40:5f:8e:b4:14:eb:ac:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 21 15:10:49 2025 GMT Not After : Aug 25 23:59:59 2025 GMT Subject: serialNumber=be5ba3c8b76b17908ffeec1d8712f866cc6f6125ae47e8d58c3be6c5f2361d8f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:d8:3d:b5:35:58:e9:38:9d:81:fd:9b:a4:66: 2f:e0:97:8d:d3:15:61:ab:29:74:bd:ec:a7:87:8d: ca:62:65:20:74:d4:e3:ba:4e:20:19:43:ca:2c:56: bc:96:3f:6a:04:0e:39:39:b4:df:0e:fc:9e:39:10: 47:03:59:3e:c6:3f:49:80:2b:92:d0:3b:d3:31:61: b8:48:aa:f3:57:45:cc:c3:e0:7b:ee:1f:ec:71:b8: 6c:5f:dd:8e:a8:f7:d8:f1:73:1d:a2:51:13:2e:39: 97:03:3d:55:99:55:f7:36:a7:c6:2a:c0:00:33:9d: cf:4f:9a:4f:2f:85:df:43:02:19:88:0c:76:81:4c: 63:e9:f4:18:1b:98:23:5d:43:29:78:14:21:d4:81: 18:a4:14:6c:d8:4e:fe:cc:7d:d1:cf:c7:1a:84:f6: 80:23:08:7c:49:46:37:5c:42:2a:a7:a2:2e:19:37: 2a:b8:92:6d:20:40:96:07:af:47:db:bd:07:0c:2f: 8f:09:f7:53:fa:38:64:10:b2:f3:41:e1:9e:bf:59: d4:ea:fc:33:c6:e2:99:1e:e7:8c:c2:b8:00:2e:e5: 15:f2:7f:7f:fe:d4:bf:d2:89:b2:05:8f:d7:48:ce: c2:70:8d:33:d9:67:9f:6a:49:e7:7e:f2:62:a8:cc: d6:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:48:EA:3E:11:0B:55:BD:FC:E9:FC:78:A4:8C:1E:6D:AD:3D:08:F4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b834337f-a753-44b7-be9e-389ab2d2acad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:a000::/40 Signature Algorithm: sha256WithRSAEncryption c8:5d:cf:ce:96:cf:e2:cd:a4:90:d2:c8:3a:f6:9b:3b:c8:7d: 89:61:84:21:5b:08:1c:96:0b:ee:f9:58:bd:16:cf:54:bb:7f: 20:97:f3:7e:5e:1a:3a:66:0a:ab:8c:f5:94:95:9a:4c:16:34: cb:04:67:a4:61:fd:53:23:4a:66:6c:c5:33:07:a8:67:0a:85: 89:91:bb:90:4e:96:44:83:81:4e:b9:96:0c:62:d1:be:d6:3b: 43:34:be:69:34:0e:eb:72:1c:d5:67:fc:06:0d:37:91:ec:ac: e4:ff:bf:d1:6b:24:07:77:9d:90:d0:44:3c:29:39:c6:2f:23: de:e0:d8:78:b6:eb:d3:e3:b6:c5:e7:dc:dc:e6:d5:31:a1:9e: d1:eb:02:39:9a:44:7e:ff:9f:71:6b:f8:ee:dc:fe:f6:62:23: c3:3a:f3:b0:2a:40:52:6a:8c:a5:fd:8e:02:cf:31:8f:83:6b: 95:78:9c:81:4c:fb:19:8f:fc:d7:d1:6a:f0:bd:a6:d5:42:4d: fd:6e:5a:b2:f4:aa:cb:87:9d:92:f0:28:7e:98:54:c0:e0:38: 51:b3:e9:f5:02:65:4f:35:50:5f:e2:3a:89:c6:55:ab:e5:5f: 95:dc:e0:61:3d:28:5b:97:ff:b3:3a:34:57:96:be:a6:22:0c: 80:11:a4:0a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUYMnbZ8fK6gMIqvnaQF+OtBTrrCYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMTE1MTA0OVoX DTI1MDgyNTIzNTk1OVowejFJMEcGA1UEBRNAYmU1YmEzYzhiNzZiMTc5MDhmZmVl YzFkODcxMmY4NjZjYzZmNjEyNWFlNDdlOGQ1OGMzYmU2YzVmMjM2MWQ4ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dg9tTVY6Tidgf2bpGYv4JeN0xVh qyl0veynh43KYmUgdNTjuk4gGUPKLFa8lj9qBA45ObTfDvyeORBHA1k+xj9JgCuS 0DvTMWG4SKrzV0XMw+B77h/scbhsX92OqPfY8XMdolETLjmXAz1VmVX3NqfGKsAA M53PT5pPL4XfQwIZiAx2gUxj6fQYG5gjXUMpeBQh1IEYpBRs2E7+zH3Rz8cahPaA Iwh8SUY3XEIqp6IuGTcquJJtIECWB69H270HDC+PCfdT+jhkELLzQeGev1nU6vwz xuKZHueMwrgALuUV8n9//tS/0omyBY/XSM7CcI0z2WefaknnfvJiqMzWGwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFB9I6j4RC1W9/On8eKSMHm2tPQj0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I4MzQzMzdmLWE3NTMtNDRiNy1iZTllLTM4OWFiMmQyYWNhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba86AwDQYJKoZIhvcNAQELBQADggEBAMhdz86Wz+LNpJDSyDr2 mzvIfYlhhCFbCByWC+75WL0Wz1S7fyCX835eGjpmCquM9ZSVmkwWNMsEZ6Rh/VMj SmZsxTMHqGcKhYmRu5BOlkSDgU65lgxi0b7WO0M0vmk0DutyHNVn/AYNN5HsrOT/ v9FrJAd3nZDQRDwpOcYvI97g2Hi269PjtsXn3Nzm1TGhntHrAjmaRH7/n3Fr+O7c /vZiI8M687AqQFJqjKX9jgLPMY+Da5V4nIFM+xmP/NfRavC9ptVCTf1uWrL0qsuH nZLwKH6YVMDgOFGz6fUCZU81UF/iOonGVavlX5Xc4GE9KFuX/7M6NFeWvqYiDIAR pAo= -----END CERTIFICATE-----Generated at Mon Aug 4 14:22:02 2025 by rpki-client