$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e70dad39-c92d-44cb-9d80-658d97292bec.roa File: e70dad39-c92d-44cb-9d80-658d97292bec.roa (raw, json) Hash identifier: j3bQnQ2nM+4zbuihBDMMjn0bJ894eTyo3VUoXwQgjdo= Subject key identifier: 9B:7D:0E:12:7F:12:25:27:84:A5:EB:8F:A6:E7:C6:5E:72:12:C6:23 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1EE3DDB8B6799DCA5BD9FA909D588B03DBD2A7D4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e70dad39-c92d-44cb-9d80-658d97292bec.roa Signing time: Mon 21 Jul 2025 15:01:11 +0000 ROA not before: Mon 21 Jul 2025 15:01:11 +0000 ROA not after: Mon 25 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:e040::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:e3:dd:b8:b6:79:9d:ca:5b:d9:fa:90:9d:58:8b:03:db:d2:a7:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 21 15:01:11 2025 GMT Not After : Aug 25 23:59:59 2025 GMT Subject: serialNumber=e235b77910ea3542cd1f236cf363c14c907500ddd87af80164fbc7aa535c8b6f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:83:d8:f7:e9:43:ca:15:ef:df:09:14:f3:72:e6: 17:51:44:44:a5:24:41:83:20:ba:8b:cd:93:f2:3b: 6b:e1:41:75:bd:d4:33:7e:22:79:b5:df:8c:3a:f4: 6c:a3:76:18:72:e4:26:b7:b3:14:92:d5:2a:7a:30: bf:ae:d1:79:ec:d6:92:07:ea:99:35:43:8a:68:1e: d9:0e:11:b9:1e:0d:80:37:ea:8a:c3:45:1d:b8:41: 07:5a:aa:d7:36:81:ea:18:d3:cc:4b:22:56:a4:5e: 92:7c:1d:32:23:e8:8d:c1:a8:3e:e1:73:05:75:0b: 07:af:46:ac:f5:78:a2:af:0c:75:5d:8d:a0:ae:fa: e1:75:e4:f0:3b:91:0f:99:9c:94:4f:6f:e8:39:b9: fa:56:b7:bf:25:32:ab:de:0b:92:98:45:fe:13:0b: 06:93:e0:e3:55:11:51:61:6e:32:27:4c:87:8e:8f: 68:5e:a1:28:d0:76:5c:e9:58:77:70:0b:58:8f:8f: 6b:96:a8:82:50:93:cd:76:70:30:44:a6:f8:99:85: d0:6d:29:bb:f9:25:7d:aa:b8:fe:92:de:0f:b0:e8: 09:dc:84:43:56:17:d7:dc:24:15:62:b7:8e:9c:44: 5d:e6:0a:d6:e9:ea:1b:4f:5a:0c:df:9a:7d:c9:b9: c9:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:7D:0E:12:7F:12:25:27:84:A5:EB:8F:A6:E7:C6:5E:72:12:C6:23 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e70dad39-c92d-44cb-9d80-658d97292bec.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:e040::/46 Signature Algorithm: sha256WithRSAEncryption 76:f1:96:0e:5d:44:f6:27:de:ec:b6:b9:15:97:22:b8:53:db: 66:3a:0e:6c:e2:93:b7:48:2d:64:dd:14:ad:4c:dc:fc:d7:cc: 9b:b6:7a:ca:a8:be:c7:2c:4c:9d:23:3e:c8:72:cf:d9:f4:6c: 3e:a4:09:8e:21:e3:07:4b:65:54:b5:9d:73:e6:d9:31:1c:37: d6:ac:9f:0e:ea:57:be:08:ab:47:a4:94:14:6c:85:f1:2c:05: 1b:1a:1b:b0:d1:3f:1c:b0:c4:20:f2:16:cf:d6:61:c5:af:b1: e5:19:b5:53:f8:c0:3e:d6:52:de:79:50:a5:39:6a:06:5d:91: ce:ae:74:8a:e1:8f:e3:d4:e4:8a:33:4e:c6:a2:de:c3:6b:db: 47:a2:45:d3:e0:d9:85:55:56:8d:1a:4e:c2:ab:fb:72:7d:2f: b6:1c:e0:f7:23:26:75:69:e0:7d:5e:97:bf:92:57:13:bc:e8: d8:33:6b:e3:e6:b3:1c:dc:2d:3f:48:c6:ec:d3:57:54:dc:71: 0a:ec:0a:85:8f:6f:04:3e:14:2c:eb:87:7d:ca:b9:41:c4:71: 6f:c1:07:9e:57:c6:94:1e:24:7d:b3:a7:5a:3d:08:a6:9e:e6: 7d:36:69:a4:a7:51:75:dc:3c:53:10:a9:55:38:8a:d0:a7:ba: 49:31:0b:3c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUHuPduLZ5ncpb2fqQnViLA9vSp9QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMTE1MDExMVoX DTI1MDgyNTIzNTk1OVowejFJMEcGA1UEBRNAZTIzNWI3NzkxMGVhMzU0MmNkMWYy MzZjZjM2M2MxNGM5MDc1MDBkZGQ4N2FmODAxNjRmYmM3YWE1MzVjOGI2ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9j36UPKFe/fCRTzcuYXUUREpSRB gyC6i82T8jtr4UF1vdQzfiJ5td+MOvRso3YYcuQmt7MUktUqejC/rtF57NaSB+qZ NUOKaB7ZDhG5Hg2AN+qKw0UduEEHWqrXNoHqGNPMSyJWpF6SfB0yI+iNwag+4XMF dQsHr0as9Xiirwx1XY2grvrhdeTwO5EPmZyUT2/oObn6Vre/JTKr3guSmEX+EwsG k+DjVRFRYW4yJ0yHjo9oXqEo0HZc6Vh3cAtYj49rlqiCUJPNdnAwRKb4mYXQbSm7 +SV9qrj+kt4PsOgJ3IRDVhfX3CQVYreOnERd5grW6eobT1oM35p9ybnJIwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJt9DhJ/EiUnhKXrj6bnxl5yEsYjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2U3MGRhZDM5LWM5MmQtNDRjYi05ZDgwLTY1OGQ5NzI5MmJlYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba8+BAMA0GCSqGSIb3DQEBCwUAA4IBAQB28ZYOXUT2J97strkV lyK4U9tmOg5s4pO3SC1k3RStTNz818ybtnrKqL7HLEydIz7Ics/Z9Gw+pAmOIeMH S2VUtZ1z5tkxHDfWrJ8O6le+CKtHpJQUbIXxLAUbGhuw0T8csMQg8hbP1mHFr7Hl GbVT+MA+1lLeeVClOWoGXZHOrnSK4Y/j1OSKM07Got7Da9tHokXT4NmFVVaNGk7C q/tyfS+2HOD3IyZ1aeB9Xpe/klcTvOjYM2vj5rMc3C0/SMbs01dU3HEK7AqFj28E PhQs64d9yrlBxHFvwQeeV8aUHiR9s6daPQimnuZ9Nmmkp1F13DxTEKlVOIrQp7pJ MQs8 -----END CERTIFICATE-----Generated at Mon Aug 4 14:44:25 2025 by rpki-client