$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1582ee0d-11ea-4495-97e5-0ed825ba8ee2.roa File: 1582ee0d-11ea-4495-97e5-0ed825ba8ee2.roa (raw, json) Hash identifier: SU2Dqimimtb/CPN/S2MFZkeFBZaNFkMWGh7otzLpbys= Subject key identifier: 6E:1F:0F:70:9F:DA:D6:1D:EA:00:25:C6:C8:7C:30:93:86:F9:AC:D0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6649527C40C3B13F1DF136D1530C66AC6D5B741A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1582ee0d-11ea-4495-97e5-0ed825ba8ee2.roa Signing time: Tue 29 Jul 2025 00:11:17 +0000 ROA not before: Tue 29 Jul 2025 00:11:17 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:4020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:49:52:7c:40:c3:b1:3f:1d:f1:36:d1:53:0c:66:ac:6d:5b:74:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:11:17 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=4287f61cc25c8b15465c2391573c331b358c2e8e5666e56ac633d8f87129f784, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:c0:33:29:ed:cf:65:fe:16:f9:e1:f5:60:50: c4:4e:c4:8d:1e:f4:8e:1e:13:58:f6:1a:8f:e6:01: 08:85:cb:eb:14:22:2d:ae:cd:61:83:d8:31:3a:24: 0f:07:46:16:03:08:cc:dc:26:c2:cf:97:74:d3:89: a0:e1:c6:6a:9b:62:43:46:a9:c6:74:ff:77:02:fa: d6:8a:cd:01:0e:eb:e0:d5:f2:4e:3c:25:ff:e6:78: 9e:90:f3:a2:86:b5:d4:36:e5:17:ac:b1:62:bb:9a: a3:98:8f:ea:dc:a7:5a:5d:aa:31:e8:ba:7e:2a:30: 89:30:46:3e:da:e4:32:96:29:e4:1f:35:d1:47:84: 60:98:6c:f7:2f:80:c6:c2:f4:4f:0e:23:e2:39:d6: 1f:8f:cb:c4:a8:21:a7:a5:13:40:1c:08:1b:5c:77: ca:13:78:48:73:12:8f:2c:fb:c1:13:59:47:07:d1: 97:d3:3e:6e:7c:2f:12:e7:9d:ac:31:88:75:1e:34: d5:95:54:71:a5:69:f9:20:a9:5b:51:5e:57:e7:b1: 41:3a:d7:df:a0:e9:a0:78:b1:a5:ad:31:ff:35:fd: 10:fb:6f:19:45:6e:3e:af:dc:c0:35:b1:36:35:e0: 33:5d:b9:bc:2a:f1:1b:bc:5e:b3:d6:75:4f:c6:9f: f3:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:1F:0F:70:9F:DA:D6:1D:EA:00:25:C6:C8:7C:30:93:86:F9:AC:D0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1582ee0d-11ea-4495-97e5-0ed825ba8ee2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:4020::/48 Signature Algorithm: sha256WithRSAEncryption 92:3c:de:79:c1:2a:fe:73:25:19:2f:0e:09:88:f5:f6:54:d9: 12:a5:81:e4:28:d7:b3:be:c6:dc:14:06:d4:54:24:55:17:43: c6:ac:50:35:b2:bc:46:72:0c:27:67:1d:0d:d1:ab:5f:3f:fa: f4:c1:21:0d:9f:da:e5:f0:6b:bb:aa:3c:6f:ba:5d:42:26:2d: e6:d6:91:60:99:cc:d2:11:47:32:15:a5:9e:33:f9:7b:96:0a: 34:c7:ae:28:af:cd:de:0f:dd:4a:a9:f4:36:c1:e2:2d:24:ff: 34:7b:f2:e9:34:60:06:c0:74:5f:83:be:11:b5:39:23:58:0c: 1d:c1:ea:a8:ee:f9:74:07:c9:24:a4:c3:51:4e:42:32:42:10: 4e:3d:a2:2e:72:43:84:67:d1:60:28:05:f7:ca:e8:44:65:75: 0d:cb:55:fd:fa:5a:d9:ac:81:bf:df:21:9b:23:e5:a2:79:b6: 48:99:59:32:da:5e:79:64:9d:cd:61:f2:f5:76:81:30:b2:a7: e9:d0:b9:e5:42:77:28:89:25:ab:b7:59:9a:a2:75:15:24:8b: b1:98:3b:4b:55:6c:8f:59:4b:f2:e9:de:30:59:40:32:84:5b: d7:86:d2:37:36:de:9e:a9:b2:6a:8f:bf:0c:83:03:b0:8d:07: 65:bb:b7:11 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZklSfEDDsT8d8TbRUwxmrG1bdBowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwMTExN1oX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNANDI4N2Y2MWNjMjVjOGIxNTQ2NWMy MzkxNTczYzMzMWIzNThjMmU4ZTU2NjZlNTZhYzYzM2Q4Zjg3MTI5Zjc4NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMAzKe3PZf4W+eH1YFDETsSNHvSO HhNY9hqP5gEIhcvrFCItrs1hg9gxOiQPB0YWAwjM3CbCz5d004mg4cZqm2JDRqnG dP93AvrWis0BDuvg1fJOPCX/5niekPOihrXUNuUXrLFiu5qjmI/q3KdaXaox6Lp+ KjCJMEY+2uQylinkHzXRR4RgmGz3L4DGwvRPDiPiOdYfj8vEqCGnpRNAHAgbXHfK E3hIcxKPLPvBE1lHB9GX0z5ufC8S552sMYh1HjTVlVRxpWn5IKlbUV5X57FBOtff oOmgeLGlrTH/Nf0Q+28ZRW4+r9zANbE2NeAzXbm8KvEbvF6z1nVPxp/znQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFG4fD3Cf2tYd6gAlxsh8MJOG+azQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE1ODJlZTBkLTExZWEtNDQ5NS05N2U1LTBlZDgyNWJhOGVlMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8kAgMA0GCSqGSIb3DQEBCwUAA4IBAQCSPN55wSr+cyUZLw4J iPX2VNkSpYHkKNezvsbcFAbUVCRVF0PGrFA1srxGcgwnZx0N0atfP/r0wSENn9rl 8Gu7qjxvul1CJi3m1pFgmczSEUcyFaWeM/l7lgo0x64or83eD91KqfQ2weItJP80 e/LpNGAGwHRfg74RtTkjWAwdweqo7vl0B8kkpMNRTkIyQhBOPaIuckOEZ9FgKAX3 yuhEZXUNy1X9+lrZrIG/3yGbI+WiebZImVky2l55ZJ3NYfL1doEwsqfp0LnlQnco iSWrt1maonUVJIuxmDtLVWyPWUvy6d4wWUAyhFvXhtI3Nt6eqbJqj78MgwOwjQdl u7cR -----END CERTIFICATE-----Generated at Thu Jul 31 01:05:20 2025 by rpki-client