$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02d4e2a1-b855-4dc9-b76f-9f661a0dff14.roa File: 02d4e2a1-b855-4dc9-b76f-9f661a0dff14.roa (raw, json) Hash identifier: YZitHbK//4ICHzWOgh1Kvi09uYlvKY7hxTtwJWWILFA= Subject key identifier: 01:FD:88:D0:EE:8B:89:BA:EA:B7:5F:1A:E7:15:10:2F:70:93:D6:E7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3B00C9113D94EA8C5383D973FF90F7309B75E398 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02d4e2a1-b855-4dc9-b76f-9f661a0dff14.roa Signing time: Wed 30 Jul 2025 00:02:11 +0000 ROA not before: Wed 30 Jul 2025 00:02:11 +0000 ROA not after: Wed 03 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:9000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:00:c9:11:3d:94:ea:8c:53:83:d9:73:ff:90:f7:30:9b:75:e3:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 30 00:02:11 2025 GMT Not After : Sep 3 23:59:59 2025 GMT Subject: serialNumber=e59cade6eed52606129ee2c06acc2f9146db2e6784c79d6410b605c33d7a0df3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:53:88:f1:8d:94:4d:c4:57:48:90:97:0d:2a: a9:28:2b:2b:8b:b1:2c:bb:6a:45:e5:d2:cc:4f:9c: c8:eb:69:54:b9:24:07:2b:b8:72:21:f7:0d:61:38: 79:c5:3f:8d:60:f4:ab:b8:7e:fb:6d:22:5f:ed:2e: 06:e3:0c:d4:ae:30:40:fd:e6:44:7f:57:a1:0e:a3: 0c:73:c2:70:46:d9:e1:55:0e:37:0b:68:01:cf:4a: 68:78:5b:79:99:fb:63:ad:3c:7e:53:02:d8:d0:85: 0e:9a:21:6e:0a:39:55:a6:8c:96:85:2c:db:5c:15: eb:91:36:47:00:37:9b:31:cf:7f:71:95:a7:42:e8: b8:18:ef:43:2b:c6:e7:87:59:e9:a5:eb:f8:a8:61: e7:f6:e4:c0:b6:07:4a:e0:11:ee:2f:ec:c0:b0:a2: ce:a1:ad:c7:c8:04:a4:fb:94:c8:d0:c7:78:1c:1b: 63:e2:eb:d0:75:00:f4:62:5b:5f:ac:1c:ce:cb:d0: 03:dd:1a:41:ff:79:d3:2e:18:29:b7:78:73:09:f2: 06:d4:3c:d7:5a:52:49:e7:79:4a:be:6e:75:00:97: 78:ff:94:99:56:7c:ba:79:aa:84:0e:93:1c:a9:2d: 3b:7e:08:b3:24:e3:74:ca:74:fc:d7:3c:4e:f1:aa: f7:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:FD:88:D0:EE:8B:89:BA:EA:B7:5F:1A:E7:15:10:2F:70:93:D6:E7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02d4e2a1-b855-4dc9-b76f-9f661a0dff14.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:9000::/40 Signature Algorithm: sha256WithRSAEncryption 2c:0b:f0:4c:e4:29:df:6d:53:b0:f1:0f:b3:98:60:1d:14:cc: b1:0f:1b:aa:b3:a3:03:e1:1e:b8:7d:b5:39:8e:32:91:51:26: c6:cd:f2:d5:8f:1c:d1:ef:73:5f:c6:66:01:38:38:7e:7d:2f: b1:b3:ae:af:4d:7f:12:52:82:07:6f:e4:a1:c9:a6:72:7d:d1: 53:46:a0:44:54:3a:8a:f6:8e:52:cb:c4:ec:3b:0c:a2:10:8f: c3:40:78:ef:08:b7:93:74:7c:a5:e2:a6:1a:7c:c9:11:e9:a1: 10:80:98:58:4f:17:77:28:8a:8f:c8:04:1f:19:fd:43:e9:c1: 1f:85:69:eb:aa:84:ce:11:04:a0:e4:b7:69:cc:b7:cb:2f:e0: 11:0e:9e:d3:d3:f5:d4:81:de:2d:20:a0:8c:e9:4d:71:28:fb: e7:6b:b0:86:c0:50:2f:30:73:e7:44:73:44:b3:ae:d5:7a:ac: a6:31:97:0a:8e:3c:3c:7a:17:a1:85:8a:40:04:a8:c5:f4:57: ca:e4:c2:d3:dc:60:e3:94:4d:6c:8e:cc:95:55:7e:86:07:77: 45:f3:f8:92:4c:6d:b9:70:fa:08:44:52:5c:06:32:fe:69:f1: 72:e9:a7:7d:9b:60:c6:05:0a:35:45:6e:ba:4e:99:16:54:18: 7e:d0:01:b0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOwDJET2U6oxTg9lz/5D3MJt145gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMDIxMVoX DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAZTU5Y2FkZTZlZWQ1MjYwNjEyOWVl MmMwNmFjYzJmOTE0NmRiMmU2Nzg0Yzc5ZDY0MTBiNjA1YzMzZDdhMGRmMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9VOI8Y2UTcRXSJCXDSqpKCsri7Es u2pF5dLMT5zI62lUuSQHK7hyIfcNYTh5xT+NYPSruH77bSJf7S4G4wzUrjBA/eZE f1ehDqMMc8JwRtnhVQ43C2gBz0poeFt5mftjrTx+UwLY0IUOmiFuCjlVpoyWhSzb XBXrkTZHADebMc9/cZWnQui4GO9DK8bnh1nppev4qGHn9uTAtgdK4BHuL+zAsKLO oa3HyASk+5TI0Md4HBtj4uvQdQD0YltfrBzOy9AD3RpB/3nTLhgpt3hzCfIG1DzX WlJJ53lKvm51AJd4/5SZVny6eaqEDpMcqS07fgizJON0ynT81zxO8ar38wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAH9iNDui4m66rdfGucVEC9wk9bnMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAyZDRlMmExLWI4NTUtNGRjOS1iNzZmLTlmNjYxYTBkZmYxNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYZAwDQYJKoZIhvcNAQELBQADggEBACwL8EzkKd9tU7DxD7OY YB0UzLEPG6qzowPhHrh9tTmOMpFRJsbN8tWPHNHvc1/GZgE4OH59L7Gzrq9NfxJS ggdv5KHJpnJ90VNGoERUOor2jlLLxOw7DKIQj8NAeO8It5N0fKXiphp8yRHpoRCA mFhPF3coio/IBB8Z/UPpwR+FaeuqhM4RBKDkt2nMt8sv4BEOntPT9dSB3i0goIzp TXEo++drsIbAUC8wc+dEc0SzrtV6rKYxlwqOPDx6F6GFikAEqMX0V8rkwtPcYOOU TWyOzJVVfoYHd0Xz+JJMbblw+ghEUlwGMv5p8XLpp32bYMYFCjVFbrpOmRZUGH7Q AbA= -----END CERTIFICATE-----Generated at Thu Jul 31 00:58:51 2025 by rpki-client