$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19c2d4e6-f756-4329-8ef7-563420636cfb.roa File: 19c2d4e6-f756-4329-8ef7-563420636cfb.roa (raw, json) Hash identifier: km6KqVzB8oURxW1GRk+cco3eyLO9v8Qz3AfVTV60mtc= Subject key identifier: 30:6D:C2:E4:B9:2D:06:B0:50:04:51:A5:EE:59:ED:33:D6:25:3E:9F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5355317C7308B1050A7224C1F2997DD094852504 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19c2d4e6-f756-4329-8ef7-563420636cfb.roa Signing time: Sat 26 Jul 2025 00:01:05 +0000 ROA not before: Sat 26 Jul 2025 00:01:05 +0000 ROA not after: Sat 30 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:4000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:55:31:7c:73:08:b1:05:0a:72:24:c1:f2:99:7d:d0:94:85:25:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 26 00:01:05 2025 GMT Not After : Aug 30 23:59:59 2025 GMT Subject: serialNumber=c3a8a7a01b07cbb00456c975f44165ce6d5425162d80ed8581761343ec95c563, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:9c:0f:e4:ce:19:18:c4:d7:3a:d4:e0:12:1a: e3:da:fb:4f:0b:d2:ac:d0:2d:34:76:e7:ea:43:57: c2:70:aa:a7:8e:fa:29:d2:9a:38:75:43:de:4a:4b: a0:4b:39:4b:e3:75:99:c9:70:23:cd:c5:d4:74:f3: 60:3a:e5:22:7e:1a:df:13:4e:34:7c:1c:49:72:ca: b6:ed:94:31:eb:e0:b9:01:00:ed:e4:ec:b1:b9:c1: 8a:71:71:e0:cb:d7:01:62:93:e0:a9:4c:be:5e:99: e4:34:80:5f:91:a7:6a:ec:a5:52:cc:4c:f2:24:13: e5:59:75:c1:07:23:f8:36:8a:c6:32:d7:cd:8f:d7: 04:cc:c1:ed:e5:b6:58:24:c6:7b:3b:91:66:30:3d: df:85:50:59:3e:03:83:12:28:2c:3a:a9:b7:70:f9: 32:1f:eb:af:d1:9b:4e:22:81:8a:60:c1:0e:17:bc: fa:9f:51:03:ec:d6:c8:11:33:d3:3d:55:ad:91:ac: 95:a8:4b:d2:b1:1c:93:cc:9f:e2:8d:15:e4:d9:c4: 52:45:d9:4e:22:fe:e4:72:f5:12:7f:07:f1:f6:71: ea:55:48:09:da:c5:00:22:fe:5a:74:fc:e7:7b:66: 82:b7:8a:c1:ba:21:58:99:a0:8f:a3:61:85:14:59: 35:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:6D:C2:E4:B9:2D:06:B0:50:04:51:A5:EE:59:ED:33:D6:25:3E:9F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19c2d4e6-f756-4329-8ef7-563420636cfb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:4000::/48 Signature Algorithm: sha256WithRSAEncryption 3f:27:6e:17:52:14:c6:18:e1:da:0a:21:dc:cb:cd:55:3b:94: 11:27:01:0e:2a:30:a7:0f:89:1c:4b:82:ad:2f:4f:73:ab:41: d9:44:a7:2f:6d:21:47:0c:09:49:6e:24:1b:9b:8d:a8:42:a7: 58:79:e6:89:b2:05:ed:ed:72:93:38:32:41:03:a2:fc:16:13: d2:0f:b4:01:8b:c2:d6:d3:2f:df:c5:65:25:b6:af:79:b1:48: b5:92:70:30:0d:1c:4e:9d:80:94:dd:11:bb:c9:10:92:de:a6: 4f:3d:b1:c6:6f:58:43:82:52:01:89:3c:56:39:8b:b5:11:32: 4c:68:77:4e:ce:e2:f1:89:2e:b8:b1:25:51:fd:e4:46:33:2e: 3d:09:41:6e:c3:6e:06:6b:cf:54:e8:0e:83:a7:47:9a:c6:c5: d5:b1:4e:03:4d:17:ac:df:a9:07:9d:5b:0b:77:57:41:91:5b: 78:ab:56:3e:99:ce:7b:19:e0:94:7c:12:95:1f:36:76:4d:19: 18:46:df:6a:0c:08:c1:8f:60:61:01:fb:62:15:f8:e0:4a:2c: 3c:47:9a:ef:27:f0:01:b6:b1:38:7e:f6:30:cb:64:e8:7f:90: b3:f6:ec:eb:14:b5:dc:fe:81:52:f1:44:9f:fb:76:85:99:e6: df:7a:f0:cf -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUU1UxfHMIsQUKciTB8pl90JSFJQQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyNjAwMDEwNVoX DTI1MDgzMDIzNTk1OVowejFJMEcGA1UEBRNAYzNhOGE3YTAxYjA3Y2JiMDA0NTZj OTc1ZjQ0MTY1Y2U2ZDU0MjUxNjJkODBlZDg1ODE3NjEzNDNlYzk1YzU2MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZwP5M4ZGMTXOtTgEhrj2vtPC9Ks 0C00dufqQ1fCcKqnjvop0po4dUPeSkugSzlL43WZyXAjzcXUdPNgOuUifhrfE040 fBxJcsq27ZQx6+C5AQDt5OyxucGKcXHgy9cBYpPgqUy+XpnkNIBfkadq7KVSzEzy JBPlWXXBByP4NorGMtfNj9cEzMHt5bZYJMZ7O5FmMD3fhVBZPgODEigsOqm3cPky H+uv0ZtOIoGKYMEOF7z6n1ED7NbIETPTPVWtkayVqEvSsRyTzJ/ijRXk2cRSRdlO Iv7kcvUSfwfx9nHqVUgJ2sUAIv5adPzne2aCt4rBuiFYmaCPo2GFFFk1gwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDBtwuS5LQawUARRpe5Z7TPWJT6fMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE5YzJkNGU2LWY3NTYtNDMyOS04ZWY3LTU2MzQyMDYzNmNmYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9kAAMA0GCSqGSIb3DQEBCwUAA4IBAQA/J24XUhTGGOHaCiHc y81VO5QRJwEOKjCnD4kcS4KtL09zq0HZRKcvbSFHDAlJbiQbm42oQqdYeeaJsgXt 7XKTODJBA6L8FhPSD7QBi8LW0y/fxWUltq95sUi1knAwDRxOnYCU3RG7yRCS3qZP PbHGb1hDglIBiTxWOYu1ETJMaHdOzuLxiS64sSVR/eRGMy49CUFuw24Ga89U6A6D p0eaxsXVsU4DTRes36kHnVsLd1dBkVt4q1Y+mc57GeCUfBKVHzZ2TRkYRt9qDAjB j2BhAftiFfjgSiw8R5rvJ/ABtrE4fvYwy2Tof5Cz9uzrFLXc/oFS8USf+3aFmebf evDP -----END CERTIFICATE-----Generated at Thu Jul 31 01:05:50 2025 by rpki-client