$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e10b881-cc4d-4575-9034-6eacfc118456.roa File: 3e10b881-cc4d-4575-9034-6eacfc118456.roa (raw, json) Hash identifier: 6me9RLbx2vKLyJrEuYCBUOvozNd6xA2p1zKlkuA7ORk= Subject key identifier: D2:28:F0:90:78:CE:8B:7B:05:3B:16:7E:D6:BA:EA:88:45:4F:25:DB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 02217A1E2D30576ECC19F18D70D79F1D11C7B48E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e10b881-cc4d-4575-9034-6eacfc118456.roa Signing time: Tue 29 Jul 2025 00:30:13 +0000 ROA not before: Tue 29 Jul 2025 00:30:13 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:2000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:21:7a:1e:2d:30:57:6e:cc:19:f1:8d:70:d7:9f:1d:11:c7:b4:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:30:13 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=a488b81910815374b502936815cc631b8742a82cc86aa18701c410786d8ec65e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:14:49:b2:13:59:5c:be:a9:92:ae:76:3d:8d: 30:4f:d6:ac:dc:dd:b6:30:b4:70:7b:48:dc:99:e6: ff:14:51:e3:1b:27:f3:9a:d8:aa:ea:ec:1c:24:39: 84:40:9a:a1:bb:2a:10:1e:0f:9d:ed:ba:33:c7:5a: 3e:bb:b2:74:64:df:34:08:12:f4:2b:64:ff:bc:8f: bd:20:f6:14:d0:8a:1b:16:23:21:95:de:a9:6e:1d: c5:07:22:b8:14:61:49:23:e3:08:5c:e4:e8:0b:1d: 26:15:86:fd:04:d1:8a:2e:d2:51:e5:27:88:df:ee: 5d:d4:60:a3:cb:8b:f6:e6:d8:36:0f:c9:97:9d:f1: 82:e2:64:ca:ce:dd:bd:07:7c:04:38:08:b1:a2:b5: 3d:39:d9:c3:ee:3b:ed:ca:8e:21:5f:19:37:2f:35: 0e:c9:37:69:18:a8:97:d8:57:57:2b:7a:9a:52:0c: 1b:24:01:8b:c9:cc:96:21:dc:a2:ce:68:34:29:5d: dc:33:7c:05:52:7a:6a:60:d4:33:e1:c0:c2:a6:27: a9:c2:20:ac:6b:3f:7e:21:c6:96:c8:4e:62:4d:0b: b3:c1:7a:70:71:08:a2:51:90:74:dd:0e:59:a9:6e: df:9c:d8:23:c6:7e:db:3c:07:bd:e3:1f:73:4b:d2: 13:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:28:F0:90:78:CE:8B:7B:05:3B:16:7E:D6:BA:EA:88:45:4F:25:DB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e10b881-cc4d-4575-9034-6eacfc118456.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:2000::/40 Signature Algorithm: sha256WithRSAEncryption 0a:02:f3:5e:1e:1c:d2:a0:48:f3:6c:38:37:fc:a0:3a:58:3c: cb:7f:93:dd:b4:a2:53:61:e9:e0:69:b9:10:12:a6:28:16:4a: a8:b8:8a:81:c4:ec:25:71:5f:4e:75:c1:10:bc:d7:64:da:8e: c1:62:d7:dd:83:81:d3:31:2e:d6:5e:55:19:d3:42:73:95:b6: a6:86:72:48:64:90:33:2d:c0:4b:f8:41:94:9c:fe:97:47:b3: 23:b4:97:98:f7:5d:3e:6b:78:3d:2e:54:40:ca:71:68:9a:d5: 6c:1f:b0:d3:74:41:9f:bf:e6:b2:e8:1e:70:e0:14:d8:8c:70: d4:67:14:20:f5:99:1b:ba:c8:ed:91:39:58:e5:d5:ca:ba:bf: db:69:96:24:09:28:1c:f2:d4:b4:26:b8:8f:49:6c:3f:8a:7c: ce:c4:8c:3b:b5:46:ae:84:8c:12:d7:d3:d8:78:2b:f4:da:57: 0a:0f:f4:55:9f:e5:d5:53:d9:6b:e6:ab:9a:e8:0a:34:30:28: e5:06:4e:ac:db:ce:d7:69:59:bc:18:6c:67:4d:bf:d8:69:cb: 95:7d:fd:3d:b9:04:a4:eb:5f:fa:e9:42:d6:4a:b7:53:73:5c: b3:03:ba:cb:fe:ff:b1:c0:90:5c:12:16:44:7f:c7:3e:8c:6c: 61:66:f2:d2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUAiF6Hi0wV27MGfGNcNefHRHHtI4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwMzAxM1oX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNAYTQ4OGI4MTkxMDgxNTM3NGI1MDI5 MzY4MTVjYzYzMWI4NzQyYTgyY2M4NmFhMTg3MDFjNDEwNzg2ZDhlYzY1ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthRJshNZXL6pkq52PY0wT9as3N22 MLRwe0jcmeb/FFHjGyfzmtiq6uwcJDmEQJqhuyoQHg+d7bozx1o+u7J0ZN80CBL0 K2T/vI+9IPYU0IobFiMhld6pbh3FByK4FGFJI+MIXOToCx0mFYb9BNGKLtJR5SeI 3+5d1GCjy4v25tg2D8mXnfGC4mTKzt29B3wEOAixorU9OdnD7jvtyo4hXxk3LzUO yTdpGKiX2FdXK3qaUgwbJAGLycyWIdyizmg0KV3cM3wFUnpqYNQz4cDCpiepwiCs az9+IcaWyE5iTQuzwXpwcQiiUZB03Q5ZqW7fnNgjxn7bPAe94x9zS9IT9wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNIo8JB4zot7BTsWfta66ohFTyXbMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNlMTBiODgxLWNjNGQtNDU3NS05MDM0LTZlYWNmYzExODQ1Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYSAwDQYJKoZIhvcNAQELBQADggEBAAoC814eHNKgSPNsODf8 oDpYPMt/k920olNh6eBpuRASpigWSqi4ioHE7CVxX051wRC812TajsFi192DgdMx LtZeVRnTQnOVtqaGckhkkDMtwEv4QZSc/pdHsyO0l5j3XT5reD0uVEDKcWia1Wwf sNN0QZ+/5rLoHnDgFNiMcNRnFCD1mRu6yO2ROVjl1cq6v9tpliQJKBzy1LQmuI9J bD+KfM7EjDu1Rq6EjBLX09h4K/TaVwoP9FWf5dVT2Wvmq5roCjQwKOUGTqzbztdp WbwYbGdNv9hpy5V9/T25BKTrX/rpQtZKt1NzXLMDusv+/7HAkFwSFkR/xz6MbGFm 8tI= -----END CERTIFICATE-----Generated at Thu Jul 31 01:05:47 2025 by rpki-client