$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/edb40068-fd10-40a0-8d8f-84f481389d4b.roa File: edb40068-fd10-40a0-8d8f-84f481389d4b.roa (raw, json) Hash identifier: Bonm7i8KnuUUTUoVm9MVigt8rwJpSI+ceFfxC5tOf4I= Subject key identifier: 05:52:21:EE:94:63:D9:84:2A:99:52:97:7A:26:37:B7:61:3B:FF:96 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5B2E80719D25D07361A19E95592B95EC3E4B0FA4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/edb40068-fd10-40a0-8d8f-84f481389d4b.roa Signing time: Fri 01 Aug 2025 00:00:18 +0000 ROA not before: Fri 01 Aug 2025 00:00:18 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:2e:80:71:9d:25:d0:73:61:a1:9e:95:59:2b:95:ec:3e:4b:0f:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:00:18 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=4925ea981d524bad4dbbcc89ad15d11df1e5eb44473cb052704d297d4a20667e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:5d:f4:84:c2:58:72:f4:b7:8b:a6:2f:e8:c7: 46:66:fe:c8:08:db:22:9a:3d:f7:7b:d5:e3:4c:f6: d9:c6:08:26:67:e5:36:51:5e:af:5d:f2:ea:8d:62: ad:67:8a:ca:b6:58:56:25:c5:05:43:1c:d6:59:33: 20:5f:7e:fd:0c:f6:34:e3:51:f3:2e:55:38:21:83: 25:b7:19:3a:4c:75:27:68:b3:ab:d0:21:7d:35:00: 84:fb:46:fe:03:54:0d:c9:07:9a:e3:60:de:ac:a9: f7:f2:9b:76:7d:9a:f8:d9:69:63:23:b0:0d:dc:9b: 4e:f9:28:1b:0d:3c:d8:74:e0:90:5c:ac:37:0c:d9: ed:b0:53:07:48:31:a8:d0:92:12:f1:36:9d:34:4a: 55:d5:5f:14:34:6b:d6:5b:d3:48:90:7f:26:1e:59: 8e:8b:f6:96:d6:22:02:e5:3b:1c:c5:9b:71:47:3e: 68:e1:cc:ed:0d:54:45:dd:22:7c:50:92:3a:53:f1: 8a:e3:5d:79:ae:72:fa:78:cd:e2:f1:2e:da:0e:2d: 7f:7f:ba:3a:7e:06:bc:5c:27:1a:1e:67:03:99:00: 78:c6:6c:8a:ac:a6:19:3d:62:21:50:e6:79:0d:1d: d6:44:d0:cf:09:97:e2:66:f2:38:5e:00:3a:78:2a: 42:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:52:21:EE:94:63:D9:84:2A:99:52:97:7A:26:37:B7:61:3B:FF:96 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/edb40068-fd10-40a0-8d8f-84f481389d4b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:8000::/40 Signature Algorithm: sha256WithRSAEncryption c6:05:8c:05:3e:bf:23:7c:ce:4d:a4:5a:bb:7f:de:a8:eb:f3: 2e:dd:9a:03:ca:99:dc:6a:46:1c:96:cc:31:ed:65:14:08:52: 7d:34:79:c4:bc:1b:4c:b2:a3:f9:0c:72:a7:1d:f0:02:73:35: 62:f3:bb:55:60:97:f9:0c:5a:1f:61:b3:26:c1:1c:67:73:96: ba:6f:30:ee:d3:e5:0d:e3:2a:ef:54:f0:e0:ce:44:a9:f9:54: 17:e0:8d:51:2c:a2:6c:90:0b:3d:1e:e3:9b:17:4e:bf:46:14: 29:55:90:05:bd:c5:eb:9a:d3:14:c6:48:4f:5a:c8:71:4c:f6: ed:76:62:85:cb:10:2b:17:9a:0b:0f:2a:c0:d1:cc:b1:06:d0: 1d:3a:37:71:28:6b:bf:72:b8:23:af:90:be:c0:d2:fa:21:a7: cb:55:61:c4:86:e0:6c:75:1a:0c:25:cb:62:1f:27:70:ea:df: d5:00:81:d1:8f:ed:92:18:68:b9:8d:b2:bc:cb:e8:0b:13:1f: 2c:4e:83:7d:b5:11:a5:b0:96:96:38:8a:63:04:15:08:c9:88: 05:0a:f5:fb:17:d8:6f:b0:b8:8f:5e:63:08:37:d3:39:db:a5: 5e:c6:53:41:8a:c3:70:e9:70:a3:ad:9e:15:0f:50:74:11:37: f2:87:9f:34 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWy6AcZ0l0HNhoZ6VWSuV7D5LD6QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwMDAxOFoX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNANDkyNWVhOTgxZDUyNGJhZDRkYmJj Yzg5YWQxNWQxMWRmMWU1ZWI0NDQ3M2NiMDUyNzA0ZDI5N2Q0YTIwNjY3ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAll30hMJYcvS3i6Yv6MdGZv7ICNsi mj33e9XjTPbZxggmZ+U2UV6vXfLqjWKtZ4rKtlhWJcUFQxzWWTMgX379DPY041Hz LlU4IYMltxk6THUnaLOr0CF9NQCE+0b+A1QNyQea42DerKn38pt2fZr42WljI7AN 3JtO+SgbDTzYdOCQXKw3DNntsFMHSDGo0JIS8TadNEpV1V8UNGvWW9NIkH8mHlmO i/aW1iIC5TscxZtxRz5o4cztDVRF3SJ8UJI6U/GK4115rnL6eM3i8S7aDi1/f7o6 fga8XCcaHmcDmQB4xmyKrKYZPWIhUOZ5DR3WRNDPCZfiZvI4XgA6eCpCXwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAVSIe6UY9mEKplSl3omN7dhO/+WMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VkYjQwMDY4LWZkMTAtNDBhMC04ZDhmLTg0ZjQ4MTM4OWQ0Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauYAwDQYJKoZIhvcNAQELBQADggEBAMYFjAU+vyN8zk2kWrt/ 3qjr8y7dmgPKmdxqRhyWzDHtZRQIUn00ecS8G0yyo/kMcqcd8AJzNWLzu1Vgl/kM Wh9hsybBHGdzlrpvMO7T5Q3jKu9U8ODORKn5VBfgjVEsomyQCz0e45sXTr9GFClV kAW9xeua0xTGSE9ayHFM9u12YoXLECsXmgsPKsDRzLEG0B06N3Eoa79yuCOvkL7A 0vohp8tVYcSG4Gx1Ggwly2IfJ3Dq39UAgdGP7ZIYaLmNsrzL6AsTHyxOg321EaWw lpY4imMEFQjJiAUK9fsX2G+wuI9eYwg30znbpV7GU0GKw3DpcKOtnhUPUHQRN/KH nzQ= -----END CERTIFICATE-----Generated at Mon Aug 4 15:26:22 2025 by rpki-client