$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5637e746-68a9-4187-b79d-5e4d4b5c348e.roa File: 5637e746-68a9-4187-b79d-5e4d4b5c348e.roa (raw, json) Hash identifier: SzWk00RiDXD6h18KJOf712+b+S2ny1HAYII+/SibVbY= Subject key identifier: DF:AF:A4:A6:D5:14:A6:EF:D0:CF:5A:D0:F6:F1:C4:21:08:CF:DD:82 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 18AAF073E5EAA4585DE8D9B7FAC796428D9C0C5F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5637e746-68a9-4187-b79d-5e4d4b5c348e.roa Signing time: Mon 07 Jul 2025 15:50:12 +0000 ROA not before: Mon 07 Jul 2025 15:50:12 +0000 ROA not after: Mon 11 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da2c:8000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:aa:f0:73:e5:ea:a4:58:5d:e8:d9:b7:fa:c7:96:42:8d:9c:0c:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 7 15:50:12 2025 GMT Not After : Aug 11 23:59:59 2025 GMT Subject: serialNumber=0214491fa20471b2201bda50efd5f7d4536336554cdb19affbea4e26c6494091, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:86:d1:4d:40:c7:c0:ee:29:55:ca:38:88:7e: a9:1a:96:af:10:5b:f1:fc:f9:7b:51:3f:1e:3e:09: ec:da:a9:c6:fb:b7:ed:cc:8e:f0:e6:5b:40:31:ea: 8b:a5:61:5c:89:89:df:e2:cb:1f:9d:86:c6:08:91: 85:01:9e:2a:a1:1f:1c:50:f8:46:b1:87:59:4b:bf: 64:9b:e6:3a:b5:d1:06:cb:ce:30:69:46:c3:d2:68: b5:16:52:63:c2:ed:a4:fd:08:17:11:f7:a2:b3:66: 05:a2:a7:bd:0d:02:a9:8f:96:93:50:6f:1c:2e:c7: cf:1a:52:7d:ea:64:43:5f:3c:40:47:92:5b:ef:8f: 0f:5a:3c:cd:48:90:87:dc:d7:18:a3:0b:6f:01:7a: 3b:34:fb:a8:41:19:c9:dc:c4:7d:ec:86:c9:fb:6a: 2e:0a:ff:ab:43:f2:3d:b8:b8:53:1f:9e:e3:29:6d: a7:e9:3a:37:fc:5f:5b:2a:e6:c5:00:6e:cb:ab:5b: 4e:a3:df:25:bb:e0:f5:56:10:81:f5:e2:ac:50:c3: 3c:38:c1:8c:33:9f:67:6e:23:95:f6:24:ff:0d:c0: f2:fb:bb:4a:08:d6:d6:30:92:e8:d3:e0:81:3d:4e: ad:6c:e1:e7:95:49:98:f0:39:bb:2c:49:e8:08:1b: 6f:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:AF:A4:A6:D5:14:A6:EF:D0:CF:5A:D0:F6:F1:C4:21:08:CF:DD:82 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5637e746-68a9-4187-b79d-5e4d4b5c348e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da2c:8000::/36 Signature Algorithm: sha256WithRSAEncryption 00:c7:b3:c6:7a:79:28:b6:3d:be:e4:e5:ec:57:41:92:04:94: b7:dd:ee:8e:cc:63:26:d0:6b:10:83:81:5a:29:1e:6e:2c:8d: 2d:9a:cc:2e:9a:ab:25:3f:ed:2b:fe:5d:45:e6:13:2d:31:64: d4:03:52:05:d6:29:fd:69:39:4b:0e:8a:d5:b9:46:63:ef:f2: ab:df:b0:5d:50:b8:c2:a8:7f:d2:cb:d8:ea:c7:1a:a0:1b:ef: fe:0f:46:88:6c:c5:dd:1c:21:a8:62:0f:db:93:08:14:cf:bd: 66:80:d5:5e:1c:07:d0:4e:3d:2f:3b:cb:5e:06:03:c1:69:72: 23:f3:64:9a:ac:83:88:69:9d:0f:6b:8d:11:e7:22:2f:0c:7b: 73:22:05:61:b6:56:de:ad:56:e8:ba:7a:0a:b7:e6:6d:54:4b: df:f5:65:a1:42:37:95:a7:d0:ef:7a:46:0e:7b:27:2b:9f:3c: 6f:58:04:65:db:d7:f2:73:6f:7c:61:52:26:11:c2:ab:48:90: b5:f6:eb:55:4a:7e:3a:c7:40:9c:f4:a9:17:0c:2d:d2:17:2b: 2a:9f:81:53:ff:b6:72:9d:42:97:07:da:c0:93:e0:b5:f3:42: 56:38:88:c6:76:9e:93:1d:14:2b:a0:54:6b:de:11:e2:2c:a9: 72:1a:4e:6d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGKrwc+XqpFhd6Nm3+seWQo2cDF8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE1NTAxMloX DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAMDIxNDQ5MWZhMjA0NzFiMjIwMWJk YTUwZWZkNWY3ZDQ1MzYzMzY1NTRjZGIxOWFmZmJlYTRlMjZjNjQ5NDA5MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14bRTUDHwO4pVco4iH6pGpavEFvx /Pl7UT8ePgns2qnG+7ftzI7w5ltAMeqLpWFciYnf4ssfnYbGCJGFAZ4qoR8cUPhG sYdZS79km+Y6tdEGy84waUbD0mi1FlJjwu2k/QgXEfeis2YFoqe9DQKpj5aTUG8c LsfPGlJ96mRDXzxAR5Jb748PWjzNSJCH3NcYowtvAXo7NPuoQRnJ3MR97IbJ+2ou Cv+rQ/I9uLhTH57jKW2n6To3/F9bKubFAG7Lq1tOo98lu+D1VhCB9eKsUMM8OMGM M59nbiOV9iT/DcDy+7tKCNbWMJLo0+CBPU6tbOHnlUmY8Dm7LEnoCBtvuQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFN+vpKbVFKbv0M9a0PbxxCEIz92CMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU2MzdlNzQ2LTY4YTktNDE4Ny1iNzlkLTVlNGQ0YjVjMzQ4ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaLIAwDQYJKoZIhvcNAQELBQADggEBAADHs8Z6eSi2Pb7k5exX QZIElLfd7o7MYybQaxCDgVopHm4sjS2azC6aqyU/7Sv+XUXmEy0xZNQDUgXWKf1p OUsOitW5RmPv8qvfsF1QuMKof9LL2OrHGqAb7/4PRohsxd0cIahiD9uTCBTPvWaA 1V4cB9BOPS87y14GA8FpciPzZJqsg4hpnQ9rjRHnIi8Me3MiBWG2Vt6tVui6egq3 5m1US9/1ZaFCN5Wn0O96Rg57JyufPG9YBGXb1/Jzb3xhUiYRwqtIkLX261VKfjrH QJz0qRcMLdIXKyqfgVP/tnKdQpcH2sCT4LXzQlY4iMZ2npMdFCugVGveEeIsqXIa Tm0= -----END CERTIFICATE-----Generated at Thu Jul 31 01:02:13 2025 by rpki-client