$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5e7ad0b0-97f4-4102-b9b3-79840e3344da.roa File: 5e7ad0b0-97f4-4102-b9b3-79840e3344da.roa (raw, json) Hash identifier: Whi4LGuAUbDWRHwtk5CFjUkiKY1JUzityVbJvibdDsU= Subject key identifier: B5:B5:43:63:48:C1:3C:C7:E1:86:C0:E4:B8:46:28:D5:4D:7A:3C:A3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7DC2B33AB75CE1D85D5CE3CE704B7E9B668D2110 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5e7ad0b0-97f4-4102-b9b3-79840e3344da.roa Signing time: Fri 15 Aug 2025 00:00:12 +0000 ROA not before: Fri 15 Aug 2025 00:00:12 +0000 ROA not after: Fri 19 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:28c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 00:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:c2:b3:3a:b7:5c:e1:d8:5d:5c:e3:ce:70:4b:7e:9b:66:8d:21:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 15 00:00:12 2025 GMT Not After : Sep 19 23:59:59 2025 GMT Subject: serialNumber=9b6d53d78876a63cb5f0ede55acfa15da1ad4a9bd1eb4379924d661c3628dd1b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:e8:07:82:e6:c1:1c:6b:87:ba:55:35:78:38: fd:b8:07:63:f0:86:ae:52:bd:36:28:57:d3:b2:cc: a0:c1:8b:34:07:93:18:35:55:77:35:98:cf:44:4f: ee:eb:a5:2e:0b:2f:4c:7c:c2:8d:21:a2:1c:16:2b: e2:01:d0:37:a7:37:25:7b:1b:4a:3a:1e:f1:25:a4: 1e:26:9a:5f:19:f3:50:81:c5:02:48:3d:66:dd:89: 13:66:78:d0:65:d6:50:d5:a9:6a:97:23:ab:e6:5a: 7b:34:14:19:2e:63:ba:22:d1:5c:e4:e6:38:6f:00: da:33:05:56:db:91:9a:a6:4f:98:6f:89:7b:da:4f: d0:af:51:d6:14:b5:5c:6f:bd:e3:13:a4:1f:a3:a6: 0b:2c:2a:63:cb:fc:dd:f4:3f:9a:17:b9:7a:92:80: bd:2c:ee:f0:2d:7a:10:59:37:d9:06:68:e2:98:d0: 91:c7:ae:84:0e:ee:df:18:e9:ba:e1:c9:88:c6:29: 37:8b:e4:8a:72:1a:da:52:90:9a:11:37:90:ec:73: 1b:13:28:2b:38:cc:2e:01:bb:0a:42:91:c6:43:cd: e6:ce:12:7d:de:7e:9c:b6:c9:6a:b4:d3:6c:71:d9: 76:df:ac:95:48:f0:f0:6e:ad:98:d2:d7:2f:04:e7: 21:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:B5:43:63:48:C1:3C:C7:E1:86:C0:E4:B8:46:28:D5:4D:7A:3C:A3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5e7ad0b0-97f4-4102-b9b3-79840e3344da.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:28c0::/46 Signature Algorithm: sha256WithRSAEncryption 64:b7:f2:f4:a3:f9:c5:76:2e:a5:4b:a9:31:8b:76:5c:97:f5: 83:ec:32:cd:67:68:d5:12:89:f3:cb:ff:de:b0:92:a8:7c:cb: bb:a9:7d:1b:11:17:94:28:c2:14:1e:71:52:cc:d0:f3:3f:01: 90:99:07:5c:e4:04:7a:66:5c:19:71:c0:a6:f4:8b:e1:88:51: 36:25:8a:dd:10:81:00:11:01:b1:77:65:26:5a:e1:29:1f:b5: 94:f7:13:9c:65:38:b9:ae:cf:a9:73:04:7a:06:d2:6b:d2:f8: 99:aa:7a:0b:7c:2d:05:f2:d5:7c:f8:7f:b9:28:52:94:a8:4c: 98:48:48:c4:bc:bc:d9:6b:7b:18:4b:8a:46:e0:4c:90:04:8e: 4a:ce:27:dc:53:f3:98:21:c8:21:ac:ab:de:6b:8d:38:9b:47: 64:aa:87:c2:59:32:15:aa:a6:ae:f2:d6:7d:07:d4:8b:4e:84: 22:eb:63:12:bd:96:e3:f1:28:bd:6c:52:6b:e7:39:5d:e1:ee: aa:43:78:95:20:c9:c4:8e:18:58:77:d3:eb:55:05:0a:25:6c: d3:7b:45:1c:fc:c7:da:5c:d6:b2:fd:cc:68:43:bc:f4:f9:26: 2b:18:d6:6c:78:0b:0f:da:9c:5c:9b:74:0c:dd:69:6b:05:07: 65:1d:d7:62 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUfcKzOrdc4dhdXOPOcEt+m2aNIRAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxNTAwMDAxMloX DTI1MDkxOTIzNTk1OVowejFJMEcGA1UEBRNAOWI2ZDUzZDc4ODc2YTYzY2I1ZjBl ZGU1NWFjZmExNWRhMWFkNGE5YmQxZWI0Mzc5OTI0ZDY2MWMzNjI4ZGQxYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuegHgubBHGuHulU1eDj9uAdj8Iau Ur02KFfTssygwYs0B5MYNVV3NZjPRE/u66UuCy9MfMKNIaIcFiviAdA3pzclextK Oh7xJaQeJppfGfNQgcUCSD1m3YkTZnjQZdZQ1alqlyOr5lp7NBQZLmO6ItFc5OY4 bwDaMwVW25Gapk+Yb4l72k/Qr1HWFLVcb73jE6Qfo6YLLCpjy/zd9D+aF7l6koC9 LO7wLXoQWTfZBmjimNCRx66EDu7fGOm64cmIxik3i+SKchraUpCaETeQ7HMbEygr OMwuAbsKQpHGQ83mzhJ93n6ctslqtNNscdl236yVSPDwbq2Y0tcvBOch5wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLW1Q2NIwTzH4YbA5LhGKNVNejyjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVlN2FkMGIwLTk3ZjQtNDEwMi1iOWIzLTc5ODQwZTMzNDRkYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba8yjAMA0GCSqGSIb3DQEBCwUAA4IBAQBkt/L0o/nFdi6lS6kx i3Zcl/WD7DLNZ2jVEonzy//esJKofMu7qX0bEReUKMIUHnFSzNDzPwGQmQdc5AR6 ZlwZccCm9IvhiFE2JYrdEIEAEQGxd2UmWuEpH7WU9xOcZTi5rs+pcwR6BtJr0viZ qnoLfC0F8tV8+H+5KFKUqEyYSEjEvLzZa3sYS4pG4EyQBI5KzifcU/OYIcghrKve a404m0dkqofCWTIVqqau8tZ9B9SLToQi62MSvZbj8Si9bFJr5zld4e6qQ3iVIMnE jhhYd9PrVQUKJWzTe0Uc/MfaXNay/cxoQ7z0+SYrGNZseAsP2pxcm3QM3WlrBQdl Hddi -----END CERTIFICATE-----Generated at Wed Aug 20 10:42:48 2025 by rpki-client