$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d8399a4-56d7-47cd-a300-df287b4c76c9.roa File: 4d8399a4-56d7-47cd-a300-df287b4c76c9.roa (raw, json) Hash identifier: nIuQbz2H+LsZRxrGqBSbQ5qEdGTULaKsjDatVOnS4BI= Subject key identifier: 25:12:D7:EC:26:63:04:CF:7B:6C:6E:58:FB:9E:F3:8E:92:A2:A6:C6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7539256649265A588D811D2105D387ED98E2B2A2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d8399a4-56d7-47cd-a300-df287b4c76c9.roa Signing time: Mon 07 Jul 2025 15:00:38 +0000 ROA not before: Mon 07 Jul 2025 15:00:38 +0000 ROA not after: Mon 11 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:39:25:66:49:26:5a:58:8d:81:1d:21:05:d3:87:ed:98:e2:b2:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 7 15:00:38 2025 GMT Not After : Aug 11 23:59:59 2025 GMT Subject: serialNumber=810c36a33decaf8e37027eeb01d49b9ea46a166ebeba53ea286135c3ef9fba17, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:4d:72:e4:b3:19:83:8e:eb:72:b8:6e:ef:4e: 14:58:bd:98:6f:48:71:b0:51:15:bb:2e:51:1a:bf: 6a:45:6d:30:de:59:a4:58:48:24:a1:3d:92:46:b5: 4e:19:ef:8a:c5:d5:65:24:d1:00:88:59:56:6b:e7: 58:c7:63:c7:0b:d2:be:1c:e3:16:17:27:43:b5:55: e2:79:79:8c:43:d1:f8:43:8a:3f:53:50:9a:cb:d4: d8:50:73:19:e2:a1:29:10:49:18:75:ab:0f:30:62: f5:0a:6c:52:77:6c:3d:2b:73:75:8d:df:47:1d:6d: a5:ea:5f:e5:d4:51:14:06:9d:fb:f5:53:25:43:0c: 39:19:de:2c:0b:ae:10:87:83:fe:8f:1a:85:b0:4a: 82:3e:0b:02:1b:c7:23:d1:00:ec:15:24:1d:63:b4: 7a:c6:d0:8a:69:26:39:98:28:68:60:e3:a9:29:15: 0a:e7:f7:48:d6:29:e6:28:9f:67:30:70:a2:cf:b1: b4:f4:d3:c5:58:32:7b:e5:c0:49:a2:a0:0c:aa:7c: 57:27:da:51:7f:71:4e:1b:1e:22:c7:23:97:f3:c5: 76:d7:87:4c:8b:88:f1:44:9d:13:22:e4:2c:e4:e1: 42:81:65:8e:c3:8d:71:85:5b:d9:f2:27:e9:a4:ce: af:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:12:D7:EC:26:63:04:CF:7B:6C:6E:58:FB:9E:F3:8E:92:A2:A6:C6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d8399a4-56d7-47cd-a300-df287b4c76c9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:e000::/40 Signature Algorithm: sha256WithRSAEncryption a0:2f:a3:62:5f:55:1b:7e:8d:e0:ea:a1:09:0f:35:4d:92:a9: f8:5a:96:9b:3c:04:18:86:a4:92:7e:47:db:83:2b:e2:ff:23: 2c:77:e6:80:67:cd:8f:db:01:ed:97:83:87:25:89:6c:95:b2: e3:c4:62:ce:ed:72:cd:47:ca:e5:10:12:09:dc:6a:e7:5d:b9: 1b:a3:95:28:b1:36:44:b5:4d:58:39:76:bd:ed:fd:59:98:a2: 67:ca:4c:e3:55:3e:96:6d:7a:3d:7a:4d:ea:ba:41:66:55:6b: 9b:42:23:2d:ee:83:80:ad:23:2a:63:e9:71:db:77:36:83:8d: c0:3d:09:0d:49:fc:78:64:91:77:b9:59:b8:6d:2a:7f:6f:14: 29:0d:e7:12:f7:be:31:7d:87:f2:85:65:21:18:8b:0d:6f:58: 44:66:90:95:0d:ad:24:8f:c3:75:93:ee:8b:04:e8:66:6b:b6: 01:2e:c0:cd:e3:81:01:ca:b5:70:cf:3c:4e:70:84:69:6a:11: 60:4c:57:c5:f4:dd:2d:d6:51:c7:51:e7:38:4e:45:03:48:7e: c0:a1:93:35:87:15:e2:e1:be:8e:ff:46:a6:87:51:26:ae:1a: 24:e9:52:61:58:0c:8c:ac:63:9c:b3:34:53:50:55:26:c5:c6: 5c:e6:ad:4f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdTklZkkmWliNgR0hBdOH7ZjisqIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE1MDAzOFoX DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAODEwYzM2YTMzZGVjYWY4ZTM3MDI3 ZWViMDFkNDliOWVhNDZhMTY2ZWJlYmE1M2VhMjg2MTM1YzNlZjlmYmExNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtk1y5LMZg47rcrhu704UWL2Yb0hx sFEVuy5RGr9qRW0w3lmkWEgkoT2SRrVOGe+KxdVlJNEAiFlWa+dYx2PHC9K+HOMW FydDtVXieXmMQ9H4Q4o/U1Cay9TYUHMZ4qEpEEkYdasPMGL1CmxSd2w9K3N1jd9H HW2l6l/l1FEUBp379VMlQww5Gd4sC64Qh4P+jxqFsEqCPgsCG8cj0QDsFSQdY7R6 xtCKaSY5mChoYOOpKRUK5/dI1inmKJ9nMHCiz7G09NPFWDJ75cBJoqAMqnxXJ9pR f3FOGx4ixyOX88V214dMi4jxRJ0TIuQs5OFCgWWOw41xhVvZ8ifppM6vnQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCUS1+wmYwTPe2xuWPue846SoqbGMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRkODM5OWE0LTU2ZDctNDdjZC1hMzAwLWRmMjg3YjRjNzZjOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNuAwDQYJKoZIhvcNAQELBQADggEBAKAvo2JfVRt+jeDqoQkP NU2Sqfhalps8BBiGpJJ+R9uDK+L/Iyx35oBnzY/bAe2Xg4cliWyVsuPEYs7tcs1H yuUQEgncaudduRujlSixNkS1TVg5dr3t/VmYomfKTONVPpZtej16Teq6QWZVa5tC Iy3ug4CtIypj6XHbdzaDjcA9CQ1J/HhkkXe5WbhtKn9vFCkN5xL3vjF9h/KFZSEY iw1vWERmkJUNrSSPw3WT7osE6GZrtgEuwM3jgQHKtXDPPE5whGlqEWBMV8X03S3W UcdR5zhORQNIfsChkzWHFeLhvo7/RqaHUSauGiTpUmFYDIysY5yzNFNQVSbFxlzm rU8= -----END CERTIFICATE-----Generated at Thu Jul 31 01:00:19 2025 by rpki-client