$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/386d354b-b333-4d2d-95e1-ce56676d00ec.roa File: 386d354b-b333-4d2d-95e1-ce56676d00ec.roa (raw, json) Hash identifier: VRc3ulAjCKsFCiYJiL7hOCD432Ld9B4JGjd677Ah434= Subject key identifier: 02:DE:48:27:98:AB:0F:B5:8D:E8:12:C0:08:EB:55:D8:5C:0B:6A:F3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3970180262037B9D44C8F2121573DAC30844A78F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/386d354b-b333-4d2d-95e1-ce56676d00ec.roa Signing time: Mon 07 Jul 2025 15:50:17 +0000 ROA not before: Mon 07 Jul 2025 15:50:17 +0000 ROA not after: Mon 11 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da22:8000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:70:18:02:62:03:7b:9d:44:c8:f2:12:15:73:da:c3:08:44:a7:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 7 15:50:17 2025 GMT Not After : Aug 11 23:59:59 2025 GMT Subject: serialNumber=d0ab428b561f877d5724a0439be4b5f106a2faad66f4f7d22e22b6ba66565254, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:e8:4e:2a:02:a3:e4:0b:d7:0a:7e:0a:dc:b6: df:96:c2:e9:41:8d:3d:4c:71:aa:e4:cb:f7:c9:97: 5d:dc:d5:3c:b8:5f:1c:f8:98:8c:32:8a:f7:14:f8: d1:6e:22:c5:70:21:11:c5:97:cc:e6:3a:70:c1:e7: 83:ca:99:d1:eb:34:0a:ad:92:15:2d:31:d8:53:ca: f2:1a:34:d9:e3:9a:bc:2d:67:a8:c7:3f:67:03:4a: aa:9b:79:49:6d:6d:8f:e4:06:01:03:49:74:5c:f8: 72:a5:84:a4:88:a5:92:27:6c:f8:f7:12:c6:12:c4: 52:c7:aa:ad:5d:41:8e:c0:1a:ad:45:f8:c3:de:ff: c2:da:2b:7e:60:5d:6a:2b:5b:d9:5c:aa:cb:7d:ff: 76:ac:95:82:e5:42:e1:21:81:e7:52:3b:2e:39:e1: 9b:4a:95:23:99:33:62:a7:91:a0:a6:c4:8c:7c:2d: 40:da:15:b1:3d:8f:f5:55:24:19:b4:b9:2c:c7:a5: 2c:5e:17:34:36:d1:b3:45:60:1c:3c:51:49:49:90: 7b:d9:2a:ae:61:39:e7:90:62:ab:5c:bd:a7:c3:f9: 98:7a:93:c9:0c:32:92:5b:37:07:60:5f:81:bd:04: de:80:9d:8a:e8:2b:bd:97:9c:9a:fc:bf:16:ce:17: c8:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:DE:48:27:98:AB:0F:B5:8D:E8:12:C0:08:EB:55:D8:5C:0B:6A:F3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/386d354b-b333-4d2d-95e1-ce56676d00ec.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da22:8000::/36 Signature Algorithm: sha256WithRSAEncryption 0c:1c:b9:74:f2:9d:d3:83:d6:b6:29:83:41:78:4f:09:be:e7: ff:8d:cb:68:47:4b:2c:9c:01:6c:18:11:08:b4:20:44:60:fe: a5:43:e6:32:40:5e:d7:47:4f:e9:22:12:17:42:6a:de:2f:3e: f5:86:5a:fe:49:7f:f2:ec:1a:38:32:10:59:ea:dc:58:de:17: e3:ab:cf:c4:c8:c9:3f:a8:75:cb:47:56:a8:81:77:e9:25:b5: 56:ba:0a:54:dd:35:e7:b7:8b:29:ee:e7:df:67:0a:e5:ff:2b: 92:51:7c:91:13:e3:d8:ba:37:53:cf:dc:66:34:24:2c:e2:55: be:b2:24:a5:84:08:ee:6a:c0:7a:b2:98:b0:ac:29:7f:75:74: 19:3c:a5:04:d1:cd:06:27:66:66:af:e0:50:d3:4e:b8:cb:8c: 72:94:95:55:77:3b:4c:74:51:ba:28:1b:94:90:69:46:b5:03: 9d:bd:74:65:96:b3:1e:df:00:e0:3c:76:2e:d6:a4:ad:a8:f1: 0b:5e:d6:4a:84:99:94:4c:0a:33:c6:d8:d7:04:f6:78:9b:91: af:14:ee:1a:07:41:8a:a1:7d:7f:fd:08:a8:61:20:4b:4e:41: e3:7b:6f:4c:3b:03:ef:13:48:6f:6c:e1:fa:2c:84:8f:58:aa: f4:34:b3:a0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOXAYAmIDe51EyPISFXPawwhEp48wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE1NTAxN1oX DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAZDBhYjQyOGI1NjFmODc3ZDU3MjRh MDQzOWJlNGI1ZjEwNmEyZmFhZDY2ZjRmN2QyMmUyMmI2YmE2NjU2NTI1NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0uhOKgKj5AvXCn4K3LbflsLpQY09 THGq5Mv3yZdd3NU8uF8c+JiMMor3FPjRbiLFcCERxZfM5jpwweeDypnR6zQKrZIV LTHYU8ryGjTZ45q8LWeoxz9nA0qqm3lJbW2P5AYBA0l0XPhypYSkiKWSJ2z49xLG EsRSx6qtXUGOwBqtRfjD3v/C2it+YF1qK1vZXKrLff92rJWC5ULhIYHnUjsuOeGb SpUjmTNip5GgpsSMfC1A2hWxPY/1VSQZtLksx6UsXhc0NtGzRWAcPFFJSZB72Squ YTnnkGKrXL2nw/mYepPJDDKSWzcHYF+BvQTegJ2K6Cu9l5ya/L8WzhfITwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFALeSCeYqw+1jegSwAjrVdhcC2rzMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM4NmQzNTRiLWIzMzMtNGQyZC05NWUxLWNlNTY2NzZkMDBlYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaIoAwDQYJKoZIhvcNAQELBQADggEBAAwcuXTyndOD1rYpg0F4 Twm+5/+Ny2hHSyycAWwYEQi0IERg/qVD5jJAXtdHT+kiEhdCat4vPvWGWv5Jf/Ls GjgyEFnq3FjeF+Orz8TIyT+odctHVqiBd+kltVa6ClTdNee3iynu599nCuX/K5JR fJET49i6N1PP3GY0JCziVb6yJKWECO5qwHqymLCsKX91dBk8pQTRzQYnZmav4FDT TrjLjHKUlVV3O0x0UbooG5SQaUa1A529dGWWsx7fAOA8di7WpK2o8Qte1kqEmZRM CjPG2NcE9nibka8U7hoHQYqhfX/9CKhhIEtOQeN7b0w7A+8TSG9s4foshI9YqvQ0 s6A= -----END CERTIFICATE-----Generated at Thu Jul 31 01:05:50 2025 by rpki-client