$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1be81b8b-723f-40f7-b725-279fceb1a1b2.roa File: 1be81b8b-723f-40f7-b725-279fceb1a1b2.roa (raw, json) Hash identifier: pOKex3b3kYEQETjngxxr02qOLT7nalOm28rro8pyKOU= Subject key identifier: C8:09:4A:7C:B6:0D:F3:0F:4E:01:DE:90:44:C3:98:DD:F8:17:9E:06 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2FE86C60EBE0BF7EA77B169CEB1746BA7317FBD4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1be81b8b-723f-40f7-b725-279fceb1a1b2.roa Signing time: Sat 12 Jul 2025 00:00:19 +0000 ROA not before: Sat 12 Jul 2025 00:00:19 +0000 ROA not after: Sat 16 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daef:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:e8:6c:60:eb:e0:bf:7e:a7:7b:16:9c:eb:17:46:ba:73:17:fb:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 12 00:00:19 2025 GMT Not After : Aug 16 23:59:59 2025 GMT Subject: serialNumber=88549a334d5c4ec70f7477b1c2919e0a9521d57b9e26b41cfbb01b8a995f59f3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:e3:00:4c:dd:30:5d:7e:a6:7c:a1:74:96:4e: a4:ad:53:d3:54:26:85:08:80:d1:53:42:a7:e9:f8: 40:ba:be:0d:2a:5b:db:04:d8:9c:22:2f:e5:84:47: aa:e9:e8:1f:d1:a7:61:1f:14:c5:fa:54:a1:ae:99: 88:96:cb:a0:78:6a:6c:34:b3:5d:be:5d:1d:0e:2a: aa:2c:17:5f:71:23:96:6d:3d:a8:23:1d:5e:dc:37: ff:2e:f4:38:c1:b7:2e:41:7f:e8:3e:b5:09:35:52: 55:13:a2:08:a9:cc:91:9b:5c:e2:b4:3d:88:51:56: 57:8c:b9:32:98:f2:9f:b3:e4:8e:c6:13:66:39:68: 8a:3d:52:0b:c3:32:3f:92:fe:a4:7a:d9:53:fc:9c: db:61:f5:88:9d:e3:b5:df:cf:9e:82:6a:31:00:3a: 78:71:e9:e5:3d:82:d6:a0:08:dc:3a:3a:f3:e1:b9: dc:26:2d:40:ec:20:b7:ab:b8:52:58:0d:f4:c8:56: 73:6e:69:88:74:e9:a3:d9:ae:ab:27:a0:08:ca:e1: 15:29:d4:16:82:3d:f8:91:58:c5:fc:c8:87:ce:58: f1:1f:47:b1:25:60:bf:d7:11:a0:f7:db:c0:4e:c7: a4:6c:d4:8c:d6:9e:a4:ad:62:f1:fb:1f:bb:05:c9: d5:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:09:4A:7C:B6:0D:F3:0F:4E:01:DE:90:44:C3:98:DD:F8:17:9E:06 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1be81b8b-723f-40f7-b725-279fceb1a1b2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:4000::/40 Signature Algorithm: sha256WithRSAEncryption a6:fc:de:4d:53:e0:4a:78:8a:9c:c5:5f:23:24:7d:eb:3f:ae: ee:dc:06:00:e1:a3:a8:6c:54:74:e9:3b:f4:9d:32:e7:1d:5e: 9c:1b:d5:94:c0:86:c5:00:27:f8:af:b6:fa:58:47:b2:3c:e3: 22:01:ce:6d:89:c8:3c:a0:2b:50:48:59:87:c5:c3:4a:65:02: 5d:2d:d2:12:3e:2c:8c:e2:8e:2c:90:e1:2d:a6:3b:d9:49:56: 49:31:50:00:bb:29:16:05:cb:7e:13:f3:58:33:ed:f0:57:f5: 75:91:e3:3a:39:12:bb:2e:2f:24:e3:7b:63:db:26:c3:e5:a4: 25:fa:f2:76:c6:fe:2b:5c:20:29:25:94:ad:13:f5:2f:c3:e7: 69:60:fd:94:19:4f:22:cd:ef:78:24:bc:0a:8c:e1:c0:3d:64: 06:92:a7:26:22:35:fe:e6:33:c4:3a:ae:b7:a0:69:2b:1b:ea: c4:d3:24:d0:9f:c3:37:4b:99:2a:27:0e:86:d0:fa:f2:fb:a4: 2f:fc:39:6c:b6:c7:be:1d:c6:b3:62:bc:b1:a3:68:cd:d8:32: 0b:7b:e1:db:99:bb:cc:21:12:2e:d8:bf:dc:8f:5d:fa:a6:64: 91:ce:a4:5b:93:60:7b:58:3d:af:da:45:0c:2a:4e:c5:59:01: 37:32:ed:25 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUL+hsYOvgv36nexac6xdGunMX+9QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcxMjAwMDAxOVoX DTI1MDgxNjIzNTk1OVowejFJMEcGA1UEBRNAODg1NDlhMzM0ZDVjNGVjNzBmNzQ3 N2IxYzI5MTllMGE5NTIxZDU3YjllMjZiNDFjZmJiMDFiOGE5OTVmNTlmMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6eMATN0wXX6mfKF0lk6krVPTVCaF CIDRU0Kn6fhAur4NKlvbBNicIi/lhEeq6egf0adhHxTF+lShrpmIlsugeGpsNLNd vl0dDiqqLBdfcSOWbT2oIx1e3Df/LvQ4wbcuQX/oPrUJNVJVE6IIqcyRm1zitD2I UVZXjLkymPKfs+SOxhNmOWiKPVILwzI/kv6ketlT/JzbYfWIneO138+egmoxADp4 cenlPYLWoAjcOjrz4bncJi1A7CC3q7hSWA30yFZzbmmIdOmj2a6rJ6AIyuEVKdQW gj34kVjF/MiHzljxH0exJWC/1xGg99vATsekbNSM1p6krWLx+x+7BcnVUwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMgJSny2DfMPTgHekETDmN34F54GMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFiZTgxYjhiLTcyM2YtNDBmNy1iNzI1LTI3OWZjZWIxYTFiMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba70AwDQYJKoZIhvcNAQELBQADggEBAKb83k1T4Ep4ipzFXyMk fes/ru7cBgDho6hsVHTpO/SdMucdXpwb1ZTAhsUAJ/ivtvpYR7I84yIBzm2JyDyg K1BIWYfFw0plAl0t0hI+LIzijiyQ4S2mO9lJVkkxUAC7KRYFy34T81gz7fBX9XWR 4zo5ErsuLyTje2PbJsPlpCX68nbG/itcICkllK0T9S/D52lg/ZQZTyLN73gkvAqM 4cA9ZAaSpyYiNf7mM8Q6rregaSsb6sTTJNCfwzdLmSonDobQ+vL7pC/8OWy2x74d xrNivLGjaM3YMgt74duZu8whEi7Yv9yPXfqmZJHOpFuTYHtYPa/aRQwqTsVZATcy 7SU= -----END CERTIFICATE-----Generated at Thu Jul 31 00:57:20 2025 by rpki-client