$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24d9e029-97cb-43ac-a07a-cb219c1b416c.roa File: 24d9e029-97cb-43ac-a07a-cb219c1b416c.roa (raw, json) Hash identifier: iaudxxgoSC4LxpdUotpT0JrEKEPPONLnvTis+lN6xO8= Subject key identifier: F9:B3:23:C7:99:6E:B3:36:18:CA:95:F6:7C:6A:34:76:BB:1E:79:6E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2C441741278C6AD8BAB0C28C9BF6616BB7E476C0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24d9e029-97cb-43ac-a07a-cb219c1b416c.roa Signing time: Tue 29 Jul 2025 00:20:58 +0000 ROA not before: Tue 29 Jul 2025 00:20:58 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:44:17:41:27:8c:6a:d8:ba:b0:c2:8c:9b:f6:61:6b:b7:e4:76:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:20:58 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=0e234946b15a8a4e3d67b1d13904f6a871a26b5ada8fb3c592efac103ecfba10, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:0c:6d:ed:71:d6:32:56:6b:40:5e:e4:ed:c9: b3:16:44:a0:32:a0:dc:49:aa:03:b9:8f:ab:e8:31: 79:98:33:9c:3d:99:c5:ca:db:54:07:7a:95:a8:2b: 6a:a0:17:7b:89:32:8f:18:48:9b:65:31:b2:21:11: c2:f8:fc:96:cb:5d:8e:e2:38:33:a3:af:96:1d:eb: 88:5e:5a:6b:35:70:ff:8b:08:6a:6b:e4:fa:2a:91: 92:b7:c3:8f:9b:b1:38:83:5b:56:9d:b5:e4:f0:19: 10:4c:e8:56:9d:5f:a4:22:fe:38:1b:fa:4b:96:0a: f9:f4:dd:bd:c5:9d:97:6f:a2:13:7b:c6:1f:b7:f5: 60:28:2d:d6:bc:e2:51:65:43:ef:4d:fd:0d:a2:c4: 8b:e3:39:63:6f:ac:27:35:50:fa:e6:94:c4:40:c3: 4d:47:7f:68:9e:1b:55:63:a2:21:ff:cd:fa:17:26: 4d:42:e2:e3:d9:e4:6e:dc:4d:8c:be:fe:e0:72:92: 3f:88:53:2c:72:ce:67:20:36:dd:04:bc:17:54:c4: d8:c8:2b:0e:4f:d4:eb:d9:7e:f7:60:e8:32:ed:1b: 6a:01:42:9d:8d:4e:64:8d:7f:44:c9:44:d6:0d:5d: 4c:90:30:c5:b1:31:a3:ed:f0:53:08:da:f3:7e:25: d0:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:B3:23:C7:99:6E:B3:36:18:CA:95:F6:7C:6A:34:76:BB:1E:79:6E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24d9e029-97cb-43ac-a07a-cb219c1b416c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:e000::/40 Signature Algorithm: sha256WithRSAEncryption b3:fb:28:6b:73:0a:1c:36:a3:90:01:92:c3:d2:f4:93:81:88: a7:68:f6:b4:88:f3:ef:6b:ac:17:77:05:aa:4e:9f:82:8c:8b: 5a:7f:24:17:a9:60:2b:a2:36:65:20:97:e5:09:9b:9b:48:39: 67:55:89:ff:6b:26:ae:af:a0:90:b5:0f:4a:ef:cb:48:1d:a4: 3d:36:48:4a:62:c6:55:49:63:4a:91:e1:9f:a7:48:2b:34:d2: 8a:1d:ff:30:02:c7:34:60:24:29:56:17:29:8e:0b:23:b4:7e: a7:07:5f:15:22:09:1c:8f:2c:36:42:d3:c4:63:27:f6:cb:73: e7:17:45:36:09:15:33:3f:64:41:56:39:18:92:72:44:c7:ee: 47:0b:72:8f:f1:46:54:b0:b7:89:28:b2:e3:49:61:c2:1b:75: 98:f0:30:89:96:89:36:e7:22:29:ea:25:30:d2:31:ca:3c:68: 3b:85:3b:97:4a:d7:b8:93:d8:73:3d:2e:fa:57:1e:e3:eb:0b: f0:5a:1c:86:8b:04:32:57:1d:81:c4:95:77:91:9a:4b:a6:d1: f0:b6:c6:1c:d5:d3:c6:f7:d0:a9:fb:13:d1:50:a0:f5:ff:e8: 54:71:e6:b0:65:84:b8:03:ad:c3:3c:4a:a1:b2:ee:35:18:b3: bc:14:88:b0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULEQXQSeMati6sMKMm/Zha7fkdsAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwMjA1OFoX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNAMGUyMzQ5NDZiMTVhOGE0ZTNkNjdi MWQxMzkwNGY2YTg3MWEyNmI1YWRhOGZiM2M1OTJlZmFjMTAzZWNmYmExMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wxt7XHWMlZrQF7k7cmzFkSgMqDc SaoDuY+r6DF5mDOcPZnFyttUB3qVqCtqoBd7iTKPGEibZTGyIRHC+PyWy12O4jgz o6+WHeuIXlprNXD/iwhqa+T6KpGSt8OPm7E4g1tWnbXk8BkQTOhWnV+kIv44G/pL lgr59N29xZ2Xb6ITe8Yft/VgKC3WvOJRZUPvTf0NosSL4zljb6wnNVD65pTEQMNN R39onhtVY6Ih/836FyZNQuLj2eRu3E2Mvv7gcpI/iFMscs5nIDbdBLwXVMTYyCsO T9Tr2X73YOgy7RtqAUKdjU5kjX9EyUTWDV1MkDDFsTGj7fBTCNrzfiXQCwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPmzI8eZbrM2GMqV9nxqNHa7HnluMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI0ZDllMDI5LTk3Y2ItNDNhYy1hMDdhLWNiMjE5YzFiNDE2Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYeAwDQYJKoZIhvcNAQELBQADggEBALP7KGtzChw2o5ABksPS 9JOBiKdo9rSI8+9rrBd3BapOn4KMi1p/JBepYCuiNmUgl+UJm5tIOWdVif9rJq6v oJC1D0rvy0gdpD02SEpixlVJY0qR4Z+nSCs00ood/zACxzRgJClWFymOCyO0fqcH XxUiCRyPLDZC08RjJ/bLc+cXRTYJFTM/ZEFWORiSckTH7kcLco/xRlSwt4kosuNJ YcIbdZjwMImWiTbnIinqJTDSMco8aDuFO5dK17iT2HM9LvpXHuPrC/BaHIaLBDJX HYHElXeRmkum0fC2xhzV08b30Kn7E9FQoPX/6FRx5rBlhLgDrcM8SqGy7jUYs7wU iLA= -----END CERTIFICATE-----Generated at Thu Jul 31 01:04:10 2025 by rpki-client