$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa File: 49a679dd-b6ba-4b54-beeb-b3e83302b998.roa (raw, json) Hash identifier: sQNcFe6g20JX9C6A+G5O9BalccvWrWeckTW8sAC3CAg= Subject key identifier: FC:F8:5B:DD:5E:00:1B:DB:3F:E5:C2:3E:5C:E0:8F:FC:13:AE:73:72 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 79DA9372525E7AD0209A5827DF5DDFFAB4B6E01B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa Signing time: Tue 08 Jul 2025 00:00:09 +0000 ROA not before: Tue 08 Jul 2025 00:00:09 +0000 ROA not after: Tue 12 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:da:93:72:52:5e:7a:d0:20:9a:58:27:df:5d:df:fa:b4:b6:e0:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 8 00:00:09 2025 GMT Not After : Aug 12 23:59:59 2025 GMT Subject: serialNumber=87da7257319739653117d750d5bcb8fcb2aa5d0f71061c40c5bbc27cac4901ca, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:1a:df:80:33:2c:a2:06:bf:50:6d:13:fa:42: 8e:93:f2:fa:a6:71:39:3e:dc:98:5d:a8:41:bb:a8: b0:b9:7e:84:d9:18:55:8a:22:62:cf:c0:3e:e4:11: 8c:61:25:10:1b:d3:41:ba:9d:43:e7:69:2d:3a:d1: a5:3e:7c:af:a2:ac:f0:5a:05:ea:58:7f:ef:65:72: 23:92:62:fa:20:b7:2d:e1:33:19:8c:a3:e6:03:09: 49:bf:73:7a:d1:5d:7e:1d:21:4e:5a:09:7e:20:57: 5a:ce:e5:a3:fa:42:3c:f0:92:b4:64:6f:b7:4c:a9: 1c:34:38:a8:c7:52:99:4b:46:77:33:71:16:e6:88: 0b:e4:15:69:88:2e:8c:5b:d5:60:cd:59:ef:14:56: e5:e8:87:87:68:0b:85:b6:72:a1:6c:85:76:df:2e: cc:7f:42:b2:d9:0b:c2:25:d7:4e:77:b1:a4:37:fd: 67:b7:9d:f6:d4:53:e4:a0:de:2c:47:bd:de:8f:5d: 1f:56:11:77:a5:5e:a3:c7:c2:a9:cd:9a:9a:2b:0d: 97:18:fc:f6:56:1a:77:d0:da:40:cb:c5:e3:15:43: de:0b:7f:ca:70:98:c9:69:d3:fc:71:b6:fc:5d:c0: 42:c7:f8:5e:92:ed:ee:01:18:00:00:c7:2a:63:49: 99:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:F8:5B:DD:5E:00:1B:DB:3F:E5:C2:3E:5C:E0:8F:FC:13:AE:73:72 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:800::/40 Signature Algorithm: sha256WithRSAEncryption 82:4f:47:ec:29:a6:25:de:b5:40:b6:d3:64:09:37:6e:26:bf: 4d:37:87:bd:09:00:ee:9e:f1:f4:b0:90:0e:d2:4a:dc:de:c4: 4e:1e:76:19:e7:de:c4:1d:2f:66:75:df:60:b4:a2:a7:e8:72: 0f:a5:49:9e:73:47:5a:a2:4c:c2:03:b8:41:a8:71:44:6a:e5: 50:f0:8d:42:b4:f5:6d:a2:19:97:71:5f:21:4c:0a:f8:83:21: 82:9c:bf:68:58:42:d6:17:99:ad:a9:85:71:2d:e3:4d:3b:28: 61:c9:8d:ab:3e:45:41:e4:45:19:86:00:eb:b7:da:4d:8c:1b: ae:c2:20:22:41:66:80:56:d5:4b:10:73:a3:16:26:8b:5c:73: a9:7d:2f:a4:8f:4f:68:1e:98:3d:a4:b7:c0:3a:2a:b5:96:36: be:62:62:34:da:c2:9a:24:4a:56:1c:3e:f8:d8:da:88:fd:ab: be:ce:92:47:e2:37:39:56:d3:cb:81:05:32:d7:aa:cb:47:ec: 29:2e:e0:e5:63:16:92:f5:1e:2b:78:2a:7d:ee:2f:8b:de:a3: d7:00:4b:5b:f7:67:33:be:08:d1:5a:1c:aa:97:16:e7:72:37: 17:a7:f6:b4:de:e6:e9:a9:6b:32:82:87:5b:e6:d5:04:51:f4: e9:1e:7b:5b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUedqTclJeetAgmlgn313f+rS24BswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwODAwMDAwOVoX DTI1MDgxMjIzNTk1OVowejFJMEcGA1UEBRNAODdkYTcyNTczMTk3Mzk2NTMxMTdk NzUwZDViY2I4ZmNiMmFhNWQwZjcxMDYxYzQwYzViYmMyN2NhYzQ5MDFjYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhrfgDMsoga/UG0T+kKOk/L6pnE5 PtyYXahBu6iwuX6E2RhViiJiz8A+5BGMYSUQG9NBup1D52ktOtGlPnyvoqzwWgXq WH/vZXIjkmL6ILct4TMZjKPmAwlJv3N60V1+HSFOWgl+IFdazuWj+kI88JK0ZG+3 TKkcNDiox1KZS0Z3M3EW5ogL5BVpiC6MW9VgzVnvFFbl6IeHaAuFtnKhbIV23y7M f0Ky2QvCJddOd7GkN/1nt5321FPkoN4sR73ej10fVhF3pV6jx8KpzZqaKw2XGPz2 Vhp30NpAy8XjFUPeC3/KcJjJadP8cbb8XcBCx/heku3uARgAAMcqY0mZCwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPz4W91eABvbP+XCPlzgj/wTrnNyMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5YTY3OWRkLWI2YmEtNGI1NC1iZWViLWIzZTgzMzAyYjk5OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8QgwDQYJKoZIhvcNAQELBQADggEBAIJPR+wppiXetUC202QJ N24mv003h70JAO6e8fSwkA7SStzexE4edhnn3sQdL2Z132C0oqfocg+lSZ5zR1qi TMIDuEGocURq5VDwjUK09W2iGZdxXyFMCviDIYKcv2hYQtYXma2phXEt4007KGHJ jas+RUHkRRmGAOu32k2MG67CICJBZoBW1UsQc6MWJotcc6l9L6SPT2gemD2kt8A6 KrWWNr5iYjTawpokSlYcPvjY2oj9q77OkkfiNzlW08uBBTLXqstH7Cku4OVjFpL1 Hit4Kn3uL4veo9cAS1v3ZzO+CNFaHKqXFudyNxen9rTe5umpazKCh1vm1QRR9Oke e1s= -----END CERTIFICATE-----Generated at Wed Jul 16 12:06:56 2025 by rpki-client