$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c01d0b7-a36c-4fd4-8763-5cffae96bc6a.roa File: 4c01d0b7-a36c-4fd4-8763-5cffae96bc6a.roa (raw, json) Hash identifier: 4E4lFl0VYkvzC5X3jLRdhEKvE04/aaml3Q60XeJyuCA= Subject key identifier: 02:85:2E:6E:06:B5:93:99:B7:96:C5:CA:54:96:B0:B5:0B:98:93:1F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3BA46F941292C9E0361C0A2DC284E77A281D6BFC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c01d0b7-a36c-4fd4-8763-5cffae96bc6a.roa Signing time: Tue 29 Jul 2025 00:50:27 +0000 ROA not before: Tue 29 Jul 2025 00:50:27 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:1080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:a4:6f:94:12:92:c9:e0:36:1c:0a:2d:c2:84:e7:7a:28:1d:6b:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:50:27 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=39f50cea4b30d083488c8ae2d923eb6b6ab6d22739f9f4230955e784229c20e3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:92:a4:9d:10:2b:58:db:21:a6:2e:d6:72:0d: f6:6a:ec:a1:af:20:cd:cd:ee:82:43:32:77:63:87: 90:d3:54:03:be:05:b4:a2:c6:da:c2:4e:58:ce:11: c9:cf:84:1c:47:a9:0c:6c:6d:dd:1a:ac:13:7b:be: 2c:b6:0b:d2:e7:64:d9:69:ff:ed:af:2d:2e:5f:db: 8f:ce:7e:9d:47:9a:0a:d7:57:c4:87:b0:57:49:f5: 40:8f:44:12:3e:67:10:93:51:1b:71:20:f8:6f:fe: ae:ef:04:6e:43:3c:df:55:c8:37:2d:16:5e:b8:d9: fb:5b:96:50:2d:71:9f:af:93:e7:1b:30:35:f0:a0: 48:79:bd:79:d5:a9:2f:40:be:d2:27:a5:6a:73:99: 28:06:8f:8b:5d:17:76:5d:85:67:10:a6:34:79:5f: e6:6f:7b:0e:99:32:34:b3:93:fd:62:71:30:95:38: e1:e9:ed:36:27:d2:47:1d:89:b0:fd:88:fa:01:67: e5:8f:f7:97:9c:60:4b:a0:7b:79:98:80:a1:cd:c4: 39:39:e2:33:fb:46:ed:9d:98:a6:ff:dd:52:d4:86: 9b:b1:d7:25:10:fa:12:02:d5:ed:59:81:4e:5f:d1: 78:13:e0:02:dc:8d:a1:b4:88:ff:7b:40:89:0a:bb: c7:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:85:2E:6E:06:B5:93:99:B7:96:C5:CA:54:96:B0:B5:0B:98:93:1F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c01d0b7-a36c-4fd4-8763-5cffae96bc6a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:1080::/48 Signature Algorithm: sha256WithRSAEncryption 13:5b:99:cc:18:29:b7:7c:4b:d0:08:89:a7:06:b9:3d:f6:9f: 01:f8:36:d2:49:2e:6d:b7:30:7d:48:96:5f:cc:a6:bf:a3:a2: d3:56:b7:02:6a:99:21:37:13:17:a4:33:a6:0f:36:47:ba:a6: 23:0d:f4:9b:65:0c:af:69:b3:ae:01:6a:41:93:e5:eb:a5:0e: c5:29:d4:db:84:eb:8c:7b:b7:28:48:d3:4f:4d:20:af:df:89: db:bb:be:bc:81:c7:15:4a:45:b5:e5:af:3a:8e:7b:96:89:f5: 38:32:07:41:16:ee:57:f9:91:9a:3c:77:95:37:f1:e2:f7:89: 70:fa:76:b4:18:72:56:db:f8:0c:42:39:7c:4c:d8:e6:cd:75: b8:58:32:ae:eb:56:df:3e:d8:64:c3:3e:13:51:33:6c:b7:98: 12:35:a2:04:02:cc:37:28:13:63:8a:47:6a:3b:d7:4f:55:a6: 59:db:42:67:3e:40:15:94:ee:48:19:8d:56:ae:a8:8c:e9:05: 83:40:30:63:4e:94:d6:77:c7:7d:30:ab:22:fa:0a:9e:b8:82: 41:8f:cd:81:df:0c:cd:93:8f:24:86:46:d2:3d:fb:65:aa:5c: 61:c9:ad:2b:e7:a1:b3:4f:cc:63:bc:99:61:b0:ea:75:bb:b5: ed:60:ef:9f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUO6RvlBKSyeA2HAotwoTneigda/wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwNTAyN1oX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNAMzlmNTBjZWE0YjMwZDA4MzQ4OGM4 YWUyZDkyM2ViNmI2YWI2ZDIyNzM5ZjlmNDIzMDk1NWU3ODQyMjljMjBlMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6pKknRArWNshpi7Wcg32auyhryDN ze6CQzJ3Y4eQ01QDvgW0osbawk5YzhHJz4QcR6kMbG3dGqwTe74stgvS52TZaf/t ry0uX9uPzn6dR5oK11fEh7BXSfVAj0QSPmcQk1EbcSD4b/6u7wRuQzzfVcg3LRZe uNn7W5ZQLXGfr5PnGzA18KBIeb151akvQL7SJ6Vqc5koBo+LXRd2XYVnEKY0eV/m b3sOmTI0s5P9YnEwlTjh6e02J9JHHYmw/Yj6AWflj/eXnGBLoHt5mIChzcQ5OeIz +0btnZim/91S1IabsdclEPoSAtXtWYFOX9F4E+AC3I2htIj/e0CJCrvHrQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAKFLm4GtZOZt5bFylSWsLULmJMfMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRjMDFkMGI3LWEzNmMtNGZkNC04NzYzLTVjZmZhZTk2YmM2YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaABCAMA0GCSqGSIb3DQEBCwUAA4IBAQATW5nMGCm3fEvQCImn Brk99p8B+DbSSS5ttzB9SJZfzKa/o6LTVrcCapkhNxMXpDOmDzZHuqYjDfSbZQyv abOuAWpBk+XrpQ7FKdTbhOuMe7coSNNPTSCv34nbu768gccVSkW15a86jnuWifU4 MgdBFu5X+ZGaPHeVN/Hi94lw+na0GHJW2/gMQjl8TNjmzXW4WDKu61bfPthkwz4T UTNst5gSNaIEAsw3KBNjikdqO9dPVaZZ20JnPkAVlO5IGY1WrqiM6QWDQDBjTpTW d8d9MKsi+gqeuIJBj82B3wzNk48khkbSPftlqlxhya0r56GzT8xjvJlhsOp1u7Xt YO+f -----END CERTIFICATE-----Generated at Thu Jul 31 00:58:25 2025 by rpki-client