$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dcb796cd-0001-4f06-a9c5-198757a8dde6.roa File: dcb796cd-0001-4f06-a9c5-198757a8dde6.roa (raw, json) Hash identifier: J3Qd7Wcpd6o8LGnogrjmOODKptjBF5LWOyFF4n5w4pc= Subject key identifier: BA:A0:46:CE:45:4B:05:D8:84:43:3F:05:BE:3C:00:54:16:96:5F:C3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1705287C146EB7859ADF1E697DDBED08CF5BD7D0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dcb796cd-0001-4f06-a9c5-198757a8dde6.roa Signing time: Fri 01 Aug 2025 00:31:07 +0000 ROA not before: Fri 01 Aug 2025 00:31:07 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da14::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:05:28:7c:14:6e:b7:85:9a:df:1e:69:7d:db:ed:08:cf:5b:d7:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:31:07 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=346f7bde128c4a724300bc462dd3938921f17d4e00408104ca67bf5e68f64b1e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:76:81:50:0e:8e:4b:81:32:63:7c:d8:b0:3c: 05:4d:72:cf:92:8e:b7:90:41:bc:eb:1e:23:bd:d6: db:3e:aa:76:26:23:6d:d8:2a:b7:ec:3f:b3:39:cb: 1d:d7:e9:2b:50:be:78:37:9b:6e:e4:88:81:3d:77: 02:62:24:44:96:90:64:40:f7:64:c1:ca:af:fa:86: fc:b0:24:7d:d9:24:a3:cd:f5:a9:ab:1c:72:a1:88: 0e:60:45:b5:e5:b9:11:3e:92:d1:3c:a7:15:a5:40: 6f:87:d7:3c:72:78:bc:99:0f:b1:6c:ce:83:54:83: 4f:a7:f7:79:0d:7c:8e:4b:8c:64:c6:b3:5e:ff:8d: da:d9:23:f4:dc:87:73:95:35:20:a8:8e:99:01:44: c9:2a:41:a6:a8:ac:93:f2:a7:bb:1d:0d:ed:98:50: 8e:e4:f5:15:2a:3c:d0:81:95:0a:8e:f7:28:43:3f: ed:ac:c3:e4:ad:7c:1e:9e:25:3f:83:d9:ae:34:a5: 41:4a:59:01:bc:f2:b4:0e:b0:27:17:65:f3:04:42: 86:1b:75:94:15:be:15:83:bd:51:6a:40:ab:af:a5: ee:8f:13:a7:1f:c9:1c:81:8b:09:d8:92:58:7c:54: 10:27:31:d3:3e:cb:9f:17:88:4e:c9:f8:c2:83:ef: 27:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:A0:46:CE:45:4B:05:D8:84:43:3F:05:BE:3C:00:54:16:96:5F:C3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dcb796cd-0001-4f06-a9c5-198757a8dde6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da14::/38 Signature Algorithm: sha256WithRSAEncryption a0:31:1b:8b:17:87:30:bd:5b:d8:c8:e1:5e:a2:94:a0:fb:45: f1:d2:27:61:af:41:6e:66:1c:14:dc:66:3d:d9:a1:3f:43:69: 6d:df:00:96:69:92:51:de:0e:de:bf:c5:3f:bf:bf:88:54:fd: b9:b6:81:32:e9:ad:5b:a3:aa:4b:68:97:5f:e9:fd:77:05:5a: d0:65:9c:03:89:ad:66:60:64:11:4e:e3:fb:ff:6b:80:dc:7b: 8b:e2:2e:e7:a2:52:20:7a:df:47:8e:6c:e7:ef:95:14:f9:50: 4e:e1:b8:51:17:52:37:79:8d:71:5e:5c:0a:d8:86:68:65:10: 02:8e:8f:91:03:c4:7c:77:d1:78:3c:4d:a1:e3:0d:ea:b3:18: 10:6b:9d:ee:d2:73:67:0a:65:54:e4:fe:86:7e:c4:6b:5b:e5: 08:64:ed:1f:ca:a5:34:5a:cb:22:b5:8c:61:17:2a:dd:06:1c: d5:49:ac:f6:b4:b1:c8:b0:8f:45:55:0d:fc:e6:81:b1:fb:f1: 4e:5d:08:df:11:c1:86:c4:87:77:aa:4d:c1:12:25:01:37:2a: dd:3e:8f:3c:bb:36:25:ab:64:54:44:39:be:9c:53:bd:78:33: c9:a1:4f:37:09:ba:9a:ca:c1:0a:9c:3a:81:65:5d:36:9e:97: 08:b1:25:4f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFwUofBRut4Wa3x5pfdvtCM9b19AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwMzEwN1oX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAMzQ2ZjdiZGUxMjhjNGE3MjQzMDBi YzQ2MmRkMzkzODkyMWYxN2Q0ZTAwNDA4MTA0Y2E2N2JmNWU2OGY2NGIxZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3aBUA6OS4EyY3zYsDwFTXLPko63 kEG86x4jvdbbPqp2JiNt2Cq37D+zOcsd1+krUL54N5tu5IiBPXcCYiRElpBkQPdk wcqv+ob8sCR92SSjzfWpqxxyoYgOYEW15bkRPpLRPKcVpUBvh9c8cni8mQ+xbM6D VINPp/d5DXyOS4xkxrNe/43a2SP03IdzlTUgqI6ZAUTJKkGmqKyT8qe7HQ3tmFCO 5PUVKjzQgZUKjvcoQz/trMPkrXweniU/g9muNKVBSlkBvPK0DrAnF2XzBEKGG3WU Fb4Vg71RakCrr6XujxOnH8kcgYsJ2JJYfFQQJzHTPsufF4hOyfjCg+8nMwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLqgRs5FSwXYhEM/Bb48AFQWll/DMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RjYjc5NmNkLTAwMDEtNGYwNi1hOWM1LTE5ODc1N2E4ZGRlNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaFAAwDQYJKoZIhvcNAQELBQADggEBAKAxG4sXhzC9W9jI4V6i lKD7RfHSJ2GvQW5mHBTcZj3ZoT9DaW3fAJZpklHeDt6/xT+/v4hU/bm2gTLprVuj qktol1/p/XcFWtBlnAOJrWZgZBFO4/v/a4Dce4viLueiUiB630eObOfvlRT5UE7h uFEXUjd5jXFeXArYhmhlEAKOj5EDxHx30Xg8TaHjDeqzGBBrne7Sc2cKZVTk/oZ+ xGtb5Qhk7R/KpTRayyK1jGEXKt0GHNVJrPa0sciwj0VVDfzmgbH78U5dCN8RwYbE h3eqTcESJQE3Kt0+jzy7NiWrZFREOb6cU714M8mhTzcJuprKwQqcOoFlXTaelwix JU8= -----END CERTIFICATE-----Generated at Mon Aug 4 19:11:18 2025 by rpki-client