$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e8909db-8041-4fde-8d76-0663b8b608ed.roa File: 3e8909db-8041-4fde-8d76-0663b8b608ed.roa (raw, json) Hash identifier: H8qmhevmh6xE4Djj1n35RvBPNU4RbuQBQ2x8o517zxk= Subject key identifier: CB:DD:94:EC:02:B2:6A:5A:DC:90:67:FC:53:99:37:56:DE:37:FE:D9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 21CEF3DD4F3A5E18E0A2F1CE5041457E3FC8C920 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e8909db-8041-4fde-8d76-0663b8b608ed.roa Signing time: Wed 30 Jul 2025 00:10:05 +0000 ROA not before: Wed 30 Jul 2025 00:10:05 +0000 ROA not after: Wed 03 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:ce:f3:dd:4f:3a:5e:18:e0:a2:f1:ce:50:41:45:7e:3f:c8:c9:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 30 00:10:05 2025 GMT Not After : Sep 3 23:59:59 2025 GMT Subject: serialNumber=bae08e5f85173ff27d926a0235664fded0c335a9680b4989f195246d71baae8a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:38:9a:69:ea:91:b2:4a:fe:5c:0a:d4:aa:52: 10:1e:10:af:a6:d0:d5:50:f7:7c:8c:91:bf:56:26: 7a:63:b6:1e:e5:21:47:ce:bc:f8:df:60:a7:7d:87: a1:39:a8:c5:85:6f:49:58:ad:5e:29:7f:bd:52:49: b1:b2:c0:e0:a6:06:f8:d1:60:56:35:ca:71:41:60: f6:28:f2:15:00:17:f2:8c:d7:58:93:c3:9d:6c:ca: 0b:76:ba:15:50:35:02:e0:05:a7:c8:48:52:38:28: 77:62:d7:07:f3:14:d9:c5:72:49:d7:cc:bc:74:ab: bc:2f:70:cb:2e:96:17:3d:86:a9:b9:2d:59:de:3d: 98:74:84:9c:1a:17:b5:a1:c6:9a:38:36:d1:4f:b1: 74:a9:b0:9e:10:11:18:0f:b3:3c:54:b1:dd:1b:07: 27:17:a5:8c:d8:fb:c6:35:af:e2:68:66:01:3d:39: 48:09:35:6c:e8:43:8d:ea:b9:8d:44:31:7c:2c:79: 6f:8a:9a:a1:04:9b:40:c2:5f:8e:f5:9c:c4:81:dd: 35:ad:47:ae:f9:a3:92:1b:2d:50:ef:32:74:99:0f: 42:4e:66:84:88:b9:8a:27:13:a1:90:21:7a:b7:df: 06:a2:0c:36:19:2b:8b:81:72:2c:52:fe:93:93:86: 31:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:DD:94:EC:02:B2:6A:5A:DC:90:67:FC:53:99:37:56:DE:37:FE:D9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e8909db-8041-4fde-8d76-0663b8b608ed.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38::/32 Signature Algorithm: sha256WithRSAEncryption 61:74:39:e3:c4:f0:dc:28:f4:2c:a1:dd:5e:e0:3d:15:82:71: 6d:41:ca:02:ee:47:a8:ab:6a:9c:83:86:c8:64:de:0e:2d:d0: 79:15:6b:00:06:3f:bc:80:50:ba:b7:e4:65:38:ea:73:5a:ec: d3:a4:d1:c3:18:68:eb:52:b2:b5:10:4c:55:d2:62:1a:b1:c1: 05:35:48:07:6c:d3:6f:90:7b:a0:ce:b3:e0:31:82:86:fd:d2: 85:64:52:0b:81:52:3e:77:98:9d:1d:8e:41:7f:c7:41:60:ee: d6:e7:4b:2f:47:06:66:3e:1a:8b:0c:4e:3d:39:e9:58:89:d8: 02:67:37:8a:a7:7e:2d:1b:a2:3c:39:2e:9d:fe:31:8f:d4:55: 0f:a4:3f:cb:d4:2e:c4:f8:88:3a:cb:ad:72:90:8b:16:2e:aa: a0:23:02:36:38:d3:67:d2:44:05:e8:db:3f:f0:8c:8d:11:ed: 59:d9:ee:b7:fc:53:7b:cc:dc:84:ff:ca:17:55:6c:72:c2:a7: 7c:e5:43:a8:4d:2a:4b:bd:16:f8:10:13:5d:82:b4:40:75:8b: 98:15:22:40:b8:1d:07:3f:0f:02:a4:25:ae:13:40:0a:2b:02: 3f:f1:11:8f:0d:8e:e4:2f:91:0b:5f:4f:9b:ff:c9:5c:38:c4: de:5e:a2:23 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUIc7z3U86XhjgovHOUEFFfj/IySAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMTAwNVoX DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAYmFlMDhlNWY4NTE3M2ZmMjdkOTI2 YTAyMzU2NjRmZGVkMGMzMzVhOTY4MGI0OTg5ZjE5NTI0NmQ3MWJhYWU4YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTiaaeqRskr+XArUqlIQHhCvptDV UPd8jJG/ViZ6Y7Ye5SFHzrz432CnfYehOajFhW9JWK1eKX+9UkmxssDgpgb40WBW NcpxQWD2KPIVABfyjNdYk8OdbMoLdroVUDUC4AWnyEhSOCh3YtcH8xTZxXJJ18y8 dKu8L3DLLpYXPYapuS1Z3j2YdIScGhe1ocaaODbRT7F0qbCeEBEYD7M8VLHdGwcn F6WM2PvGNa/iaGYBPTlICTVs6EON6rmNRDF8LHlvipqhBJtAwl+O9ZzEgd01rUeu +aOSGy1Q7zJ0mQ9CTmaEiLmKJxOhkCF6t98Gogw2GSuLgXIsUv6Tk4YxHwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFMvdlOwCsmpa3JBn/FOZN1beN/7ZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNlODkwOWRiLTgwNDEtNGZkZS04ZDc2LTA2NjNiOGI2MDhlZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbaODANBgkqhkiG9w0BAQsFAAOCAQEAYXQ548Tw3Cj0LKHdXuA9 FYJxbUHKAu5HqKtqnIOGyGTeDi3QeRVrAAY/vIBQurfkZTjqc1rs06TRwxho61Ky tRBMVdJiGrHBBTVIB2zTb5B7oM6z4DGChv3ShWRSC4FSPneYnR2OQX/HQWDu1udL L0cGZj4aiwxOPTnpWInYAmc3iqd+LRuiPDkunf4xj9RVD6Q/y9QuxPiIOsutcpCL Fi6qoCMCNjjTZ9JEBejbP/CMjRHtWdnut/xTe8zchP/KF1VscsKnfOVDqE0qS70W +BATXYK0QHWLmBUiQLgdBz8PAqQlrhNACisCP/ERjw2O5C+RC19Pm//JXDjE3l6i Iw== -----END CERTIFICATE-----Generated at Thu Jul 31 00:58:28 2025 by rpki-client