$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/122b6540-2716-4812-94bd-babdad6e9125.roa File: 122b6540-2716-4812-94bd-babdad6e9125.roa (raw, json) Hash identifier: bpMymMPBa/ytFE5tNyQkhcIJWsIcUB7t5VjU8MeNFj8= Subject key identifier: B7:85:5F:BC:C2:37:34:FE:23:9F:52:28:67:18:A7:FB:A5:BB:75:F9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6FE3A0636BAB4ABD01F9FBFD1757BC58A0755591 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/122b6540-2716-4812-94bd-babdad6e9125.roa Signing time: Mon 28 Jul 2025 15:11:02 +0000 ROA not before: Mon 28 Jul 2025 15:11:02 +0000 ROA not after: Mon 01 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:a040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:e3:a0:63:6b:ab:4a:bd:01:f9:fb:fd:17:57:bc:58:a0:75:55:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 28 15:11:02 2025 GMT Not After : Sep 1 23:59:59 2025 GMT Subject: serialNumber=5241bd9bf7e884086314e8c6e3b1b5abd359a41cf4c6969303921aa40bd77744, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:14:2e:74:2c:55:dd:95:aa:60:1d:85:d9:77: e3:fd:fe:11:d2:79:2a:6a:e6:59:84:30:23:41:a5: dd:0a:66:a6:60:56:ec:23:a0:9e:52:84:f7:05:d3: be:99:79:ed:15:d1:45:45:80:35:87:6f:49:a9:7c: fd:7c:40:33:76:5f:53:86:04:7e:f1:b7:d5:5e:ad: 72:b5:3d:03:d6:53:4e:6d:92:82:df:f5:3b:31:72: cf:6f:7b:e1:90:e6:0d:1e:78:fd:f1:2c:96:dc:b8: 96:e9:6f:1f:99:f0:d5:55:17:7e:ca:48:79:b5:55: cc:38:91:8e:81:0a:60:82:3e:0d:c5:60:b9:95:a9: 94:b0:e8:a5:cb:e3:e2:82:28:be:68:5b:b1:ce:a5: c0:cb:7d:13:c5:55:9d:a3:96:c1:3b:4e:e4:82:b0: 94:25:d4:d4:11:8d:0c:89:68:c7:f1:f2:04:4e:f9: 6f:b2:17:44:00:14:be:1d:70:17:9e:09:71:18:46: 0e:c4:23:41:7f:60:fa:9e:5e:03:5f:46:3c:4b:9b: 55:67:60:2a:08:bc:94:f6:57:1f:cd:d2:a1:5d:42: 0c:a7:be:96:d1:81:b4:43:a0:04:f6:e9:7f:07:ba: 50:c0:19:a8:fc:d2:98:8b:12:b3:3c:61:e0:0a:0b: ac:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:85:5F:BC:C2:37:34:FE:23:9F:52:28:67:18:A7:FB:A5:BB:75:F9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/122b6540-2716-4812-94bd-babdad6e9125.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:a040::/48 Signature Algorithm: sha256WithRSAEncryption 07:14:84:cb:bb:0c:1d:ba:32:ee:85:78:d7:5b:b6:4d:c4:36: f0:3e:e6:87:97:46:3b:4a:cb:b7:73:3e:45:ee:f3:f9:74:b4: df:58:90:e4:63:1d:b2:e7:42:c6:38:e6:fa:ff:28:8e:55:9f: a0:7a:ac:f9:dc:3a:c9:81:8b:05:2c:6d:4d:12:3f:d4:c9:38: 5b:18:cc:03:1c:ed:41:66:92:30:db:d5:32:c6:79:a1:ed:55: 7c:0a:a6:59:ac:86:e6:e9:0d:79:55:ce:69:95:0f:ff:98:5a: e4:c7:bb:de:98:7c:f6:38:10:35:8a:16:16:7f:79:8b:3d:27: 39:f7:41:09:6c:10:24:96:36:47:7e:01:3e:41:2c:6a:e7:75: 09:d7:bb:c3:44:50:3b:cc:be:ff:a3:f2:ce:17:2c:e8:84:50: 7b:55:73:c6:27:14:ca:8e:0b:eb:53:3a:c3:d2:0b:9b:11:96: 51:59:29:99:67:72:7a:a9:77:df:fc:00:d0:b3:8b:f7:5f:2d: 36:f4:7e:95:0c:3b:db:ad:2e:b8:3c:60:03:b3:da:2a:f6:c7: c7:ab:4c:94:ac:f1:4d:e6:6b:ab:55:21:61:75:59:de:1b:cf: 66:62:1b:0a:cf:5d:1f:57:51:7c:cf:12:e3:25:d2:ce:65:dc: 3b:25:cf:bb -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUb+OgY2urSr0B+fv9F1e8WKB1VZEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyODE1MTEwMloX DTI1MDkwMTIzNTk1OVowejFJMEcGA1UEBRNANTI0MWJkOWJmN2U4ODQwODYzMTRl OGM2ZTNiMWI1YWJkMzU5YTQxY2Y0YzY5NjkzMDM5MjFhYTQwYmQ3Nzc0NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBQudCxV3ZWqYB2F2Xfj/f4R0nkq auZZhDAjQaXdCmamYFbsI6CeUoT3BdO+mXntFdFFRYA1h29JqXz9fEAzdl9ThgR+ 8bfVXq1ytT0D1lNObZKC3/U7MXLPb3vhkOYNHnj98SyW3LiW6W8fmfDVVRd+ykh5 tVXMOJGOgQpggj4NxWC5lamUsOily+Pigii+aFuxzqXAy30TxVWdo5bBO07kgrCU JdTUEY0MiWjH8fIETvlvshdEABS+HXAXnglxGEYOxCNBf2D6nl4DX0Y8S5tVZ2Aq CLyU9lcfzdKhXUIMp76W0YG0Q6AE9ul/B7pQwBmo/NKYixKzPGHgCgusvQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLeFX7zCNzT+I59SKGcYp/ulu3X5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzEyMmI2NTQwLTI3MTYtNDgxMi05NGJkLWJhYmRhZDZlOTEyNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/6BAMA0GCSqGSIb3DQEBCwUAA4IBAQAHFITLuwwdujLuhXjX W7ZNxDbwPuaHl0Y7Ssu3cz5F7vP5dLTfWJDkYx2y50LGOOb6/yiOVZ+geqz53DrJ gYsFLG1NEj/UyThbGMwDHO1BZpIw29Uyxnmh7VV8CqZZrIbm6Q15Vc5plQ//mFrk x7vemHz2OBA1ihYWf3mLPSc590EJbBAkljZHfgE+QSxq53UJ17vDRFA7zL7/o/LO FyzohFB7VXPGJxTKjgvrUzrD0gubEZZRWSmZZ3J6qXff/ADQs4v3Xy029H6VDDvb rS64PGADs9oq9sfHq0yUrPFN5murVSFhdVneG89mYhsKz10fV1F8zxLjJdLOZdw7 Jc+7 -----END CERTIFICATE-----Generated at Thu Jul 31 01:05:47 2025 by rpki-client