$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c5a1a1a0-4f4f-473d-bfac-fd46ff826004.roa File: c5a1a1a0-4f4f-473d-bfac-fd46ff826004.roa (raw, json) Hash identifier: aUe1hdjYlLpHJ1LPxcOr5FWdH7ZHyisdQblWiV9Qj8Q= Subject key identifier: 77:DC:B3:FF:5D:E1:1F:AE:D0:70:F9:76:E0:18:22:42:E2:74:9B:4A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5C6EFEBD4C6CDD36AEBA6C64182811125FEE535A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c5a1a1a0-4f4f-473d-bfac-fd46ff826004.roa Signing time: Fri 01 Aug 2025 00:41:23 +0000 ROA not before: Fri 01 Aug 2025 00:41:23 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da12:8400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:6e:fe:bd:4c:6c:dd:36:ae:ba:6c:64:18:28:11:12:5f:ee:53:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:41:23 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=088a47dc35a118cd494e6bce9f67dd06785b173fb0f75e5e77a765a4a89d01db, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:67:f5:e3:a7:33:db:88:aa:90:41:c6:30:5a: 54:2f:59:02:1d:45:a7:4b:f2:09:01:02:77:38:50: fc:ae:32:2e:94:59:c0:95:ff:ea:62:84:ea:f9:93: fa:91:16:59:87:df:cc:d1:41:9a:16:4d:23:9b:80: f4:8e:16:7e:65:db:87:9f:f6:36:a8:4f:d0:23:29: fc:82:c4:39:3d:ae:f2:30:3a:24:29:a8:b9:37:90: 8f:cc:11:3a:6c:85:ba:a2:d5:c8:93:ff:ff:26:08: b5:dd:c0:ea:c4:06:f6:d5:f5:bf:75:69:8f:18:15: 64:6b:c1:82:28:a8:74:6b:52:4d:87:b6:a4:a0:80: 59:f8:cc:7b:76:6e:db:fd:eb:c8:3f:af:9c:a0:2a: e0:e5:85:8b:65:20:1e:3a:b6:7a:3f:d7:ea:bb:ef: 4f:97:f7:cb:8a:2a:de:a0:1e:50:c3:c2:b8:b5:9b: 3b:c0:d8:18:38:29:3b:df:6e:26:0f:b2:7f:81:ae: 3a:89:32:92:ff:0d:f8:57:13:5f:42:14:a3:00:c0: ef:cf:5d:23:b1:e2:85:a0:d5:05:b1:ec:cd:d0:28: 36:3b:fc:0c:6b:2a:9c:b7:d0:5f:e4:f1:87:86:f3: 60:e6:74:e8:06:28:73:2f:b4:68:a0:a5:5f:c1:a1: 8a:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:DC:B3:FF:5D:E1:1F:AE:D0:70:F9:76:E0:18:22:42:E2:74:9B:4A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c5a1a1a0-4f4f-473d-bfac-fd46ff826004.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da12:8400::/38 Signature Algorithm: sha256WithRSAEncryption 38:25:f8:64:44:60:77:ad:6c:db:dd:00:82:75:a9:c6:8e:2d: 3d:a3:38:04:ee:6f:05:a2:d9:c2:0e:e5:35:0e:39:c9:fe:6b: 20:c3:99:96:03:ca:2b:5f:49:6a:90:18:22:2d:7a:64:af:4d: cc:32:2e:76:b4:49:84:09:f3:df:26:48:09:91:fb:d6:69:e3: e5:9d:e2:61:fd:df:d6:ac:44:d3:52:b3:49:98:39:4b:06:72: 76:8c:27:53:b5:04:2f:fa:c3:1b:91:7c:b7:80:ce:c7:ee:d3: b4:0d:9b:d7:df:f5:ab:69:3b:92:1e:aa:bc:ed:94:a6:22:7c: ac:a6:12:eb:1b:c7:a9:7e:cc:05:69:04:cd:f4:d7:a0:c9:ea: ab:c4:c2:d8:cb:70:b4:c2:65:8d:05:d5:5b:63:f4:cf:0b:0d: 28:b7:2a:39:b6:8f:0e:55:8a:0a:b7:8f:dd:4c:39:d1:5a:b9: 96:0b:34:7f:68:fe:16:79:e2:f5:9e:57:af:56:c9:d4:0c:46: 85:34:76:49:7f:bf:30:9a:05:1b:11:00:a7:f5:67:34:df:5d: f1:e1:f7:46:3b:63:93:db:78:91:d0:cf:68:0b:a5:0f:5f:cc: 89:51:1b:e6:25:84:77:3e:f2:ec:dc:3a:0f:b4:30:d9:09:86: 57:71:51:54 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXG7+vUxs3TauumxkGCgREl/uU1owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwNDEyM1oX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAMDg4YTQ3ZGMzNWExMThjZDQ5NGU2 YmNlOWY2N2RkMDY3ODViMTczZmIwZjc1ZTVlNzdhNzY1YTRhODlkMDFkYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWf146cz24iqkEHGMFpUL1kCHUWn S/IJAQJ3OFD8rjIulFnAlf/qYoTq+ZP6kRZZh9/M0UGaFk0jm4D0jhZ+ZduHn/Y2 qE/QIyn8gsQ5Pa7yMDokKai5N5CPzBE6bIW6otXIk///Jgi13cDqxAb21fW/dWmP GBVka8GCKKh0a1JNh7akoIBZ+Mx7dm7b/evIP6+coCrg5YWLZSAeOrZ6P9fqu+9P l/fLiireoB5Qw8K4tZs7wNgYOCk7324mD7J/ga46iTKS/w34VxNfQhSjAMDvz10j seKFoNUFsezN0Cg2O/wMayqct9Bf5PGHhvNg5nToBihzL7RooKVfwaGKEwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHfcs/9d4R+u0HD5duAYIkLidJtKMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M1YTFhMWEwLTRmNGYtNDczZC1iZmFjLWZkNDZmZjgyNjAwNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaEoQwDQYJKoZIhvcNAQELBQADggEBADgl+GREYHetbNvdAIJ1 qcaOLT2jOATubwWi2cIO5TUOOcn+ayDDmZYDyitfSWqQGCItemSvTcwyLna0SYQJ 898mSAmR+9Zp4+Wd4mH939asRNNSs0mYOUsGcnaMJ1O1BC/6wxuRfLeAzsfu07QN m9ff9atpO5IeqrztlKYifKymEusbx6l+zAVpBM3016DJ6qvEwtjLcLTCZY0F1Vtj 9M8LDSi3Kjm2jw5Vigq3j91MOdFauZYLNH9o/hZ54vWeV69WydQMRoU0dkl/vzCa BRsRAKf1ZzTfXfHh90Y7Y5PbeJHQz2gLpQ9fzIlRG+YlhHc+8uzcOg+0MNkJhldx UVQ= -----END CERTIFICATE-----Generated at Mon Aug 4 14:00:09 2025 by rpki-client