$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa File: 2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa (raw, json) Hash identifier: gcOGyEYgp2zWVJb/QwVUWjlY8ZCyWHBQVTGp3p2gdls= Subject key identifier: 5B:DB:13:3D:AB:26:2D:B7:D2:B7:E4:4D:5C:CE:E8:7D:BA:AE:57:57 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6B1E204B31F85181E1FAE8E04D2CF314A1DA7939 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa Signing time: Wed 23 Jul 2025 00:00:11 +0000 ROA not before: Wed 23 Jul 2025 00:00:11 +0000 ROA not after: Wed 27 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf9::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:1e:20:4b:31:f8:51:81:e1:fa:e8:e0:4d:2c:f3:14:a1:da:79:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 23 00:00:11 2025 GMT Not After : Aug 27 23:59:59 2025 GMT Subject: serialNumber=9125b884c5a85cac60479b7c27249999fe1df2881226dcf07a7e8b1a30620ba1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:9b:30:ec:64:a8:f5:3f:fd:bf:58:a5:19:8b: 90:42:98:4b:7d:e1:2a:76:3b:fe:7b:2f:b6:f0:3f: 09:7c:24:14:b7:dd:16:c5:dc:fb:67:26:c5:14:63: 09:e3:bc:a6:4b:3a:72:3c:13:85:2e:50:6e:d3:62: dc:a7:0f:e2:71:93:cf:55:e9:a4:cc:ad:df:d9:d1: 7d:b0:5c:67:1a:13:a3:d5:cc:71:3b:ce:b2:ed:6c: bf:55:30:bc:35:21:e2:fb:ad:09:13:24:1e:df:d2: 4a:c3:b4:6b:f4:15:3c:b6:88:a7:0b:bb:27:a4:39: 46:f7:a7:b4:80:4b:11:9d:61:2c:e5:c5:52:23:0b: f4:fd:d4:c3:4e:e6:67:d9:3e:87:eb:65:9a:19:c6: 30:45:c4:8f:05:fb:97:18:bc:1c:69:fb:c6:41:d6: b2:d0:0b:99:5d:7f:c4:74:c4:49:02:40:af:47:d5: 2d:f0:78:3c:f5:07:a2:64:eb:89:bd:40:d9:12:dd: 03:58:fd:ee:b3:f0:a2:46:3d:0e:8b:69:a1:ae:dc: 34:2f:80:67:3d:a7:d3:24:78:20:28:94:3f:c4:ac: b3:8b:9f:83:9e:99:74:22:d0:9c:d7:07:00:b1:4a: da:45:9c:20:be:a8:39:9e:42:4e:2d:60:ec:36:f9: 29:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:DB:13:3D:AB:26:2D:B7:D2:B7:E4:4D:5C:CE:E8:7D:BA:AE:57:57 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf9::/32 Signature Algorithm: sha256WithRSAEncryption 49:66:9f:92:fb:35:81:b4:78:81:5b:2f:99:f8:ef:63:37:3f: 21:96:20:4d:4a:36:63:72:dd:8e:c2:a1:76:2d:e7:13:34:9e: 6d:ca:76:cf:79:10:91:3a:cb:77:56:9b:7d:05:e0:76:86:fd: 4a:3c:e9:5e:6b:50:d5:ae:88:8e:ae:34:be:ae:91:60:f4:dd: f0:7f:c4:5d:0e:0d:a1:54:27:98:c9:d0:f2:24:a8:48:ec:ed: db:ad:97:0c:a1:59:81:eb:4c:89:19:5d:a5:10:65:77:7a:4f: f5:6e:ff:c7:c4:55:87:3e:f0:52:f0:4c:17:90:e3:e5:88:1f: 1c:40:79:93:22:08:bb:c9:3e:83:d2:4a:65:66:2f:50:b7:9b: b5:e9:74:25:6f:83:f6:8e:dc:92:72:4d:74:9f:68:71:2d:32: 2e:95:63:71:14:fd:9d:bf:c4:29:c5:f8:27:b2:c1:0d:1e:e2: 3c:99:e2:84:20:91:af:3e:93:49:72:c3:57:57:76:73:4f:16: 69:6c:69:0f:75:3f:06:9c:92:a6:b2:c6:5a:02:77:d5:7e:d0: 26:7e:07:0c:51:30:2b:52:7f:b4:01:62:42:48:f5:fd:5c:a8: 45:24:7c:8a:10:a8:e9:0d:8d:36:95:9d:dc:dd:7c:b0:94:b4: 9e:a8:e9:32 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUax4gSzH4UYHh+ujgTSzzFKHaeTkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMzAwMDAxMVoX DTI1MDgyNzIzNTk1OVowejFJMEcGA1UEBRNAOTEyNWI4ODRjNWE4NWNhYzYwNDc5 YjdjMjcyNDk5OTlmZTFkZjI4ODEyMjZkY2YwN2E3ZThiMWEzMDYyMGJhMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Zsw7GSo9T/9v1ilGYuQQphLfeEq djv+ey+28D8JfCQUt90Wxdz7ZybFFGMJ47ymSzpyPBOFLlBu02Lcpw/icZPPVemk zK3f2dF9sFxnGhOj1cxxO86y7Wy/VTC8NSHi+60JEyQe39JKw7Rr9BU8toinC7sn pDlG96e0gEsRnWEs5cVSIwv0/dTDTuZn2T6H62WaGcYwRcSPBfuXGLwcafvGQday 0AuZXX/EdMRJAkCvR9Ut8Hg89QeiZOuJvUDZEt0DWP3us/CiRj0Oi2mhrtw0L4Bn PafTJHggKJQ/xKyzi5+Dnpl0ItCc1wcAsUraRZwgvqg5nkJOLWDsNvkpDwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFFvbEz2rJi230rfkTVzO6H26rldXMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJkODJkNjhjLWI2NjAtNDAxOC05ZmIxLWE5NmM5ZmRkNzc5My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAba+TANBgkqhkiG9w0BAQsFAAOCAQEASWafkvs1gbR4gVsvmfjv Yzc/IZYgTUo2Y3LdjsKhdi3nEzSebcp2z3kQkTrLd1abfQXgdob9SjzpXmtQ1a6I jq40vq6RYPTd8H/EXQ4NoVQnmMnQ8iSoSOzt262XDKFZgetMiRldpRBld3pP9W7/ x8RVhz7wUvBMF5Dj5YgfHEB5kyIIu8k+g9JKZWYvULebtel0JW+D9o7cknJNdJ9o cS0yLpVjcRT9nb/EKcX4J7LBDR7iPJnihCCRrz6TSXLDV1d2c08WaWxpD3U/BpyS prLGWgJ31X7QJn4HDFEwK1J/tAFiQkj1/VyoRSR8ihCo6Q2NNpWd3N18sJS0nqjp Mg== -----END CERTIFICATE-----Generated at Thu Jul 31 00:57:20 2025 by rpki-client