$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/30ec1984-4361-4a36-84f0-f08ade370c25.roa File: 30ec1984-4361-4a36-84f0-f08ade370c25.roa (raw, json) Hash identifier: rFH7IAWDO044OkESpVAVhLXzFVShia8JKEgq357v81I= Subject key identifier: 46:C4:A7:74:C7:36:6F:99:72:23:85:48:30:19:7D:27:69:C5:32:E5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 02E4CA0C254A1FF584503FF001185A7AD10B96E9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/30ec1984-4361-4a36-84f0-f08ade370c25.roa Signing time: Mon 28 Jul 2025 15:10:40 +0000 ROA not before: Mon 28 Jul 2025 15:10:40 +0000 ROA not after: Mon 01 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:60c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:e4:ca:0c:25:4a:1f:f5:84:50:3f:f0:01:18:5a:7a:d1:0b:96:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 28 15:10:40 2025 GMT Not After : Sep 1 23:59:59 2025 GMT Subject: serialNumber=735c6416269576669feb123f8cf82413abb048ded31b80e287e65137fa026f0d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:56:a9:ae:63:05:58:80:72:b3:3e:a8:3f:f1: 09:09:85:24:bb:89:6f:0a:1f:1f:7e:61:9a:1a:b9: bb:20:fa:91:50:06:3a:9e:9b:93:75:2c:29:52:46: 32:a9:0c:f7:74:b6:bc:99:c9:df:13:41:31:f5:2b: a5:59:8b:5c:fb:79:31:76:ac:b7:fd:fa:f6:ca:5c: 96:a6:19:9a:44:86:26:1b:56:02:22:16:01:d9:9e: 0f:ec:98:bf:c7:fa:dc:c8:b2:be:3b:e6:21:8a:8f: a5:2f:83:b8:cb:02:70:2a:bf:20:a2:81:b0:79:75: c2:43:87:79:8b:ef:c3:86:98:41:d9:5f:8b:4e:72: 18:21:de:27:56:f6:58:23:92:e6:4a:0d:0a:37:ae: ec:fa:5e:03:59:4a:e9:2e:5c:ba:a8:ed:51:e3:86: 7d:6f:bd:41:93:dd:94:92:e9:04:61:1b:bb:5c:8e: 62:a9:00:35:1f:43:d9:2d:ab:50:95:a6:27:cc:f6: b3:c5:2c:b6:49:bd:f6:6d:69:94:8d:6a:93:be:b9: 9a:dd:90:a9:68:7c:34:9e:65:af:82:01:63:92:66: b2:66:a2:57:0f:b1:21:d7:ad:fb:69:7e:d3:e5:95: df:bf:4a:cc:3d:06:f0:67:06:d4:cd:e8:e9:0e:c6: 4d:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:C4:A7:74:C7:36:6F:99:72:23:85:48:30:19:7D:27:69:C5:32:E5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/30ec1984-4361-4a36-84f0-f08ade370c25.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:60c0::/48 Signature Algorithm: sha256WithRSAEncryption 89:de:8d:54:40:e9:67:c9:67:d2:93:54:ad:1e:f8:5c:4d:0e: bc:6f:01:bc:37:c5:1c:3a:81:b0:6f:ee:6e:59:73:6c:04:0e: 6d:d7:b3:b3:c3:28:fc:98:f2:cc:be:f7:81:59:50:f0:23:c9: 3a:0b:c3:b8:49:e7:2f:d1:72:08:2d:94:06:45:b2:58:16:9f: 17:70:da:29:1c:62:53:da:aa:db:0e:00:54:4b:ee:d3:c8:ab: 32:97:39:1b:9b:68:27:0a:62:9c:40:b2:3a:0d:92:53:7c:62: 69:ec:c8:ca:e0:8e:4b:8e:96:5b:1d:31:6e:f1:a7:28:5c:6b: 89:b9:48:9d:76:67:06:bf:8a:4d:b1:a8:f7:74:1e:ff:58:80: b6:37:b8:9f:ab:07:b6:25:e1:34:84:99:56:11:4e:27:1b:6d: 18:af:79:d3:64:d0:ca:95:91:2e:a0:07:24:0a:80:d7:a7:87: 8e:5b:8e:b0:d2:cd:d1:d5:71:3b:eb:8e:6e:9a:92:b9:cb:98: c2:8f:97:3a:5e:49:e2:33:d4:9a:50:32:71:1c:ca:db:b0:c6: 35:2d:44:40:f0:e8:28:6e:a7:01:b9:90:ad:40:64:3e:b7:13: 85:5a:aa:d1:0c:c3:76:19:52:be:0f:4a:4b:2c:d3:c3:ad:48: a9:c0:69:e9 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUAuTKDCVKH/WEUD/wARhaetELlukwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyODE1MTA0MFoX DTI1MDkwMTIzNTk1OVowejFJMEcGA1UEBRNANzM1YzY0MTYyNjk1NzY2NjlmZWIx MjNmOGNmODI0MTNhYmIwNDhkZWQzMWI4MGUyODdlNjUxMzdmYTAyNmYwZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVaprmMFWIBysz6oP/EJCYUku4lv Ch8ffmGaGrm7IPqRUAY6npuTdSwpUkYyqQz3dLa8mcnfE0Ex9SulWYtc+3kxdqy3 /fr2ylyWphmaRIYmG1YCIhYB2Z4P7Ji/x/rcyLK+O+Yhio+lL4O4ywJwKr8gooGw eXXCQ4d5i+/DhphB2V+LTnIYId4nVvZYI5LmSg0KN67s+l4DWUrpLly6qO1R44Z9 b71Bk92UkukEYRu7XI5iqQA1H0PZLatQlaYnzPazxSy2Sb32bWmUjWqTvrma3ZCp aHw0nmWvggFjkmayZqJXD7Eh1637aX7T5ZXfv0rMPQbwZwbUzejpDsZNwwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEbEp3THNm+ZciOFSDAZfSdpxTLlMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMwZWMxOTg0LTQzNjEtNGEzNi04NGYwLWYwOGFkZTM3MGMyNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYWDAMA0GCSqGSIb3DQEBCwUAA4IBAQCJ3o1UQOlnyWfSk1St HvhcTQ68bwG8N8UcOoGwb+5uWXNsBA5t17Ozwyj8mPLMvveBWVDwI8k6C8O4Secv 0XIILZQGRbJYFp8XcNopHGJT2qrbDgBUS+7TyKsylzkbm2gnCmKcQLI6DZJTfGJp 7MjK4I5LjpZbHTFu8acoXGuJuUiddmcGv4pNsaj3dB7/WIC2N7ifqwe2JeE0hJlW EU4nG20Yr3nTZNDKlZEuoAckCoDXp4eOW46w0s3R1XE7645umpK5y5jCj5c6Xkni M9SaUDJxHMrbsMY1LURA8OgobqcBuZCtQGQ+txOFWqrRDMN2GVK+D0pLLNPDrUip wGnp -----END CERTIFICATE-----Generated at Thu Jul 31 01:05:47 2025 by rpki-client