$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa File: 3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa (raw, json) Hash identifier: +0rC6Ht273OIY2v0LgQZiJG/6KrjDw01KeqXkNEuuPc= Subject key identifier: 44:A9:FD:AA:DC:D5:8A:19:BE:3A:42:74:28:FB:D3:08:18:19:67:1D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7F04405ABA7D76ECFBE7F1F6ABD39EDFA90C6543 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa Signing time: Tue 29 Jul 2025 00:40:14 +0000 ROA not before: Tue 29 Jul 2025 00:40:14 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:c880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:04:40:5a:ba:7d:76:ec:fb:e7:f1:f6:ab:d3:9e:df:a9:0c:65:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:40:14 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=b2e1f483a5cb187b96e33dfb78de94b5ffc7c9f8c6f5e96bdc0a34fe87687e64, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:9f:55:58:f5:46:aa:65:2e:8f:8d:fa:1e:81: 9e:4a:34:68:74:7d:d7:f1:1f:e5:99:c7:a8:64:4d: 5c:57:6a:df:84:13:2a:2b:7c:eb:ca:42:12:fc:72: 0a:d3:53:fa:e1:cc:cd:6d:35:f0:7e:d9:b4:b4:d3: 8a:dc:e2:c9:c7:0f:ad:6d:68:e6:f9:d2:29:f9:29: 01:77:fb:8c:cd:1b:8d:f8:db:49:6c:1e:9e:12:2f: fa:1a:07:69:d3:12:02:b1:8d:8c:66:e5:48:8b:94: 02:2b:b2:8e:b7:a8:3b:f0:2b:33:22:17:90:8c:41: 40:bf:ce:d7:8b:ca:2f:4e:55:20:6c:b8:2f:46:11: 77:14:ad:53:ab:c8:f7:4a:5f:3c:06:75:a6:53:bd: d2:af:52:88:70:59:eb:f6:5a:a4:12:3d:91:9a:8e: cc:f5:31:20:eb:71:17:e6:c7:aa:ec:16:25:dc:f9: f7:0d:06:b1:05:46:25:03:70:0e:17:a0:da:6f:ba: 0d:be:1f:1b:d5:2b:53:fa:96:77:a5:be:6f:18:3c: 63:c7:a3:1c:fe:59:33:ce:dc:2f:d6:ee:48:5f:8f: 2a:ac:39:71:06:b4:31:64:bc:55:f2:80:d9:5b:a1: 79:9e:42:2b:b6:14:75:ec:71:d7:9b:c2:7f:9f:47: 48:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:A9:FD:AA:DC:D5:8A:19:BE:3A:42:74:28:FB:D3:08:18:19:67:1D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:c880::/48 Signature Algorithm: sha256WithRSAEncryption 64:a2:4f:9b:88:c6:17:11:8b:5d:e9:3f:61:19:b5:16:ed:75: 67:a2:3c:65:8d:35:42:b3:13:1d:d2:46:14:06:47:86:2b:2d: 69:48:e1:78:b8:14:89:99:81:b3:43:64:02:76:7d:3b:9f:ce: 4d:d3:1d:7a:33:5b:cf:02:ca:0a:dd:ba:aa:48:af:4b:33:bc: fa:44:cf:3a:da:37:58:15:81:ba:88:7e:cf:a3:2c:c2:7d:17: c2:23:a8:58:31:06:59:a7:7b:f4:6d:83:bf:61:9b:d1:59:20: 7c:e0:70:45:d7:81:bb:6b:ab:e1:07:52:32:2c:4d:92:54:bb: c8:8e:dd:e7:ad:b5:3f:14:5a:63:85:e9:6f:62:df:f6:e1:84: 89:00:30:9a:e0:c0:96:8e:1f:7a:7c:4e:70:ae:4c:fb:c7:6c: a0:fc:cc:b6:fd:de:98:af:67:54:b9:e5:e5:4a:c8:b8:7f:93: f7:8c:dc:7b:f4:1d:17:68:e4:ab:dd:c6:bd:41:c8:55:78:7f: bf:83:9b:84:e4:a8:7e:bb:2d:84:47:22:ad:13:e1:4b:89:fc: 04:5b:46:fd:08:e6:27:61:e0:50:49:6a:19:0d:3b:cd:da:84: aa:eb:a6:0e:da:7f:28:e9:2a:bc:e8:46:f0:23:36:73:c9:e2: 87:c5:bb:21 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUfwRAWrp9duz75/H2q9Oe36kMZUMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwNDAxNFoX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNAYjJlMWY0ODNhNWNiMTg3Yjk2ZTMz ZGZiNzhkZTk0YjVmZmM3YzlmOGM2ZjVlOTZiZGMwYTM0ZmU4NzY4N2U2NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqp9VWPVGqmUuj436HoGeSjRodH3X 8R/lmceoZE1cV2rfhBMqK3zrykIS/HIK01P64czNbTXwftm0tNOK3OLJxw+tbWjm +dIp+SkBd/uMzRuN+NtJbB6eEi/6Ggdp0xICsY2MZuVIi5QCK7KOt6g78CszIheQ jEFAv87Xi8ovTlUgbLgvRhF3FK1Tq8j3Sl88BnWmU73Sr1KIcFnr9lqkEj2Rmo7M 9TEg63EX5seq7BYl3Pn3DQaxBUYlA3AOF6Dab7oNvh8b1StT+pZ3pb5vGDxjx6Mc /lkzztwv1u5IX48qrDlxBrQxZLxV8oDZW6F5nkIrthR17HHXm8J/n0dI+wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFESp/arc1YoZvjpCdCj70wgYGWcdMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNhNmYwMWYxLWJjNWItNDczZC1hMTJmLTdmMGZmZWQ1ZjRmYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8siAMA0GCSqGSIb3DQEBCwUAA4IBAQBkok+biMYXEYtd6T9h GbUW7XVnojxljTVCsxMd0kYUBkeGKy1pSOF4uBSJmYGzQ2QCdn07n85N0x16M1vP AsoK3bqqSK9LM7z6RM862jdYFYG6iH7PoyzCfRfCI6hYMQZZp3v0bYO/YZvRWSB8 4HBF14G7a6vhB1IyLE2SVLvIjt3nrbU/FFpjhelvYt/24YSJADCa4MCWjh96fE5w rkz7x2yg/My2/d6Yr2dUueXlSsi4f5P3jNx79B0XaOSr3ca9QchVeH+/g5uE5Kh+ uy2ERyKtE+FLifwEW0b9COYnYeBQSWoZDTvN2oSq66YO2n8o6Sq86EbwIzZzyeKH xbsh -----END CERTIFICATE-----Generated at Thu Jul 31 00:57:22 2025 by rpki-client