$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/167733fe-6ab1-443d-bc7d-702a6bfa6dbc.roa File: 167733fe-6ab1-443d-bc7d-702a6bfa6dbc.roa (raw, json) Hash identifier: RrSF66rnTw/yFfoiHYVDcDATj6tTWKCmL+iT/jEZ1P4= Subject key identifier: 01:D5:92:D2:DC:AC:01:55:BD:31:D8:8F:79:F3:EF:0B:B8:53:D7:EE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 70E5F91AA2B3F6D3D11E9D58AC1C11C2885A9A01 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/167733fe-6ab1-443d-bc7d-702a6bfa6dbc.roa Signing time: Fri 11 Jul 2025 00:00:10 +0000 ROA not before: Fri 11 Jul 2025 00:00:10 +0000 ROA not after: Fri 15 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daed:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:e5:f9:1a:a2:b3:f6:d3:d1:1e:9d:58:ac:1c:11:c2:88:5a:9a:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 11 00:00:10 2025 GMT Not After : Aug 15 23:59:59 2025 GMT Subject: serialNumber=dbbce1316fe45275acaeed92f519d32626c1368c45e1323566f57648cd407119, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fb:aa:33:d2:ab:c0:a8:22:15:ea:73:cb:00:fe: 9e:f1:c4:38:bb:42:90:25:54:ea:eb:91:b2:82:64: 0f:a3:1e:6f:a0:45:ea:59:19:ca:60:7e:6a:89:23: 71:c0:64:bd:d7:7d:97:d3:62:ef:62:f5:ef:67:44: f6:ff:f6:ba:a1:6c:c1:ed:ea:f3:5b:82:28:f1:b4: 4b:08:60:83:5f:61:07:0c:df:ee:45:a9:3f:c3:df: da:16:ee:a2:e2:c0:d2:12:a5:be:f7:ca:3d:a0:86: 54:24:cd:9c:e1:29:b4:c2:ee:10:0a:55:2b:a8:23: cf:4e:fd:0c:4f:27:51:ae:17:1e:a9:5f:8d:de:ff: e0:9f:11:ac:ad:da:71:26:5a:b8:e0:ab:76:97:97: ef:c8:75:14:98:57:63:fe:72:4b:f0:51:50:9f:f2: 18:2b:22:74:41:03:f8:25:46:cf:4e:7f:62:3b:4c: 6c:48:80:b1:54:21:82:ac:bd:b8:7f:dd:e9:18:dd: 6a:f6:4f:66:ac:91:94:dd:aa:5d:be:81:70:53:5d: 83:d7:71:68:7b:80:a5:2c:d4:b1:21:6c:05:25:ff: 94:b5:3f:44:84:80:e6:ab:b5:f8:be:a0:36:b8:dd: e5:35:d8:a7:a6:d0:ec:9e:68:e5:07:f1:df:0b:e7: 32:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:D5:92:D2:DC:AC:01:55:BD:31:D8:8F:79:F3:EF:0B:B8:53:D7:EE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/167733fe-6ab1-443d-bc7d-702a6bfa6dbc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daed:4000::/40 Signature Algorithm: sha256WithRSAEncryption a5:b1:80:57:24:87:cd:6a:15:6f:05:50:96:df:ca:04:be:10: dd:04:7e:47:e8:31:94:c0:6d:a6:d8:36:ba:d8:20:8f:79:55: 28:69:b4:6b:c3:de:fd:fc:67:cf:e7:7a:f4:31:69:eb:8f:a6: 23:7c:b8:d3:cd:fb:58:f7:bf:97:3d:38:09:c2:a2:f1:fa:cd: 70:e3:df:2d:c2:db:bc:f2:3e:3a:60:96:ac:9a:29:f3:51:fa: e1:30:7a:49:30:3c:c6:ce:02:e1:be:b4:22:8d:0e:5e:62:6f: 83:b9:16:2f:f8:6d:2c:1e:3a:20:e2:98:33:0f:cc:c8:11:58: 5e:05:88:cd:1d:ba:63:c3:69:c0:42:ab:3a:9f:70:57:ed:b3: 2f:05:b7:f0:c5:ed:22:7e:1d:20:88:e6:5a:f4:d6:41:a3:10: 84:9b:05:5f:ee:94:25:74:78:f5:52:7c:51:93:5f:5b:f7:0e: d1:fe:f8:fe:73:09:af:0e:02:4d:cf:33:8c:d2:01:83:62:4c: b3:94:13:c2:7d:b2:59:83:36:32:1e:47:2e:ee:62:05:67:1b: 4f:25:97:cb:9e:f6:57:2b:92:bd:df:89:3b:bc:0a:e5:08:a8: 77:8a:c7:5f:c1:df:59:9e:cc:fe:38:9d:75:bb:24:da:ed:ea: e7:6f:c6:73 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcOX5GqKz9tPRHp1YrBwRwohamgEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcxMTAwMDAxMFoX DTI1MDgxNTIzNTk1OVowejFJMEcGA1UEBRNAZGJiY2UxMzE2ZmU0NTI3NWFjYWVl ZDkyZjUxOWQzMjYyNmMxMzY4YzQ1ZTEzMjM1NjZmNTc2NDhjZDQwNzExOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+6oz0qvAqCIV6nPLAP6e8cQ4u0KQ JVTq65GygmQPox5voEXqWRnKYH5qiSNxwGS9132X02LvYvXvZ0T2//a6oWzB7erz W4Io8bRLCGCDX2EHDN/uRak/w9/aFu6i4sDSEqW+98o9oIZUJM2c4Sm0wu4QClUr qCPPTv0MTydRrhceqV+N3v/gnxGsrdpxJlq44Kt2l5fvyHUUmFdj/nJL8FFQn/IY KyJ0QQP4JUbPTn9iO0xsSICxVCGCrL24f93pGN1q9k9mrJGU3apdvoFwU12D13Fo e4ClLNSxIWwFJf+UtT9EhIDmq7X4vqA2uN3lNdinptDsnmjlB/HfC+cyiQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAHVktLcrAFVvTHYj3nz7wu4U9fuMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE2NzczM2ZlLTZhYjEtNDQzZC1iYzdkLTcwMmE2YmZhNmRiYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7UAwDQYJKoZIhvcNAQELBQADggEBAKWxgFckh81qFW8FUJbf ygS+EN0EfkfoMZTAbabYNrrYII95VShptGvD3v38Z8/nevQxaeuPpiN8uNPN+1j3 v5c9OAnCovH6zXDj3y3C27zyPjpglqyaKfNR+uEwekkwPMbOAuG+tCKNDl5ib4O5 Fi/4bSweOiDimDMPzMgRWF4FiM0dumPDacBCqzqfcFftsy8Ft/DF7SJ+HSCI5lr0 1kGjEISbBV/ulCV0ePVSfFGTX1v3DtH++P5zCa8OAk3PM4zSAYNiTLOUE8J9slmD NjIeRy7uYgVnG08ll8ue9lcrkr3fiTu8CuUIqHeKx1/B31mezP44nXW7JNrt6udv xnM= -----END CERTIFICATE-----Generated at Thu Jul 31 00:59:17 2025 by rpki-client