$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc74e646-f238-4ce9-a399-9ad2f67be94f.roa File: dc74e646-f238-4ce9-a399-9ad2f67be94f.roa (raw, json) Hash identifier: QM/dCiwzsoNfswOtY9UuhV+1Pi5GdoJZmL3wpPaYMWo= Subject key identifier: C1:81:6F:CA:31:50:AD:20:CD:5D:30:9D:B8:36:0A:68:6B:AB:9C:D9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 251642B93833177743B2424CAF7E2C5CFFA599E3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc74e646-f238-4ce9-a399-9ad2f67be94f.roa Signing time: Fri 01 Aug 2025 00:10:04 +0000 ROA not before: Fri 01 Aug 2025 00:10:04 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:16:42:b9:38:33:17:77:43:b2:42:4c:af:7e:2c:5c:ff:a5:99:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:10:04 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=c75ca23f150acc8c74dc1b2363fd28c9350d2d25328dc53d4b299fcaf6a44ace, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:2d:ea:5c:23:dd:ca:89:da:eb:86:bd:8f:6d: d7:b2:e1:20:f6:7f:36:dc:99:f5:34:a6:81:10:cf: 61:86:25:f5:5b:ad:80:71:27:fa:15:a3:3b:61:7f: b6:34:e3:70:dd:73:6f:03:89:81:9f:b6:63:f6:35: 1c:8d:07:51:85:ba:16:0e:b8:89:04:76:a7:db:6c: a1:40:1e:e6:59:2e:d7:2b:75:db:ce:09:19:e7:24: cf:ee:73:e2:99:63:c6:44:3d:1f:a3:03:47:a1:05: 6b:4d:4f:85:3b:0f:8a:4e:4f:71:c0:7e:4e:c1:53: 1c:49:73:fc:68:03:4d:74:b4:7a:12:d8:11:13:13: 50:79:9c:46:30:a0:d8:80:5c:d2:dc:11:94:96:e5: d8:70:2b:6f:d2:34:8d:c8:bb:ad:09:1b:21:0c:b7: 76:31:93:37:11:0e:0e:31:4c:7b:51:c6:4c:dc:b3: 44:30:aa:fa:1a:53:42:77:11:71:23:9d:b0:0a:33: 1d:ce:97:55:1d:d2:e3:ec:d5:19:14:09:35:ac:58: 55:e6:7b:34:43:d7:4c:a9:d6:40:fe:b9:13:b0:81: 75:4f:49:21:ce:ad:b6:9b:8c:ce:bf:ee:2f:70:4e: da:99:ca:ea:94:41:88:67:be:32:52:71:d9:62:9d: ae:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:81:6F:CA:31:50:AD:20:CD:5D:30:9D:B8:36:0A:68:6B:AB:9C:D9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc74e646-f238-4ce9-a399-9ad2f67be94f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:1000::/40 Signature Algorithm: sha256WithRSAEncryption 4d:e0:4e:3b:c0:48:3c:c3:e2:28:58:5a:31:61:d2:61:66:6d: fe:69:a9:78:f1:f9:e7:76:59:1b:51:a9:1d:51:99:4a:26:e6: d8:01:29:f7:31:53:4d:c4:4b:c4:09:85:7e:c1:6c:33:c2:2f: 82:9b:40:c6:af:a0:0f:cd:24:5d:c1:84:8c:d0:9d:8c:84:3c: 51:ab:d9:d8:34:ce:5e:4b:d3:7d:7a:af:17:a3:88:92:3c:33: ac:a8:c3:57:32:d7:f8:5a:55:13:d1:60:06:19:26:63:cb:ff: 3f:b2:47:4e:01:a9:6e:d4:ec:33:cc:e3:3c:1f:b3:5e:2c:da: fd:83:20:e0:88:d7:59:45:85:55:b8:64:b1:10:f8:cc:aa:f5: d3:a8:99:26:d2:10:e4:73:c2:97:23:08:b2:61:d4:5a:17:8a: 94:f2:52:80:af:2b:f6:33:36:cb:7f:1b:08:8b:85:72:0e:a9: 8b:c1:3b:4c:52:5d:33:84:59:dc:01:f6:d0:4a:60:f9:d6:91: 89:3b:fb:ed:69:59:ac:ad:e9:aa:88:4d:1c:89:69:6f:f5:8b: df:58:df:9d:b8:d0:be:46:d7:3a:41:9e:ac:1e:aa:8e:78:63: c2:c2:4a:98:13:d2:77:36:a6:00:fd:52:05:f2:d0:42:90:c2: 85:c1:be:65 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJRZCuTgzF3dDskJMr34sXP+lmeMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwMTAwNFoX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAYzc1Y2EyM2YxNTBhY2M4Yzc0ZGMx YjIzNjNmZDI4YzkzNTBkMmQyNTMyOGRjNTNkNGIyOTlmY2FmNmE0NGFjZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvy3qXCPdyona64a9j23XsuEg9n82 3Jn1NKaBEM9hhiX1W62AcSf6FaM7YX+2NONw3XNvA4mBn7Zj9jUcjQdRhboWDriJ BHan22yhQB7mWS7XK3XbzgkZ5yTP7nPimWPGRD0fowNHoQVrTU+FOw+KTk9xwH5O wVMcSXP8aANNdLR6EtgRExNQeZxGMKDYgFzS3BGUluXYcCtv0jSNyLutCRshDLd2 MZM3EQ4OMUx7UcZM3LNEMKr6GlNCdxFxI52wCjMdzpdVHdLj7NUZFAk1rFhV5ns0 Q9dMqdZA/rkTsIF1T0khzq22m4zOv+4vcE7amcrqlEGIZ74yUnHZYp2uDQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMGBb8oxUK0gzV0wnbg2Cmhrq5zZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RjNzRlNjQ2LWYyMzgtNGNlOS1hMzk5LTlhZDJmNjdiZTk0Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/hAwDQYJKoZIhvcNAQELBQADggEBAE3gTjvASDzD4ihYWjFh 0mFmbf5pqXjx+ed2WRtRqR1RmUom5tgBKfcxU03ES8QJhX7BbDPCL4KbQMavoA/N JF3BhIzQnYyEPFGr2dg0zl5L0316rxejiJI8M6yow1cy1/haVRPRYAYZJmPL/z+y R04BqW7U7DPM4zwfs14s2v2DIOCI11lFhVW4ZLEQ+Myq9dOomSbSEORzwpcjCLJh 1FoXipTyUoCvK/YzNst/GwiLhXIOqYvBO0xSXTOEWdwB9tBKYPnWkYk7++1pWayt 6aqITRyJaW/1i99Y35240L5G1zpBnqweqo54Y8LCSpgT0nc2pgD9UgXy0EKQwoXB vmU= -----END CERTIFICATE-----Generated at Mon Aug 4 15:06:40 2025 by rpki-client