$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3132158f-89b9-4064-adce-f249f4489521.roa File: 3132158f-89b9-4064-adce-f249f4489521.roa (raw, json) Hash identifier: zG+Kd/RHBejgvXkRvE3bavW2/aek4RTLVpyUggAbC9g= Subject key identifier: 18:7B:89:6F:36:C8:B4:C6:4A:35:A5:1D:AD:BA:67:76:D4:93:34:9A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 601C327AA629A9D7B9F735935AAF16A988288C33 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3132158f-89b9-4064-adce-f249f4489521.roa Signing time: Fri 25 Jul 2025 00:01:42 +0000 ROA not before: Fri 25 Jul 2025 00:01:42 +0000 ROA not after: Fri 29 Aug 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da60:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:1c:32:7a:a6:29:a9:d7:b9:f7:35:93:5a:af:16:a9:88:28:8c:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 25 00:01:42 2025 GMT Not After : Aug 29 23:59:59 2025 GMT Subject: serialNumber=e3ec1aa30f8e896a66b824cfd597540e1f078d0a6cd815707cd992318c235132, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:98:04:01:6b:6f:95:2b:5b:06:d3:75:78:d1: c1:da:a1:53:6c:8b:0a:73:24:00:64:d7:aa:27:dc: d8:b3:01:3f:1f:eb:31:5e:65:54:62:c1:6b:a2:fe: 50:2c:14:1f:62:a6:dd:f8:90:3c:17:e6:4e:17:ad: 2b:0f:2b:d2:d5:68:3a:6b:52:3e:55:db:21:ab:5e: d8:3a:8f:42:14:f3:81:cc:2f:18:cd:bf:c0:a2:06: a9:a0:d9:21:11:ea:ac:0a:b8:c8:ae:94:bb:63:4d: f0:0f:2a:92:b0:ca:d3:3e:95:71:14:7d:49:18:48: 04:ad:e7:4b:df:fc:00:6e:b4:df:8a:db:de:a8:4a: c9:3b:26:d7:01:be:db:d3:1f:26:e6:ac:51:98:33: 30:e0:b9:17:10:82:31:1c:31:17:a5:91:d9:85:07: 65:54:37:d4:06:5c:d0:86:f4:59:da:12:f2:b0:9a: bd:15:b5:a9:e7:30:48:e7:5f:3e:e7:e7:8f:9a:42: 9e:5c:8a:aa:27:ac:b3:14:4a:b3:82:7a:d7:be:c4: dc:03:18:de:1e:a4:cc:40:83:d9:c5:70:2a:9e:dc: 34:5f:61:f6:95:8d:e0:ad:54:c7:3e:38:6f:72:70: 71:f1:16:c1:7b:10:01:98:20:e9:51:7b:8e:ab:33: c1:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:7B:89:6F:36:C8:B4:C6:4A:35:A5:1D:AD:BA:67:76:D4:93:34:9A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3132158f-89b9-4064-adce-f249f4489521.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:2800::/40 Signature Algorithm: sha256WithRSAEncryption 7f:bb:f1:65:1c:f9:19:a4:03:6c:e4:00:c9:ff:da:ff:4d:a3: a7:82:80:a4:7d:1d:30:c2:4b:30:8d:78:e1:7c:c2:be:0f:57: 55:f4:a3:91:7a:7d:d1:7a:92:f1:3d:47:df:31:32:bc:bc:db: d1:48:90:2f:06:71:c0:38:bb:d1:d1:64:eb:86:cc:ad:ad:7e: 79:6a:83:b1:9c:8d:c1:02:d0:5f:4c:60:08:53:8b:a8:08:c6: 0d:68:c0:9f:7c:9b:a0:ad:a5:6e:a4:06:46:18:a8:c6:ce:bb: 3c:c0:61:0b:f6:df:e5:b9:95:a0:8f:d6:d2:d1:4d:8f:2d:60: 11:17:bb:85:da:dc:d9:06:6b:f5:f2:f3:94:b0:24:7b:e0:7d: 3d:dc:5f:4b:c8:98:88:06:a0:9c:1e:85:02:86:11:e3:46:9b: 34:24:98:37:c2:bc:53:9a:4e:b2:80:06:53:ba:4b:fb:47:db: bf:74:d1:46:82:a9:0e:8f:ea:4d:9b:1b:15:75:86:99:fc:59: 84:0b:9f:36:93:96:6c:65:da:1a:81:87:d9:17:4e:f0:58:df: 13:bb:d9:2f:bd:ab:01:e5:d4:f1:44:34:9c:c2:36:cb:81:f2: 9b:f4:36:61:10:10:f3:56:e5:70:c9:d7:96:4b:c6:f3:b7:62: fd:5a:94:f1 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUYBwyeqYpqde59zWTWq8WqYgojDMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyNTAwMDE0MloX DTI1MDgyOTIzNTk1OVowejFJMEcGA1UEBRNAZTNlYzFhYTMwZjhlODk2YTY2Yjgy NGNmZDU5NzU0MGUxZjA3OGQwYTZjZDgxNTcwN2NkOTkyMzE4YzIzNTEzMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15gEAWtvlStbBtN1eNHB2qFTbIsK cyQAZNeqJ9zYswE/H+sxXmVUYsFrov5QLBQfYqbd+JA8F+ZOF60rDyvS1Wg6a1I+ Vdshq17YOo9CFPOBzC8Yzb/AogapoNkhEeqsCrjIrpS7Y03wDyqSsMrTPpVxFH1J GEgEredL3/wAbrTfitveqErJOybXAb7b0x8m5qxRmDMw4LkXEIIxHDEXpZHZhQdl VDfUBlzQhvRZ2hLysJq9FbWp5zBI518+5+ePmkKeXIqqJ6yzFEqzgnrXvsTcAxje HqTMQIPZxXAqntw0X2H2lY3grVTHPjhvcnBx8RbBexABmCDpUXuOqzPBiQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBh7iW82yLTGSjWlHa26Z3bUkzSaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMxMzIxNThmLTg5YjktNDA2NC1hZGNlLWYyNDlmNDQ4OTUyMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYCgwDQYJKoZIhvcNAQELBQADggEBAH+78WUc+RmkA2zkAMn/ 2v9No6eCgKR9HTDCSzCNeOF8wr4PV1X0o5F6fdF6kvE9R98xMry829FIkC8GccA4 u9HRZOuGzK2tfnlqg7GcjcEC0F9MYAhTi6gIxg1owJ98m6CtpW6kBkYYqMbOuzzA YQv23+W5laCP1tLRTY8tYBEXu4Xa3NkGa/Xy85SwJHvgfT3cX0vImIgGoJwehQKG EeNGmzQkmDfCvFOaTrKABlO6S/tH27900UaCqQ6P6k2bGxV1hpn8WYQLnzaTlmxl 2hqBh9kXTvBY3xO72S+9qwHl1PFENJzCNsuB8pv0NmEQEPNW5XDJ15ZLxvO3Yv1a lPE= -----END CERTIFICATE-----Generated at Thu Jul 31 01:05:51 2025 by rpki-client