$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/31d82ebe-09a5-48fe-8169-b4de58988b94.roa File: 31d82ebe-09a5-48fe-8169-b4de58988b94.roa (raw, json) Hash identifier: Nu5NtRGbBsbBjtCSJSq77MFYkCGw1vV3xtfL3Co1hUo= Subject key identifier: A0:66:0F:8C:24:1A:04:40:88:96:9E:AA:3D:01:D0:25:44:14:0A:2B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1376C863F415295D425488BEDFA52ECCFC298C86 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/31d82ebe-09a5-48fe-8169-b4de58988b94.roa Signing time: Mon 07 Jul 2025 15:51:17 +0000 ROA not before: Mon 07 Jul 2025 15:51:17 +0000 ROA not after: Mon 11 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1a::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:76:c8:63:f4:15:29:5d:42:54:88:be:df:a5:2e:cc:fc:29:8c:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 7 15:51:17 2025 GMT Not After : Aug 11 23:59:59 2025 GMT Subject: serialNumber=c4ec71deefbc95321ceacab3d281a74680609daf4be43499ef625ce09f204d16, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:0f:7c:c9:37:f2:2d:a8:7a:54:7e:35:76:eb: da:df:bb:49:38:ea:32:d9:f0:ce:fc:e5:36:cf:a7: ba:50:26:a0:17:4b:fa:93:31:1e:b4:f8:ee:51:17: 99:0e:f1:1e:c7:23:b2:43:3b:b1:ba:e8:ec:3d:0d: af:f2:e9:32:20:1d:ec:92:24:85:d4:15:6a:4b:2a: 9d:98:07:fd:c4:2c:47:b1:19:18:49:b0:ca:d2:f5: cd:5d:6e:10:e5:95:b5:32:b3:45:6d:9a:02:7d:a9: 1b:89:c7:3b:74:23:25:63:ab:eb:a0:37:be:5d:4d: 5c:05:b7:4e:e5:6c:06:38:2c:ce:7b:45:ff:0a:42: 9a:69:93:5f:cc:48:e1:70:85:09:94:0e:af:55:41: 35:69:3b:d1:9c:91:6f:da:1d:37:59:10:f7:94:77: 2b:ed:e3:00:d0:a3:80:9a:cd:9d:15:8a:37:f8:a7: 13:78:51:b9:b0:3f:52:63:15:cd:92:6c:94:a6:8a: ef:03:63:4c:d8:ac:a3:6c:20:12:24:02:c1:40:25: 9b:b2:9d:fa:18:65:cd:26:4f:f3:f1:37:8a:2c:56: de:a9:a7:2f:8e:5e:d6:cc:3a:cf:ab:dd:ee:0d:bf: a2:27:40:11:88:35:68:9e:f5:d7:50:55:71:09:85: dd:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:66:0F:8C:24:1A:04:40:88:96:9E:AA:3D:01:D0:25:44:14:0A:2B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/31d82ebe-09a5-48fe-8169-b4de58988b94.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1a::/36 Signature Algorithm: sha256WithRSAEncryption 90:31:70:37:6c:ab:1d:57:bb:6e:76:df:be:9d:3d:8c:f7:e0: 37:e3:0f:61:ba:76:c5:48:54:9e:19:e8:d1:d1:90:16:85:ce: 26:ea:c6:62:ab:c7:0f:fe:45:6b:24:76:2d:cb:21:7c:46:0a: 90:ef:87:9c:e9:56:97:46:12:e3:5d:49:97:a3:fd:09:91:93: c8:d3:ca:17:3e:c4:8c:25:04:50:2a:d7:2b:1d:1a:a0:76:c6: 51:3f:ce:01:bd:e6:33:bb:d4:eb:5c:b9:ed:2a:05:05:42:5a: 60:a8:ca:52:87:e3:a0:c8:86:3a:fe:cf:99:2f:1b:46:23:32: e8:66:ba:87:b4:27:2e:b4:f2:19:55:ad:2a:67:e0:a8:79:dd: 3d:36:30:56:70:57:47:19:4f:98:99:7c:00:a8:0e:84:ee:a9: ef:dd:43:72:3d:30:c4:dd:a5:7f:05:45:b3:08:f0:3f:60:cf: d4:ef:ca:c7:58:c5:9c:fb:9b:96:58:3c:3e:ff:5d:9c:14:4a: 6e:21:cf:7a:44:43:a5:ed:fd:03:3c:6c:40:b3:15:c3:d9:5e: 56:a9:9b:c7:7e:9e:92:0e:0b:2f:04:b1:d8:e6:39:d7:07:28: 76:ae:e4:50:85:2c:97:c8:d3:f7:d5:26:e5:cc:56:91:52:04: de:c0:a5:42 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUE3bIY/QVKV1CVIi+36UuzPwpjIYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE1NTExN1oX DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAYzRlYzcxZGVlZmJjOTUzMjFjZWFj YWIzZDI4MWE3NDY4MDYwOWRhZjRiZTQzNDk5ZWY2MjVjZTA5ZjIwNGQxNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmA98yTfyLah6VH41duva37tJOOoy 2fDO/OU2z6e6UCagF0v6kzEetPjuUReZDvEexyOyQzuxuujsPQ2v8ukyIB3skiSF 1BVqSyqdmAf9xCxHsRkYSbDK0vXNXW4Q5ZW1MrNFbZoCfakbicc7dCMlY6vroDe+ XU1cBbdO5WwGOCzOe0X/CkKaaZNfzEjhcIUJlA6vVUE1aTvRnJFv2h03WRD3lHcr 7eMA0KOAms2dFYo3+KcTeFG5sD9SYxXNkmyUporvA2NM2KyjbCASJALBQCWbsp36 GGXNJk/z8TeKLFbeqacvjl7WzDrPq93uDb+iJ0ARiDVonvXXUFVxCYXdkQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKBmD4wkGgRAiJaeqj0B0CVEFAorMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMxZDgyZWJlLTA5YTUtNDhmZS04MTY5LWI0ZGU1ODk4OGI5NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaGgAwDQYJKoZIhvcNAQELBQADggEBAJAxcDdsqx1Xu252376d PYz34DfjD2G6dsVIVJ4Z6NHRkBaFzibqxmKrxw/+RWskdi3LIXxGCpDvh5zpVpdG EuNdSZej/QmRk8jTyhc+xIwlBFAq1ysdGqB2xlE/zgG95jO71Otcue0qBQVCWmCo ylKH46DIhjr+z5kvG0YjMuhmuoe0Jy608hlVrSpn4Kh53T02MFZwV0cZT5iZfACo DoTuqe/dQ3I9MMTdpX8FRbMI8D9gz9TvysdYxZz7m5ZYPD7/XZwUSm4hz3pEQ6Xt /QM8bECzFcPZXlapm8d+npIOCy8EsdjmOdcHKHau5FCFLJfI0/fVJuXMVpFSBN7A pUI= -----END CERTIFICATE-----Generated at Thu Jul 31 01:02:34 2025 by rpki-client