$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/005a9212-fea0-4bc0-be12-084b81124b8f.roa File: 005a9212-fea0-4bc0-be12-084b81124b8f.roa (raw, json) Hash identifier: Z2S5iaRbZkdtbCzW3pZFV5udxS5U+fsSTWRqbba2ct0= Subject key identifier: DE:E0:70:B8:5F:AB:68:B2:61:99:B6:73:56:DC:CE:FE:05:5E:D0:6E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 46F17AEAEAFF9B97ABA7A143CBED04039F30D6AE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/005a9212-fea0-4bc0-be12-084b81124b8f.roa Signing time: Mon 28 Jul 2025 15:01:28 +0000 ROA not before: Mon 28 Jul 2025 15:01:28 +0000 ROA not after: Mon 01 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:7040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:f1:7a:ea:ea:ff:9b:97:ab:a7:a1:43:cb:ed:04:03:9f:30:d6:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 28 15:01:28 2025 GMT Not After : Sep 1 23:59:59 2025 GMT Subject: serialNumber=963bc1bec2ed3e9bb05a894fdf5af96d96a69dbff4101e12e95eb76a35f66af5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:ff:8b:9d:fd:3b:40:8c:53:7e:9a:43:9a:41: 17:d3:38:71:64:5c:50:c0:f8:d8:50:31:19:49:13: f2:2c:06:aa:a8:e7:6e:03:b2:25:1f:3a:7a:b0:26: c9:92:18:70:f4:89:32:88:cc:c2:ec:8b:d3:e9:a1: 05:e1:4e:8a:c2:bf:9f:f5:81:a9:f1:e0:14:6e:30: 76:54:e1:9d:31:86:77:4b:50:df:e2:4f:4b:71:92: 5c:19:9d:4c:a0:24:34:79:e2:1a:39:8d:6f:97:1b: bb:0c:45:2a:a3:1f:ec:60:89:0f:9e:75:0f:7e:f0: 97:51:d8:8b:02:0d:b5:1c:e6:c3:cc:c9:8c:e3:be: 3a:2e:5c:00:74:55:70:a0:78:73:b3:6e:ce:bd:65: bb:53:7d:f9:fc:b9:e7:32:ad:8f:9b:a3:c6:ea:80: 5d:55:6d:0b:88:f6:e7:09:25:87:fa:8d:10:dd:c4: e4:7a:05:22:67:0e:87:74:27:4f:eb:6d:7b:79:ff: 48:66:ac:81:4d:8e:e5:8d:2a:46:df:2a:30:07:0f: 1d:4e:9f:85:34:8c:4a:4b:aa:87:1f:89:6c:db:6a: c1:cc:7b:9d:fd:05:6b:62:59:a4:70:26:72:d0:51: 9a:16:92:ac:ea:ae:43:7c:8a:c7:ed:70:cb:f5:1b: eb:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:E0:70:B8:5F:AB:68:B2:61:99:B6:73:56:DC:CE:FE:05:5E:D0:6E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/005a9212-fea0-4bc0-be12-084b81124b8f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:7040::/48 Signature Algorithm: sha256WithRSAEncryption a2:37:1f:5c:6e:a2:8d:15:17:c3:dd:ff:b9:d6:8d:d8:de:f4: 48:5a:f4:64:f7:00:51:99:8b:86:9f:82:0a:cc:fa:5a:bb:cf: 0c:d8:f3:89:f1:1c:20:39:fb:3f:43:05:6f:8b:d0:bf:14:bb: c6:cd:39:fd:3d:62:77:cd:d3:20:5b:c9:29:ae:2f:e4:80:28: e4:26:a5:89:bb:42:6c:77:a3:83:a2:62:fd:03:03:08:f3:fc: 64:56:94:01:0a:d0:b6:30:55:58:08:70:a2:a6:41:ac:ce:a4: 48:d5:6f:0c:05:e5:86:83:e7:a6:fd:ba:49:d3:28:4a:9c:22: 45:e5:67:35:4a:2a:a2:f0:44:10:5d:9f:68:f5:d4:c9:5e:bd: d5:b3:77:41:5f:d4:79:95:8b:ef:32:cf:c9:3a:62:87:f6:93: 99:3b:59:b3:0e:93:56:c9:3b:0a:79:d4:71:20:77:6d:c4:20: 5c:a8:15:06:12:85:a6:1e:66:c0:c0:27:e6:c9:7e:1a:21:7e: 58:77:8e:3a:35:cd:18:2a:0a:b1:94:2c:2c:f6:dd:db:93:f6: 65:b3:f1:3c:2a:24:05:c8:6a:24:87:72:e5:41:85:0b:78:53: e1:b7:44:d4:6e:5b:0d:04:d7:52:87:f7:37:c1:5d:ed:16:49: 5b:b6:80:c9 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIURvF66ur/m5erp6FDy+0EA58w1q4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyODE1MDEyOFoX DTI1MDkwMTIzNTk1OVowejFJMEcGA1UEBRNAOTYzYmMxYmVjMmVkM2U5YmIwNWE4 OTRmZGY1YWY5NmQ5NmE2OWRiZmY0MTAxZTEyZTk1ZWI3NmEzNWY2NmFmNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlP+Lnf07QIxTfppDmkEX0zhxZFxQ wPjYUDEZSRPyLAaqqOduA7IlHzp6sCbJkhhw9IkyiMzC7IvT6aEF4U6Kwr+f9YGp 8eAUbjB2VOGdMYZ3S1Df4k9LcZJcGZ1MoCQ0eeIaOY1vlxu7DEUqox/sYIkPnnUP fvCXUdiLAg21HObDzMmM4746LlwAdFVwoHhzs27OvWW7U335/LnnMq2Pm6PG6oBd VW0LiPbnCSWH+o0Q3cTkegUiZw6HdCdP6217ef9IZqyBTY7ljSpG3yowBw8dTp+F NIxKS6qHH4ls22rBzHud/QVrYlmkcCZy0FGaFpKs6q5DfIrH7XDL9Rvr+QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFN7gcLhfq2iyYZm2c1bczv4FXtBuMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAwNWE5MjEyLWZlYTAtNGJjMC1iZTEyLTA4NGI4MTEyNGI4Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAHBAMA0GCSqGSIb3DQEBCwUAA4IBAQCiNx9cbqKNFRfD3f+5 1o3Y3vRIWvRk9wBRmYuGn4IKzPpau88M2POJ8RwgOfs/QwVvi9C/FLvGzTn9PWJ3 zdMgW8kpri/kgCjkJqWJu0Jsd6ODomL9AwMI8/xkVpQBCtC2MFVYCHCipkGszqRI 1W8MBeWGg+em/bpJ0yhKnCJF5Wc1Siqi8EQQXZ9o9dTJXr3Vs3dBX9R5lYvvMs/J OmKH9pOZO1mzDpNWyTsKedRxIHdtxCBcqBUGEoWmHmbAwCfmyX4aIX5Yd446Nc0Y KgqxlCws9t3bk/Zls/E8KiQFyGokh3LlQYULeFPht0TUblsNBNdSh/c3wV3tFklb toDJ -----END CERTIFICATE-----Generated at Thu Jul 31 01:03:58 2025 by rpki-client