$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3050c822-214a-42c8-80c6-ab24f49ef5df.roa File: 3050c822-214a-42c8-80c6-ab24f49ef5df.roa (raw, json) Hash identifier: IFeTT3LCkjeJ5sVD9/FhC2rFvPWJRFPRG11JSjUEdyo= Subject key identifier: 7A:94:5A:05:0E:32:9F:8E:1F:97:AA:F4:23:E2:A9:F5:86:79:00:CF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5FA1C0DB0FC1F71366261C26F3BCBB8D5D68B0B4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3050c822-214a-42c8-80c6-ab24f49ef5df.roa Signing time: Mon 28 Jul 2025 15:01:21 +0000 ROA not before: Mon 28 Jul 2025 15:01:21 +0000 ROA not after: Mon 01 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:c040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:a1:c0:db:0f:c1:f7:13:66:26:1c:26:f3:bc:bb:8d:5d:68:b0:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 28 15:01:21 2025 GMT Not After : Sep 1 23:59:59 2025 GMT Subject: serialNumber=a1b362cfd3e3c93e6119ca15f418e2b4b8aa14197c5b965ac365fccfe8d6115e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:28:83:ba:32:41:9b:ae:be:a8:b7:59:3b:89: 2e:71:1b:e8:4b:b5:63:00:30:10:b2:7f:95:4b:a5: a2:12:c0:95:16:d8:7d:63:84:a5:ce:5b:2a:66:56: 9b:cc:65:3a:2a:d1:76:49:25:df:b7:cf:fc:39:4d: 42:9b:d4:d0:48:79:6f:15:f0:01:76:1c:35:5c:22: 26:71:51:28:be:fb:7d:31:5e:85:b8:01:b8:0d:c7: 45:68:c6:5d:13:89:97:11:6b:ea:d6:f4:dd:18:7a: 76:3b:32:00:bf:05:17:cc:91:f6:18:33:46:d3:a4: 46:0c:66:c4:a7:e2:c1:56:22:36:51:57:6b:7f:0a: 12:16:c1:8a:34:b8:a0:6b:f1:2a:f5:08:0e:34:11: e5:4d:96:a4:fb:ea:75:94:bc:e7:f2:02:82:c7:e1: c6:7e:7f:3b:08:d4:e4:ea:d9:7d:37:67:fd:6b:85: 14:52:12:e6:a4:6a:b9:ac:ef:e2:bd:fd:d1:f9:56: 87:82:8d:19:64:c7:86:5e:45:e4:58:4c:de:98:db: 62:c4:d2:24:0f:1e:43:95:6e:62:35:5e:03:1e:51: c9:85:32:a0:8d:84:05:37:75:ff:07:a2:b9:b2:03: 33:bb:fc:23:73:02:8a:6d:82:e3:25:dc:50:b0:f5: 50:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:94:5A:05:0E:32:9F:8E:1F:97:AA:F4:23:E2:A9:F5:86:79:00:CF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3050c822-214a-42c8-80c6-ab24f49ef5df.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:c040::/48 Signature Algorithm: sha256WithRSAEncryption 34:5a:56:21:27:4b:fd:65:8c:7f:e1:20:4e:46:2f:82:bc:1f: 36:fd:a2:13:7b:8d:6d:1d:5a:0d:a2:79:fc:ba:00:14:77:b4: f4:ff:99:85:39:e0:06:9a:27:78:bb:71:1e:ce:cb:7e:7f:ee: 2f:3c:02:41:3d:32:64:08:15:c3:ae:b9:95:01:6f:88:96:42: de:ed:e1:36:f7:0d:6a:92:a2:cb:a7:d7:71:ac:61:b4:a7:9a: c5:8d:8f:f3:0a:42:dd:2f:f7:52:79:1f:39:e3:f4:31:55:8b: b4:32:24:c7:b8:51:e6:ad:0a:f4:15:d1:0f:1b:7e:7a:71:52: 54:c0:c2:c8:1d:05:0d:af:83:95:94:dd:8a:f2:0d:88:ba:51: a8:06:1e:14:4d:6e:fe:eb:7a:46:26:06:ce:4a:d3:7d:9d:43: 07:c7:22:86:ce:27:f4:a8:9a:d2:d3:cc:13:75:43:89:95:e4: 83:00:7e:13:ca:9f:c4:12:a7:9c:fc:93:73:25:b8:1d:bf:66: 25:e7:96:f4:84:ba:68:39:eb:90:e8:d0:8c:03:e9:ae:81:33: 81:70:ae:9a:bd:0b:bb:b2:25:b9:3e:6c:67:47:ef:1c:8a:f2: 26:21:64:0b:ef:a5:61:30:21:a6:f7:f6:e8:17:c3:b8:cf:2a: 5f:d8:0b:e3 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUX6HA2w/B9xNmJhwm87y7jV1osLQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyODE1MDEyMVoX DTI1MDkwMTIzNTk1OVowejFJMEcGA1UEBRNAYTFiMzYyY2ZkM2UzYzkzZTYxMTlj YTE1ZjQxOGUyYjRiOGFhMTQxOTdjNWI5NjVhYzM2NWZjY2ZlOGQ2MTE1ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiiDujJBm66+qLdZO4kucRvoS7Vj ADAQsn+VS6WiEsCVFth9Y4SlzlsqZlabzGU6KtF2SSXft8/8OU1Cm9TQSHlvFfAB dhw1XCImcVEovvt9MV6FuAG4DcdFaMZdE4mXEWvq1vTdGHp2OzIAvwUXzJH2GDNG 06RGDGbEp+LBViI2UVdrfwoSFsGKNLiga/Eq9QgONBHlTZak++p1lLzn8gKCx+HG fn87CNTk6tl9N2f9a4UUUhLmpGq5rO/ivf3R+VaHgo0ZZMeGXkXkWEzemNtixNIk Dx5DlW5iNV4DHlHJhTKgjYQFN3X/B6K5sgMzu/wjcwKKbYLjJdxQsPVQXQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHqUWgUOMp+OH5eq9CPiqfWGeQDPMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMwNTBjODIyLTIxNGEtNDJjOC04MGM2LWFiMjRmNDllZjVkZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8sBAMA0GCSqGSIb3DQEBCwUAA4IBAQA0WlYhJ0v9ZYx/4SBO Ri+CvB82/aITe41tHVoNonn8ugAUd7T0/5mFOeAGmid4u3Eezst+f+4vPAJBPTJk CBXDrrmVAW+IlkLe7eE29w1qkqLLp9dxrGG0p5rFjY/zCkLdL/dSeR854/QxVYu0 MiTHuFHmrQr0FdEPG356cVJUwMLIHQUNr4OVlN2K8g2IulGoBh4UTW7+63pGJgbO StN9nUMHxyKGzif0qJrS08wTdUOJleSDAH4Typ/EEqec/JNzJbgdv2Yl55b0hLpo OeuQ6NCMA+mugTOBcK6avQu7siW5PmxnR+8civImIWQL76VhMCGm9/boF8O4zypf 2Avj -----END CERTIFICATE-----Generated at Thu Jul 31 00:58:22 2025 by rpki-client