$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3148069d-696b-400f-add6-d6a5c03e9c9e.roa File: 3148069d-696b-400f-add6-d6a5c03e9c9e.roa (raw, json) Hash identifier: YgQK4LtaBBPZWR7cMs77jbn4vZfnI/Qhw4/kT+Ah3eM= Subject key identifier: 7D:F8:5D:49:E1:88:D2:44:07:39:E2:E2:64:79:D8:07:09:04:95:67 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 028C59ABC6F0DF06903D8D38733EB314D41789D8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3148069d-696b-400f-add6-d6a5c03e9c9e.roa Signing time: Mon 07 Jul 2025 15:20:49 +0000 ROA not before: Mon 07 Jul 2025 15:20:49 +0000 ROA not after: Mon 11 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:4800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:8c:59:ab:c6:f0:df:06:90:3d:8d:38:73:3e:b3:14:d4:17:89:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 7 15:20:49 2025 GMT Not After : Aug 11 23:59:59 2025 GMT Subject: serialNumber=d6744038677cd947efab083997d8ad66176e1576a34ce1fb288707c94dabc06b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:3d:3f:06:96:f3:8b:49:65:99:5f:b1:b2:08: 91:21:35:4c:1f:4e:4a:bd:0b:d6:d3:91:8a:8d:91: 73:b5:ac:ab:f7:e4:ef:d7:16:6b:dd:c7:85:8a:29: 00:06:1d:15:a4:b5:b6:a6:77:eb:f5:5d:42:7f:76: f2:20:52:22:f0:6a:7c:f2:f9:f7:fc:02:af:c9:b3: 4f:f7:b0:30:8c:22:6f:11:a0:72:23:8f:ec:08:71: e2:60:31:f6:38:1f:ed:9a:66:fc:d8:ae:fb:22:28: df:96:9f:6b:b6:b9:f7:a5:1e:d0:05:48:6c:63:4b: 8b:2d:0f:36:f9:08:00:9c:5f:89:bd:cc:38:95:5d: 0e:64:59:37:90:c1:b0:6a:2a:55:5d:aa:db:bd:97: 5a:55:62:ce:f1:1d:df:95:d1:72:b4:2a:3c:38:92: f3:d7:8d:6f:96:51:ae:c6:71:d2:3c:7a:3d:f2:72: fa:65:ef:67:70:41:f6:88:3b:33:97:b5:d5:da:5b: 11:fa:ce:b2:a7:6a:e1:9b:65:48:ba:cc:dc:98:a7: 4d:01:c8:e1:d6:30:f5:1e:aa:ce:96:6a:e4:a7:27: 35:32:88:e3:5f:12:e5:6a:68:9c:be:0a:00:7f:ef: d3:94:9f:a7:ca:98:ad:90:01:dd:93:a2:38:90:a6: aa:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:F8:5D:49:E1:88:D2:44:07:39:E2:E2:64:79:D8:07:09:04:95:67 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3148069d-696b-400f-add6-d6a5c03e9c9e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:4800::/40 Signature Algorithm: sha256WithRSAEncryption 17:ff:ac:62:4e:95:1c:46:9d:f6:78:62:bd:d9:1e:e7:5c:40: 26:fb:98:17:1f:19:9c:68:09:60:e7:3e:55:e7:76:c5:22:11: b3:d0:ba:6e:75:f2:79:bf:e9:bb:a6:fd:e6:db:0f:18:2c:da: f2:5f:88:2a:2c:29:9e:66:d8:17:6d:47:99:2e:ac:b9:fe:e3: a3:05:7e:fb:7d:76:2b:89:2f:9f:25:57:9a:af:97:5f:30:56: 80:a7:be:3b:fa:53:c9:dd:35:57:1c:e2:ea:5c:33:6a:76:06: e3:d1:90:44:ba:f7:eb:e0:2d:22:c8:23:6c:b8:e4:1d:b0:72: 5e:05:1a:3f:18:cb:9d:d8:cc:d8:e2:48:bc:76:d0:ff:9f:75: 44:de:a1:f6:12:dd:8c:3b:8e:d7:b5:53:04:da:29:f7:d6:a0: 7f:26:54:df:d5:30:1e:9a:9b:5f:71:a0:b1:f0:67:37:c3:4f: e1:fd:8f:53:68:5c:ad:67:bf:8d:24:8a:6a:9b:fd:2f:94:e9: 03:77:80:93:38:6f:aa:48:d8:dd:10:20:f7:8f:19:5f:64:f2: df:78:bb:de:f1:74:8f:ee:c9:a1:4b:73:c2:71:de:ed:b0:e5: b4:3f:d4:ca:fd:c5:29:90:17:c1:44:ce:39:73:20:35:e5:5a: ab:88:87:10 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUAoxZq8bw3waQPY04cz6zFNQXidgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE1MjA0OVoX DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAZDY3NDQwMzg2NzdjZDk0N2VmYWIw ODM5OTdkOGFkNjYxNzZlMTU3NmEzNGNlMWZiMjg4NzA3Yzk0ZGFiYzA2YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1D0/Bpbzi0llmV+xsgiRITVMH05K vQvW05GKjZFztayr9+Tv1xZr3ceFiikABh0VpLW2pnfr9V1Cf3byIFIi8Gp88vn3 /AKvybNP97AwjCJvEaByI4/sCHHiYDH2OB/tmmb82K77Iijflp9rtrn3pR7QBUhs Y0uLLQ82+QgAnF+Jvcw4lV0OZFk3kMGwaipVXarbvZdaVWLO8R3fldFytCo8OJLz 141vllGuxnHSPHo98nL6Ze9ncEH2iDszl7XV2lsR+s6yp2rhm2VIuszcmKdNAcjh 1jD1HqrOlmrkpyc1MojjXxLlamicvgoAf+/TlJ+nypitkAHdk6I4kKaqBwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFH34XUnhiNJEBzni4mR52AcJBJVnMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMxNDgwNjlkLTY5NmItNDAwZi1hZGQ2LWQ2YTVjMDNlOWM5ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauEgwDQYJKoZIhvcNAQELBQADggEBABf/rGJOlRxGnfZ4Yr3Z HudcQCb7mBcfGZxoCWDnPlXndsUiEbPQum518nm/6bum/ebbDxgs2vJfiCosKZ5m 2BdtR5kurLn+46MFfvt9diuJL58lV5qvl18wVoCnvjv6U8ndNVcc4upcM2p2BuPR kES69+vgLSLII2y45B2wcl4FGj8Yy53YzNjiSLx20P+fdUTeofYS3Yw7jte1UwTa KffWoH8mVN/VMB6am19xoLHwZzfDT+H9j1NoXK1nv40kimqb/S+U6QN3gJM4b6pI 2N0QIPePGV9k8t94u97xdI/uyaFLc8Jx3u2w5bQ/1Mr9xSmQF8FEzjlzIDXlWquI hxA= -----END CERTIFICATE-----Generated at Thu Jul 31 01:00:40 2025 by rpki-client