$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/589cd174-ff9f-4468-b434-55095a24f148.roa File: 589cd174-ff9f-4468-b434-55095a24f148.roa (raw, json) Hash identifier: oq7EAvBxL7C7ZOVjUsykoAOTdFJgE7gFKtiueCIkBN0= Subject key identifier: 60:CA:A0:74:87:B6:0E:66:4C:68:FF:D4:44:24:AF:F6:3F:34:EE:E9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 321BE426EF42AFD04228D9EA0389DA03C9692FDF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/589cd174-ff9f-4468-b434-55095a24f148.roa Signing time: Tue 29 Jul 2025 00:01:14 +0000 ROA not before: Tue 29 Jul 2025 00:01:14 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:c020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:1b:e4:26:ef:42:af:d0:42:28:d9:ea:03:89:da:03:c9:69:2f:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:01:14 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=602022d00ff70161a29ec97c69635d236d7a56fcd1f260d5e39447011f57d650, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:7d:84:89:8e:61:3a:0d:a4:88:97:1a:8a:28: 5a:4e:4a:0c:14:9d:6c:56:e6:dd:a8:63:66:af:95: 17:0e:a9:f4:72:81:5f:35:11:c6:93:eb:0d:94:87: ae:5f:02:eb:b2:e8:1b:19:9a:83:62:aa:b9:97:a7: 1f:ee:9c:7b:e5:1b:66:a8:ad:d2:07:8e:7d:7c:73: 6a:61:b7:38:29:85:76:dc:cd:94:93:be:c0:ec:6d: fa:06:8f:a5:69:37:b6:c6:fb:7a:2a:c1:d5:65:b0: a2:84:7e:30:67:49:7c:7c:71:ba:60:6e:95:1c:b3: 05:23:99:05:9b:f6:59:27:c0:0b:8a:60:b2:64:28: 88:e1:f7:6a:da:56:00:19:e2:94:73:cf:bd:22:c1: cf:de:71:e2:f1:ae:d1:2a:90:39:03:57:47:6e:65: b8:a3:ec:04:a2:b1:c2:5b:78:8f:d1:a5:a7:6e:8d: 76:d9:91:3b:32:22:48:4a:cf:c6:45:40:4c:2a:d6: 94:0d:b4:86:c6:cc:1f:00:e4:bd:0f:eb:cd:0e:22: b0:1c:18:8c:b4:68:11:d9:85:12:c8:f5:89:96:fa: cf:63:53:f4:e2:7e:24:38:08:58:03:71:79:87:67: 9b:47:28:f8:65:2e:28:a0:dc:30:04:aa:41:f0:1f: f7:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:CA:A0:74:87:B6:0E:66:4C:68:FF:D4:44:24:AF:F6:3F:34:EE:E9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/589cd174-ff9f-4468-b434-55095a24f148.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:c020::/48 Signature Algorithm: sha256WithRSAEncryption 88:77:e8:c4:70:5d:b2:ec:b3:a6:9c:69:88:2a:b2:05:c7:5d: a5:98:d7:57:f2:23:56:36:a5:8e:74:10:f8:5e:36:13:59:b6: ed:b6:a6:d2:07:b1:9f:7b:4c:83:af:d6:35:59:60:da:fa:18: 8b:0e:22:19:30:68:a4:27:37:de:74:c6:da:74:82:44:45:a3: 09:8c:cb:2f:bc:12:23:75:fb:eb:bf:2c:4d:3d:57:3b:ab:24: e5:03:9a:67:fb:cb:71:b3:a1:f7:f3:ee:e1:a7:bd:33:df:c3: 60:56:f6:bf:50:39:95:d5:f2:c3:e3:bf:b0:8b:f0:7b:30:45: 2b:00:79:30:93:03:0c:95:5a:13:c6:35:02:e5:3a:54:ed:6b: 33:da:85:1a:2d:79:dd:95:93:57:d8:82:13:66:d4:91:7f:75: 5d:56:94:5e:40:90:5a:ac:8f:1c:26:0f:d7:97:a2:3f:30:e2: 5e:6c:65:5a:0b:05:54:36:ff:6e:ff:6f:53:6a:c1:ce:55:3d: e5:ae:22:41:1f:3d:75:86:65:9c:cd:ef:00:3b:a9:b8:b0:23: 71:55:3c:d5:25:4b:04:64:e0:f0:c5:f2:60:3b:80:85:f1:01: 87:73:4e:f5:67:47:b7:a5:61:4b:21:fa:73:7a:f3:da:95:0f: 87:4c:4d:f7 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUMhvkJu9Cr9BCKNnqA4naA8lpL98wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwMDExNFoX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNANjAyMDIyZDAwZmY3MDE2MWEyOWVj OTdjNjk2MzVkMjM2ZDdhNTZmY2QxZjI2MGQ1ZTM5NDQ3MDExZjU3ZDY1MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyn2EiY5hOg2kiJcaiihaTkoMFJ1s VubdqGNmr5UXDqn0coFfNRHGk+sNlIeuXwLrsugbGZqDYqq5l6cf7px75RtmqK3S B459fHNqYbc4KYV23M2Uk77A7G36Bo+laTe2xvt6KsHVZbCihH4wZ0l8fHG6YG6V HLMFI5kFm/ZZJ8ALimCyZCiI4fdq2lYAGeKUc8+9IsHP3nHi8a7RKpA5A1dHbmW4 o+wEorHCW3iP0aWnbo122ZE7MiJISs/GRUBMKtaUDbSGxswfAOS9D+vNDiKwHBiM tGgR2YUSyPWJlvrPY1P04n4kOAhYA3F5h2ebRyj4ZS4ooNwwBKpB8B/3ywIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGDKoHSHtg5mTGj/1EQkr/Y/NO7pMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU4OWNkMTc0LWZmOWYtNDQ2OC1iNDM0LTU1MDk1YTI0ZjE0OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAMAgMA0GCSqGSIb3DQEBCwUAA4IBAQCId+jEcF2y7LOmnGmI KrIFx12lmNdX8iNWNqWOdBD4XjYTWbbttqbSB7Gfe0yDr9Y1WWDa+hiLDiIZMGik JzfedMbadIJERaMJjMsvvBIjdfvrvyxNPVc7qyTlA5pn+8txs6H38+7hp70z38Ng Vva/UDmV1fLD47+wi/B7MEUrAHkwkwMMlVoTxjUC5TpU7Wsz2oUaLXndlZNX2IIT ZtSRf3VdVpReQJBarI8cJg/Xl6I/MOJebGVaCwVUNv9u/29TasHOVT3lriJBHz11 hmWcze8AO6m4sCNxVTzVJUsEZODwxfJgO4CF8QGHc071Z0e3pWFLIfpzevPalQ+H TE33 -----END CERTIFICATE-----Generated at Thu Jul 31 01:04:09 2025 by rpki-client