$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f68129ac-b29d-42ca-8a07-31e4f470e1e4.roa File: f68129ac-b29d-42ca-8a07-31e4f470e1e4.roa (raw, json) Hash identifier: l5NvjCRMLyhTdA7X6SR087LtrNyG7FwxGoMPtXRM8YQ= Subject key identifier: 95:16:24:04:84:02:13:1F:D4:1A:7A:D2:0F:44:58:C4:6A:A4:EA:9D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 30F6B206643C18D88EC96EEC5D983324D2968805 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f68129ac-b29d-42ca-8a07-31e4f470e1e4.roa Signing time: Fri 01 Aug 2025 00:50:39 +0000 ROA not before: Fri 01 Aug 2025 00:50:39 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:f6:b2:06:64:3c:18:d8:8e:c9:6e:ec:5d:98:33:24:d2:96:88:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:50:39 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=e431648949dd7ea44c7f6799af6cbd161c8030c34d8be4095dd9963a8b3a172d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ef:79:5e:48:83:19:37:cb:5a:70:99:9b:4e: 55:38:79:7d:e7:61:11:b0:15:6f:15:c4:1c:68:f5: c1:1c:f0:da:f4:da:36:d8:92:fd:07:2a:e6:ff:86: 22:ce:67:f2:4d:00:ba:82:9e:0e:35:ce:74:a8:ed: 6d:6b:6b:d1:56:90:41:f1:e0:83:ba:63:53:24:a7: 77:3c:f2:23:83:88:f1:b3:58:54:ee:2d:6c:b0:b1: cf:54:63:43:d8:8e:b1:9c:d1:3a:77:80:3b:6c:ec: fd:4d:e9:02:58:74:61:ea:28:26:7a:8e:8d:42:df: c5:a8:8e:50:09:28:1e:bf:0e:7e:08:12:a1:a7:3f: 3b:26:c2:0e:62:46:4c:5b:80:83:dc:e2:62:cf:67: 80:f4:74:70:94:08:9f:0c:79:0c:5d:21:32:bf:77: a5:93:f0:d0:9e:99:8c:cc:04:3b:50:82:17:49:5d: 12:e6:38:9f:30:d1:b1:e4:3a:87:06:02:93:d4:db: 53:0e:61:b7:58:84:2b:61:22:21:df:f1:ac:c6:ee: 8e:79:cd:41:68:02:ab:4b:b2:9c:3f:3b:f0:25:85: 24:20:fb:5c:85:28:1c:e6:b7:be:06:fb:12:51:d3: b3:ea:b3:c5:fb:5d:47:10:0b:4d:71:26:90:53:63: b5:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:16:24:04:84:02:13:1F:D4:1A:7A:D2:0F:44:58:C4:6A:A4:EA:9D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f68129ac-b29d-42ca-8a07-31e4f470e1e4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc::/32 Signature Algorithm: sha256WithRSAEncryption 41:51:5c:4d:9e:ec:a7:d7:f1:63:7f:3c:0e:05:aa:20:36:04: 73:95:32:90:b5:68:93:bb:2b:09:7e:60:84:b3:55:ce:3a:a8: 38:00:45:e5:cd:d8:7f:5e:06:26:83:57:1b:0b:2d:b8:60:88: 15:95:6d:42:d3:27:4d:71:cd:5e:91:42:80:d0:64:51:f9:bb: da:46:d3:a7:f4:a9:cf:fa:7f:07:c9:4a:e7:83:e7:4c:2a:eb: 91:92:51:9f:de:5a:4f:c2:5f:2b:71:7e:89:22:cc:d4:02:77: 93:8c:eb:3a:9d:f1:7b:04:9a:11:45:86:b5:f9:27:bd:f4:30: 7b:e2:95:ff:5b:c5:bd:25:56:50:e5:27:1a:18:e5:e8:ed:52: 73:e5:d5:17:7b:cc:70:8a:6b:38:b8:e1:24:49:59:b7:4b:59: 52:db:79:cb:f6:fa:6b:56:15:17:a2:62:cf:e8:79:b9:52:12: 07:f6:ad:ac:ae:54:99:48:5c:86:60:77:c9:f4:d9:41:aa:c8: 18:6d:25:38:b2:92:0b:76:1d:68:c9:19:06:3c:37:80:79:a2: 61:26:47:b5:2c:05:02:c6:cd:a8:ad:b5:af:cd:e5:86:75:75: 2b:10:36:b9:69:47:42:1c:f1:ab:ba:7b:55:64:11:07:58:0b: 95:4a:60:d0 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUMPayBmQ8GNiOyW7sXZgzJNKWiAUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwNTAzOVoX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAZTQzMTY0ODk0OWRkN2VhNDRjN2Y2 Nzk5YWY2Y2JkMTYxYzgwMzBjMzRkOGJlNDA5NWRkOTk2M2E4YjNhMTcyZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAte95XkiDGTfLWnCZm05VOHl952ER sBVvFcQcaPXBHPDa9No22JL9Byrm/4YizmfyTQC6gp4ONc50qO1ta2vRVpBB8eCD umNTJKd3PPIjg4jxs1hU7i1ssLHPVGND2I6xnNE6d4A7bOz9TekCWHRh6igmeo6N Qt/FqI5QCSgevw5+CBKhpz87JsIOYkZMW4CD3OJiz2eA9HRwlAifDHkMXSEyv3el k/DQnpmMzAQ7UIIXSV0S5jifMNGx5DqHBgKT1NtTDmG3WIQrYSIh3/Gsxu6Oec1B aAKrS7KcPzvwJYUkIPtchSgc5re+BvsSUdOz6rPF+11HEAtNcSaQU2O1PwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFJUWJASEAhMf1Bp60g9EWMRqpOqdMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y2ODEyOWFjLWIyOWQtNDJjYS04YTA3LTMxZTRmNDcwZTFlNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAba/DANBgkqhkiG9w0BAQsFAAOCAQEAQVFcTZ7sp9fxY388DgWq IDYEc5UykLVok7srCX5ghLNVzjqoOABF5c3Yf14GJoNXGwstuGCIFZVtQtMnTXHN XpFCgNBkUfm72kbTp/Spz/p/B8lK54PnTCrrkZJRn95aT8JfK3F+iSLM1AJ3k4zr Op3xewSaEUWGtfknvfQwe+KV/1vFvSVWUOUnGhjl6O1Sc+XVF3vMcIprOLjhJElZ t0tZUtt5y/b6a1YVF6Jiz+h5uVISB/atrK5UmUhchmB3yfTZQarIGG0lOLKSC3Yd aMkZBjw3gHmiYSZHtSwFAsbNqK21r83lhnV1KxA2uWlHQhzxq7p7VWQRB1gLlUpg 0A== -----END CERTIFICATE-----Generated at Mon Aug 4 16:05:01 2025 by rpki-client