$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/550b1aee-a231-4dc7-be8b-ddacfddffd19.roa File: 550b1aee-a231-4dc7-be8b-ddacfddffd19.roa (raw, json) Hash identifier: 6sPkIM75q9sIeYk+2SlECTQ4+o8/GaSe031DMArJaI4= Subject key identifier: 6A:BF:E3:C6:4F:BF:98:E9:A2:68:B3:2C:FF:CC:2C:84:F8:B2:D3:60 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 388EAD402BA08FD1C6F7FA39AABDBAEE4163C798 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/550b1aee-a231-4dc7-be8b-ddacfddffd19.roa Signing time: Tue 29 Jul 2025 00:41:03 +0000 ROA not before: Tue 29 Jul 2025 00:41:03 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:9000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:8e:ad:40:2b:a0:8f:d1:c6:f7:fa:39:aa:bd:ba:ee:41:63:c7:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:41:03 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=f3f2d484503f1c7e4ec86f796b482f9374554a481a41cba764fc8b3bc13414e3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:d1:f6:85:bf:46:e2:ae:eb:ba:aa:00:a5:48: 5d:ce:9f:6f:49:7b:b6:2d:ad:ae:7e:0b:0f:c4:fd: 40:76:6f:97:18:6d:12:dc:c4:78:fd:81:43:2d:5d: 24:84:7b:58:b3:7b:31:17:e1:79:a5:48:3a:3e:3d: 6e:d6:4b:5d:8e:63:e1:db:6a:4c:a3:f5:25:4f:5d: 19:77:3f:97:38:6c:5b:95:e9:ab:6a:7c:d9:ea:5c: 6e:d8:a2:e7:32:bc:25:31:74:1d:c9:e1:8b:46:5d: bf:7e:39:f9:ca:b2:bd:b8:e1:a9:c4:a4:9b:50:02: f3:f2:db:f0:33:35:4c:69:5d:3c:72:74:7e:bd:3f: 99:17:2e:da:d5:39:bd:6f:b8:d4:39:23:fa:d5:0b: 30:77:f2:12:ce:e2:d0:e1:08:f8:ff:80:dc:df:78: 3c:9f:20:65:70:ea:7e:f4:0e:52:7d:6f:17:ae:91: 4d:14:e9:2e:e7:e5:05:f0:06:f0:9e:eb:f0:cf:41: f0:5e:82:9f:66:62:9a:a5:58:e1:fc:e0:64:25:d9: 2b:1c:f1:17:d9:a2:e2:a9:35:4f:e0:7b:de:87:ef: 11:99:23:84:25:53:83:30:23:6a:b3:19:6c:ba:cf: 31:24:23:24:97:65:8c:4d:a4:10:d1:f6:95:c6:17: f1:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:BF:E3:C6:4F:BF:98:E9:A2:68:B3:2C:FF:CC:2C:84:F8:B2:D3:60 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/550b1aee-a231-4dc7-be8b-ddacfddffd19.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:9000::/40 Signature Algorithm: sha256WithRSAEncryption 0e:a3:cc:a5:28:0f:9c:d6:82:d2:96:be:cd:6d:76:86:69:ab: 74:4e:66:66:e4:75:f2:58:50:9f:53:9f:b0:13:48:0b:8a:80: 94:a4:8b:f7:01:e3:23:59:ba:6c:2f:eb:a2:d4:17:fe:99:3f: 40:e3:75:81:6b:b0:9c:a2:e6:62:fb:88:d3:7b:d6:1c:ab:b9: b7:60:0c:50:cc:27:ae:6a:49:0d:0f:18:46:6c:ae:f3:bf:62: 4d:e6:9d:07:dd:b9:04:5a:a8:92:b6:a5:57:4c:e6:8c:e0:c0: 8d:73:37:de:e1:56:03:c7:ad:23:3a:a2:cf:5d:ab:e4:25:c6: d7:1e:b5:a9:e0:c4:60:1f:65:fe:e6:2f:7b:f8:70:7a:e6:bb: af:a9:1d:68:24:f4:86:1d:28:aa:37:e0:af:2d:1d:06:94:3d: 3c:21:6d:40:33:80:ef:a5:75:02:43:ea:a8:7c:fe:33:c7:a6: b3:d8:d1:94:58:81:b5:17:4f:5b:a0:a6:1e:bf:f1:3b:68:d5: ce:7a:49:3d:56:5f:33:e5:cd:ba:f9:91:71:53:89:8c:31:4f: 8e:d0:6c:aa:f4:28:59:fa:73:b7:19:1c:48:3a:c1:98:cf:4f: a0:cb:b8:13:5a:59:2f:e8:91:21:6a:cc:ce:5c:45:e8:1d:c9: dc:0a:5b:c3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOI6tQCugj9HG9/o5qr267kFjx5gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwNDEwM1oX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNAZjNmMmQ0ODQ1MDNmMWM3ZTRlYzg2 Zjc5NmI0ODJmOTM3NDU1NGE0ODFhNDFjYmE3NjRmYzhiM2JjMTM0MTRlMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9H2hb9G4q7ruqoApUhdzp9vSXu2 La2ufgsPxP1Adm+XGG0S3MR4/YFDLV0khHtYs3sxF+F5pUg6Pj1u1ktdjmPh22pM o/UlT10Zdz+XOGxblemranzZ6lxu2KLnMrwlMXQdyeGLRl2/fjn5yrK9uOGpxKSb UALz8tvwMzVMaV08cnR+vT+ZFy7a1Tm9b7jUOSP61Qswd/ISzuLQ4Qj4/4Dc33g8 nyBlcOp+9A5SfW8XrpFNFOku5+UF8Abwnuvwz0HwXoKfZmKapVjh/OBkJdkrHPEX 2aLiqTVP4Hveh+8RmSOEJVODMCNqsxlsus8xJCMkl2WMTaQQ0faVxhfxgQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGq/48ZPv5jpomizLP/MLIT4stNgMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU1MGIxYWVlLWEyMzEtNGRjNy1iZThiLWRkYWNmZGRmZmQxOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAJAwDQYJKoZIhvcNAQELBQADggEBAA6jzKUoD5zWgtKWvs1t doZpq3ROZmbkdfJYUJ9Tn7ATSAuKgJSki/cB4yNZumwv66LUF/6ZP0DjdYFrsJyi 5mL7iNN71hyrubdgDFDMJ65qSQ0PGEZsrvO/Yk3mnQfduQRaqJK2pVdM5ozgwI1z N97hVgPHrSM6os9dq+QlxtcetangxGAfZf7mL3v4cHrmu6+pHWgk9IYdKKo34K8t HQaUPTwhbUAzgO+ldQJD6qh8/jPHprPY0ZRYgbUXT1ugph6/8Tto1c56ST1WXzPl zbr5kXFTiYwxT47QbKr0KFn6c7cZHEg6wZjPT6DLuBNaWS/okSFqzM5cRegdydwK W8M= -----END CERTIFICATE-----Generated at Thu Jul 31 00:59:15 2025 by rpki-client