$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d4e72c4-66d0-430a-a6bc-d3e2916a848c.roa File: 3d4e72c4-66d0-430a-a6bc-d3e2916a848c.roa (raw, json) Hash identifier: hJLYmD9BaLtANH42UNIR1ZU5MSpLbqntPllXV0CMizE= Subject key identifier: 5F:00:72:00:3F:DA:8B:26:A6:7D:DD:CC:02:F9:A8:0B:0C:E2:80:DA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 62E7261B443816B294883F3C43441AF281633B3A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d4e72c4-66d0-430a-a6bc-d3e2916a848c.roa Signing time: Sat 26 Jul 2025 00:01:53 +0000 ROA not before: Sat 26 Jul 2025 00:01:53 +0000 ROA not after: Sat 30 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:e7:26:1b:44:38:16:b2:94:88:3f:3c:43:44:1a:f2:81:63:3b:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 26 00:01:53 2025 GMT Not After : Aug 30 23:59:59 2025 GMT Subject: serialNumber=c3bb5868a268d25a786b21a2cdddd2ca7c05e1629dace046644baefd6a5265fc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:e3:98:63:45:0c:03:e1:d9:45:1e:06:d2:14: 9f:d7:90:67:55:6f:14:13:67:be:81:0e:ed:a0:f3: e8:de:b5:fe:71:d1:d8:74:10:68:ea:df:02:a1:53: eb:73:53:f8:5c:77:d5:3a:e8:b4:9b:65:3c:fe:00: de:77:fd:53:85:57:2b:59:53:35:8b:7e:52:01:3c: 0b:ab:3d:01:67:f1:45:ea:9a:b4:51:6f:fb:a1:15: 4f:96:e3:93:7f:01:aa:66:26:bc:0f:71:db:1b:e2: 09:82:39:7a:62:f5:97:2b:c3:2c:05:55:36:a7:bf: 16:63:61:ca:ba:a2:45:40:61:78:5b:11:73:a7:5e: e0:df:15:ff:86:ae:89:8c:5f:6f:ca:ec:26:61:73: a4:21:ca:68:97:f5:4e:41:0a:70:3a:cd:46:dd:c6: 76:fa:99:43:3f:c5:51:52:3f:d2:92:f3:85:84:36: 89:52:99:b6:24:e6:ab:b1:48:18:97:f4:0f:8c:ce: a0:3a:ec:b6:f6:96:04:ca:d0:75:1f:be:f7:2d:e6: fd:fa:af:56:8b:d1:78:dd:07:fb:4f:fd:7d:d3:7d: e7:f8:a4:82:5a:c7:b9:19:2a:19:6f:aa:95:8d:25: ce:09:20:06:27:47:8f:54:20:55:21:2d:ca:4e:a6: f0:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:00:72:00:3F:DA:8B:26:A6:7D:DD:CC:02:F9:A8:0B:0C:E2:80:DA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d4e72c4-66d0-430a-a6bc-d3e2916a848c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:4000::/40 Signature Algorithm: sha256WithRSAEncryption 5f:42:a8:28:18:9c:af:ae:c5:6a:aa:3b:99:29:87:a2:80:6f: c9:b2:ca:a7:8d:bb:07:a2:34:83:fe:5d:f7:ab:5d:50:e1:7a: ed:b1:59:2f:85:6b:1d:5b:96:cb:32:0e:48:da:5b:7e:2f:0f: a1:fe:1f:f7:43:8e:c6:be:3e:68:20:67:75:7c:68:89:3d:ca: 48:53:fd:4c:f5:e7:71:af:a9:72:63:01:25:77:3a:c5:d0:90: a9:e4:e6:41:57:cf:72:b1:a7:6b:f5:a7:2d:18:db:6c:be:84: 29:0a:de:46:8a:98:99:2f:5a:ab:f7:2b:48:02:33:26:73:93: 95:f3:d0:de:bb:30:b1:f1:f5:d9:0c:3f:c9:23:77:90:77:09: c5:85:9f:28:b0:cf:2a:98:92:6f:be:9f:76:77:9a:b8:8f:76: d4:5c:1f:ae:62:2b:10:c2:4e:2b:fb:2d:a4:6a:bc:97:a8:7a: 97:f0:60:44:7e:74:db:89:62:ed:f0:a7:92:f0:6a:00:8e:3d: 05:ab:5e:6f:22:6c:7a:82:ef:f3:10:d9:fb:19:24:5e:3d:da: e3:86:b4:cb:1c:e5:41:ca:a2:b3:9d:d1:6e:5a:ae:20:35:f3: 39:72:a3:01:2e:20:4f:ed:25:1f:d4:fa:cc:e1:8b:95:27:83: 48:e6:f3:8c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUYucmG0Q4FrKUiD88Q0Qa8oFjOzowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyNjAwMDE1M1oX DTI1MDgzMDIzNTk1OVowejFJMEcGA1UEBRNAYzNiYjU4NjhhMjY4ZDI1YTc4NmIy MWEyY2RkZGQyY2E3YzA1ZTE2MjlkYWNlMDQ2NjQ0YmFlZmQ2YTUyNjVmYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+OYY0UMA+HZRR4G0hSf15BnVW8U E2e+gQ7toPPo3rX+cdHYdBBo6t8CoVPrc1P4XHfVOui0m2U8/gDed/1ThVcrWVM1 i35SATwLqz0BZ/FF6pq0UW/7oRVPluOTfwGqZia8D3HbG+IJgjl6YvWXK8MsBVU2 p78WY2HKuqJFQGF4WxFzp17g3xX/hq6JjF9vyuwmYXOkIcpol/VOQQpwOs1G3cZ2 +plDP8VRUj/SkvOFhDaJUpm2JOarsUgYl/QPjM6gOuy29pYEytB1H773Leb9+q9W i9F43Qf7T/19033n+KSCWse5GSoZb6qVjSXOCSAGJ0ePVCBVIS3KTqbwVwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFF8AcgA/2osmpn3dzAL5qAsM4oDaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNkNGU3MmM0LTY2ZDAtNDMwYS1hNmJjLWQzZTI5MTZhODQ4Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9EAwDQYJKoZIhvcNAQELBQADggEBAF9CqCgYnK+uxWqqO5kp h6KAb8myyqeNuweiNIP+XferXVDheu2xWS+Fax1blssyDkjaW34vD6H+H/dDjsa+ PmggZ3V8aIk9ykhT/Uz153GvqXJjASV3OsXQkKnk5kFXz3Kxp2v1py0Y22y+hCkK 3kaKmJkvWqv3K0gCMyZzk5Xz0N67MLHx9dkMP8kjd5B3CcWFnyiwzyqYkm++n3Z3 mriPdtRcH65iKxDCTiv7LaRqvJeoepfwYER+dNuJYu3wp5LwagCOPQWrXm8ibHqC 7/MQ2fsZJF492uOGtMsc5UHKorOd0W5ariA18zlyowEuIE/tJR/U+szhi5Ung0jm 84w= -----END CERTIFICATE-----Generated at Thu Jul 31 00:58:49 2025 by rpki-client