$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/498f6dc3-db03-415e-b534-d74ca6f01901.roa File: 498f6dc3-db03-415e-b534-d74ca6f01901.roa (raw, json) Hash identifier: jJAhIviDlFObZs9HwuQ2A+pB+Pd7ImSmVJuP+Svj3yw= Subject key identifier: 42:1A:7B:5F:6C:B0:06:68:B5:67:0D:3E:C1:B2:D9:ED:ED:BF:39:6D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5BF8453B7E890AE964F5FF625C60C1785BF63FE0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/498f6dc3-db03-415e-b534-d74ca6f01901.roa Signing time: Sat 19 Jul 2025 00:00:14 +0000 ROA not before: Sat 19 Jul 2025 00:00:14 +0000 ROA not after: Sat 23 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:f8:45:3b:7e:89:0a:e9:64:f5:ff:62:5c:60:c1:78:5b:f6:3f:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 19 00:00:14 2025 GMT Not After : Aug 23 23:59:59 2025 GMT Subject: serialNumber=08240927d81876b5aed8b3ebe1af7299cce3bc7157f6547f01d19d0ed5b376d4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:54:2a:54:94:6d:0c:09:3e:7c:21:a0:4d:fd: ff:9d:98:8b:8c:61:46:29:1e:bb:ad:46:4f:b2:ba: 2a:1d:1c:b6:82:00:f8:e6:a8:15:55:9e:c0:f1:e3: 9d:6e:36:34:98:ea:32:5c:0b:21:98:fc:5b:a6:bd: 7c:9f:4a:02:71:5d:b3:b8:92:db:e5:4c:7e:55:00: 4e:c3:1b:d8:d6:93:9e:07:62:be:0a:bc:09:88:f5: 9a:82:a9:81:33:51:ad:c7:be:c5:c5:ea:11:3d:41: 87:7a:4e:a4:52:17:09:bf:4c:96:b4:ef:64:da:fa: e4:ef:a3:2c:b5:fa:c6:77:46:6d:40:58:23:4f:3b: 4e:cb:70:36:4c:16:fa:35:0b:d8:60:5f:0f:a6:f5: 4c:0b:2e:3f:3c:20:35:43:c5:44:38:2d:6e:35:d2: 96:7a:ab:72:ec:b1:45:9e:bd:ce:c3:43:05:34:4d: 93:0c:e0:81:9e:bc:4b:0b:70:70:f0:30:68:36:f7: 11:ce:ed:ae:95:e7:1e:aa:28:2d:9b:19:ab:82:d6: b6:e5:7a:eb:9a:2a:4c:79:a7:d5:30:d6:24:f2:ee: 6d:16:9a:ba:6f:96:f2:f6:62:f4:fc:5a:6c:a8:0a: 1f:7b:fe:30:33:b9:25:19:bc:4e:31:9e:c8:58:42: 1f:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:1A:7B:5F:6C:B0:06:68:B5:67:0D:3E:C1:B2:D9:ED:ED:BF:39:6D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/498f6dc3-db03-415e-b534-d74ca6f01901.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:2000::/40 Signature Algorithm: sha256WithRSAEncryption 38:1c:8b:6e:a4:ff:20:29:dd:1b:4b:90:40:cb:78:d5:e9:c5: 1f:4b:5b:c3:80:d8:af:f8:bf:92:39:5d:23:9b:71:32:4e:6a: 8a:90:48:0a:18:c7:a1:21:39:44:21:86:70:0b:59:1f:55:43: 1c:4f:8c:af:dc:9d:e7:e0:3c:b7:10:23:78:a5:02:af:7e:32: c8:d5:45:b6:50:75:61:ca:3e:d3:c6:10:49:1a:78:b7:b2:38: 26:0c:b0:64:79:1b:7d:fd:2c:77:82:f9:d7:43:77:26:70:ea: de:25:c6:79:64:f3:69:d2:3f:e4:04:b3:df:10:ff:c1:bb:72: be:60:7d:7e:1c:1a:14:4c:24:7f:b0:53:cd:7a:e4:b1:d1:20: b7:85:49:21:fe:5d:ab:97:4f:6b:a7:4e:4f:62:8e:ea:9d:28: 62:74:2c:c4:bc:94:de:89:a5:f3:57:80:af:a7:1f:59:03:28: c4:39:3e:79:f5:e7:02:fe:a2:45:dd:2f:3d:f1:ad:10:b5:f5: cf:45:b6:8a:ee:b4:77:05:b0:2d:34:6d:7c:4e:3b:0a:c4:dc: c7:46:3b:73:99:ff:af:68:ff:72:54:1d:ca:53:d6:39:f8:17: 66:96:92:84:69:00:a5:de:23:4e:96:03:a7:df:dd:bb:f6:30: d2:6b:e0:d3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUW/hFO36JCulk9f9iXGDBeFv2P+AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcxOTAwMDAxNFoX DTI1MDgyMzIzNTk1OVowejFJMEcGA1UEBRNAMDgyNDA5MjdkODE4NzZiNWFlZDhi M2ViZTFhZjcyOTljY2UzYmM3MTU3ZjY1NDdmMDFkMTlkMGVkNWIzNzZkNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1QqVJRtDAk+fCGgTf3/nZiLjGFG KR67rUZPsroqHRy2ggD45qgVVZ7A8eOdbjY0mOoyXAshmPxbpr18n0oCcV2zuJLb 5Ux+VQBOwxvY1pOeB2K+CrwJiPWagqmBM1Gtx77FxeoRPUGHek6kUhcJv0yWtO9k 2vrk76MstfrGd0ZtQFgjTztOy3A2TBb6NQvYYF8PpvVMCy4/PCA1Q8VEOC1uNdKW eqty7LFFnr3Ow0MFNE2TDOCBnrxLC3Bw8DBoNvcRzu2uleceqigtmxmrgta25Xrr mipMeafVMNYk8u5tFpq6b5by9mL0/FpsqAofe/4wM7klGbxOMZ7IWEIfvQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEIae19ssAZotWcNPsGy2e3tvzltMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5OGY2ZGMzLWRiMDMtNDE1ZS1iNTM0LWQ3NGNhNmYwMTkwMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMiAwDQYJKoZIhvcNAQELBQADggEBADgci26k/yAp3RtLkEDL eNXpxR9LW8OA2K/4v5I5XSObcTJOaoqQSAoYx6EhOUQhhnALWR9VQxxPjK/cnefg PLcQI3ilAq9+MsjVRbZQdWHKPtPGEEkaeLeyOCYMsGR5G339LHeC+ddDdyZw6t4l xnlk82nSP+QEs98Q/8G7cr5gfX4cGhRMJH+wU8165LHRILeFSSH+XauXT2unTk9i juqdKGJ0LMS8lN6JpfNXgK+nH1kDKMQ5Pnn15wL+okXdLz3xrRC19c9FtorutHcF sC00bXxOOwrE3MdGO3OZ/69o/3JUHcpT1jn4F2aWkoRpAKXeI06WA6ff3bv2MNJr 4NM= -----END CERTIFICATE-----Generated at Thu Jul 31 00:58:24 2025 by rpki-client