$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5e2e2a48-a4b5-497a-978d-68330e53db91.roa File: 5e2e2a48-a4b5-497a-978d-68330e53db91.roa (raw, json) Hash identifier: KBNaDCIMd88emoXPqcJ8kwKOr7zB4temc5rV9/+E5nQ= Subject key identifier: A9:F2:45:DA:9A:9E:93:9A:C4:0E:D0:A7:C1:FD:AF:9D:D6:B8:FD:C7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 347649734AC3D2E11C00AC400E939781E9F3E246 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5e2e2a48-a4b5-497a-978d-68330e53db91.roa Signing time: Sat 12 Jul 2025 00:00:05 +0000 ROA not before: Sat 12 Jul 2025 00:00:05 +0000 ROA not after: Sat 16 Aug 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:76:49:73:4a:c3:d2:e1:1c:00:ac:40:0e:93:97:81:e9:f3:e2:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 12 00:00:05 2025 GMT Not After : Aug 16 23:59:59 2025 GMT Subject: serialNumber=d7db2ee200b1092911cb01c700c0522aa9e8e5a7bf1616aadb4619dbd4723e7d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:3a:0d:3f:4f:05:4c:62:a3:dc:f6:ad:29:2f: 8b:6c:25:fd:c3:16:b7:2a:66:c8:7d:ab:2f:f2:04: c7:31:ac:b3:46:fb:40:a2:62:c9:4c:21:3c:52:39: 64:0a:ce:d9:be:09:7f:21:a5:ea:73:74:ca:fe:f3: b9:ef:17:67:32:b8:ab:09:82:8e:a1:18:2d:b4:f8: 19:aa:fb:b3:79:60:53:d2:f9:43:95:07:cd:ce:e6: 0a:ef:37:1a:bc:02:20:5d:50:3d:0c:c2:b6:65:68: 76:5b:47:75:1b:e6:ec:0b:77:0e:db:72:b9:7c:76: ad:e6:58:9e:37:54:74:8b:da:e0:c7:80:c4:82:b0: 5f:ff:ea:24:7d:1b:07:6e:e5:29:e1:9e:94:39:91: 4b:f2:70:ff:a6:b0:a5:d9:9b:17:ae:38:34:e2:14: 2e:12:b8:bf:23:c5:ec:0d:c5:82:24:13:d5:69:73: bc:56:77:b9:54:45:c2:03:8d:86:ee:04:e3:f6:63: 7d:36:98:14:ca:4a:90:e9:cb:63:63:61:68:0d:20: 59:6a:22:1c:49:36:ff:92:42:26:87:40:23:08:de: af:19:a2:b1:b4:f7:94:07:d0:17:10:72:8c:a8:7a: 69:13:56:e4:ac:c4:c0:d0:54:4b:f9:2f:bd:db:7a: ba:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:F2:45:DA:9A:9E:93:9A:C4:0E:D0:A7:C1:FD:AF:9D:D6:B8:FD:C7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5e2e2a48-a4b5-497a-978d-68330e53db91.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:f000::/40 Signature Algorithm: sha256WithRSAEncryption 6f:45:52:1a:56:83:de:cd:24:30:b7:12:8e:76:5a:31:0e:72: cb:56:0f:75:24:54:83:a5:5a:bc:79:67:39:96:50:aa:7a:22: c1:55:5f:24:ec:fd:2c:c5:08:c2:98:5a:51:84:38:7a:b2:66: f8:e6:e6:c4:cf:3d:37:9b:8a:42:1a:a4:14:a7:99:84:d1:2f: 07:c7:7e:e7:6a:ef:c6:cc:87:3e:e0:d4:d6:f1:22:41:da:e4: a1:57:96:3f:14:3c:d3:ca:04:ee:8d:98:10:91:5c:f3:d3:df: 78:cd:4b:2e:63:7a:cc:59:91:bf:04:00:70:41:d7:7a:5b:db: 6a:77:9c:22:5e:a4:e5:32:6e:0f:88:70:d0:1a:99:13:99:5a: c7:ed:9e:ef:06:43:9f:c8:86:1c:9b:ad:0e:47:ac:29:ff:69: cc:1e:7b:66:f6:c8:ca:3e:49:e8:c4:ef:14:f2:08:0c:b7:46: 10:bb:5d:49:eb:3f:0c:18:ec:5b:43:37:9d:14:bb:22:fb:85: d6:45:b6:45:14:99:52:f0:fb:c7:12:d2:8e:a9:4f:5d:a1:26: 10:30:34:03:72:5c:6d:da:9f:ae:2e:d1:db:d7:fb:8c:60:27: 26:99:e7:ca:65:f0:6d:b4:44:66:e9:7e:02:14:43:5f:df:12: 85:21:69:e3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNHZJc0rD0uEcAKxADpOXgenz4kYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcxMjAwMDAwNVoX DTI1MDgxNjIzNTk1OVowejFJMEcGA1UEBRNAZDdkYjJlZTIwMGIxMDkyOTExY2Iw MWM3MDBjMDUyMmFhOWU4ZTVhN2JmMTYxNmFhZGI0NjE5ZGJkNDcyM2U3ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4joNP08FTGKj3PatKS+LbCX9wxa3 KmbIfasv8gTHMayzRvtAomLJTCE8UjlkCs7Zvgl/IaXqc3TK/vO57xdnMrirCYKO oRgttPgZqvuzeWBT0vlDlQfNzuYK7zcavAIgXVA9DMK2ZWh2W0d1G+bsC3cO23K5 fHat5lieN1R0i9rgx4DEgrBf/+okfRsHbuUp4Z6UOZFL8nD/prCl2ZsXrjg04hQu Eri/I8XsDcWCJBPVaXO8Vne5VEXCA42G7gTj9mN9NpgUykqQ6ctjY2FoDSBZaiIc STb/kkImh0AjCN6vGaKxtPeUB9AXEHKMqHppE1bkrMTA0FRL+S+923q6/wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKnyRdqanpOaxA7Qp8H9r53WuP3HMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVlMmUyYTQ4LWE0YjUtNDk3YS05NzhkLTY4MzMwZTUzZGI5MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7/AwDQYJKoZIhvcNAQELBQADggEBAG9FUhpWg97NJDC3Eo52 WjEOcstWD3UkVIOlWrx5ZzmWUKp6IsFVXyTs/SzFCMKYWlGEOHqyZvjm5sTPPTeb ikIapBSnmYTRLwfHfudq78bMhz7g1NbxIkHa5KFXlj8UPNPKBO6NmBCRXPPT33jN Sy5jesxZkb8EAHBB13pb22p3nCJepOUybg+IcNAamROZWsftnu8GQ5/IhhybrQ5H rCn/acwee2b2yMo+SejE7xTyCAy3RhC7XUnrPwwY7FtDN50UuyL7hdZFtkUUmVLw +8cS0o6pT12hJhAwNANyXG3an64u0dvX+4xgJyaZ58pl8G20RGbpfgIUQ1/fEoUh aeM= -----END CERTIFICATE-----Generated at Thu Jul 31 01:00:21 2025 by rpki-client