$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6ab62013-18bf-4521-88c7-45d3708c7675.roa File: 6ab62013-18bf-4521-88c7-45d3708c7675.roa (raw, json) Hash identifier: NgYVKHi7nLimvV+05429QXkdyXp6YhTyibJ4Maltuw8= Subject key identifier: A8:C3:BE:A7:48:11:95:39:48:14:40:2D:12:D0:91:42:EA:B2:78:8A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0339BC02B198D4E9D2A2148B8F648438287D3589 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6ab62013-18bf-4521-88c7-45d3708c7675.roa Signing time: Mon 28 Jul 2025 15:10:47 +0000 ROA not before: Mon 28 Jul 2025 15:10:47 +0000 ROA not after: Mon 01 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:a0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:39:bc:02:b1:98:d4:e9:d2:a2:14:8b:8f:64:84:38:28:7d:35:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 28 15:10:47 2025 GMT Not After : Sep 1 23:59:59 2025 GMT Subject: serialNumber=b1ac3bc1930dcc72625050afa8c993fa3518215ad5c393cfd50040dccb1b8b44, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:47:96:82:18:bb:3b:f3:fd:e4:97:31:47:70: 3f:48:8f:44:1b:ff:a9:14:b1:84:86:51:78:e4:87: c9:1a:8e:c4:66:af:84:47:f2:7f:07:39:38:85:98: 6b:ad:4d:9c:f2:f0:c2:ad:ba:af:c5:d4:21:db:0d: 61:8d:26:b0:40:d6:a8:42:c7:df:72:5c:02:11:96: 1e:dc:79:e9:ed:60:07:61:6a:10:5f:1e:47:b9:73: 86:2e:54:08:46:4e:99:af:4c:e7:78:9b:23:f5:e2: d7:10:6f:84:9b:64:36:75:bb:73:aa:35:0a:6d:10: 91:fa:7f:9c:75:55:81:cb:ba:bd:56:39:19:44:78: ca:f4:d1:78:7b:88:d4:bd:c5:fc:b3:56:72:c0:44: cf:72:f9:fd:6a:37:cc:0d:66:95:1f:26:6b:6f:b3: 29:17:1e:5b:20:77:2a:2d:fd:83:8a:d5:b9:fb:78: b4:09:e9:42:13:87:46:43:1f:ac:fc:58:7b:34:d3: 73:b7:ff:84:ea:9f:21:cc:1c:bd:fc:ea:79:66:5f: d8:cc:8a:06:c9:92:49:8e:6f:df:43:fa:6b:bb:bb: 68:f2:d9:9b:f9:9a:77:87:c7:8f:fa:59:ae:20:9e: ee:52:49:2a:4b:30:6e:f4:92:20:db:25:8d:01:55: 53:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:C3:BE:A7:48:11:95:39:48:14:40:2D:12:D0:91:42:EA:B2:78:8A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6ab62013-18bf-4521-88c7-45d3708c7675.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:a0c0::/48 Signature Algorithm: sha256WithRSAEncryption ac:cc:af:ff:35:ca:a4:58:41:19:7e:a2:80:c1:59:00:7a:03: 2b:88:f8:a5:b5:ff:30:0f:5d:49:46:61:83:8a:ea:53:cf:60: d0:e5:a6:d2:74:fe:77:12:2f:24:99:a2:55:b2:e3:4d:4c:1e: 05:d5:9f:da:d6:4a:97:e3:5e:0c:f9:72:f3:9c:bd:f5:e4:ea: 2e:42:77:33:df:d0:f8:a8:fc:fd:3d:18:40:1b:d4:34:46:0b: 4c:06:90:c6:18:7d:19:ef:94:3c:6e:5f:75:d5:45:41:0d:6b: 36:cc:71:38:ba:7c:6c:90:b2:27:59:f8:5d:68:f3:b6:12:31: 63:01:23:ae:e8:37:ce:a4:e3:a7:8c:e5:41:a3:65:dc:65:cc: 8e:3e:44:a1:19:0d:09:33:a4:53:c0:c3:d8:e5:a1:6c:03:39: f9:b3:cf:42:9c:93:d3:6d:a9:1e:66:e4:6e:c5:0e:b5:3f:9e: bf:98:8e:57:0c:95:20:cb:f3:da:a1:2c:f4:0e:83:7f:5f:42: 26:67:b0:0a:43:c3:81:53:c0:5b:6a:16:bb:1c:a5:e4:8d:82: ff:80:e4:68:0e:ce:df:67:f5:96:fc:66:09:bd:27:84:1f:ba: 2b:a9:52:b5:0d:67:20:fa:98:36:71:0b:90:68:57:ba:77:c0: fb:25:47:75 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUAzm8ArGY1OnSohSLj2SEOCh9NYkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyODE1MTA0N1oX DTI1MDkwMTIzNTk1OVowejFJMEcGA1UEBRNAYjFhYzNiYzE5MzBkY2M3MjYyNTA1 MGFmYThjOTkzZmEzNTE4MjE1YWQ1YzM5M2NmZDUwMDQwZGNjYjFiOGI0NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkeWghi7O/P95JcxR3A/SI9EG/+p FLGEhlF45IfJGo7EZq+ER/J/Bzk4hZhrrU2c8vDCrbqvxdQh2w1hjSawQNaoQsff clwCEZYe3Hnp7WAHYWoQXx5HuXOGLlQIRk6Zr0zneJsj9eLXEG+Em2Q2dbtzqjUK bRCR+n+cdVWBy7q9VjkZRHjK9NF4e4jUvcX8s1ZywETPcvn9ajfMDWaVHyZrb7Mp Fx5bIHcqLf2DitW5+3i0CelCE4dGQx+s/Fh7NNNzt/+E6p8hzBy9/Op5Zl/YzIoG yZJJjm/fQ/pru7to8tmb+Zp3h8eP+lmuIJ7uUkkqSzBu9JIg2yWNAVVTOQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKjDvqdIEZU5SBRALRLQkULqsniKMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZhYjYyMDEzLTE4YmYtNDUyMS04OGM3LTQ1ZDM3MDhjNzY3NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8qDAMA0GCSqGSIb3DQEBCwUAA4IBAQCszK//NcqkWEEZfqKA wVkAegMriPiltf8wD11JRmGDiupTz2DQ5abSdP53Ei8kmaJVsuNNTB4F1Z/a1kqX 414M+XLznL315OouQncz39D4qPz9PRhAG9Q0RgtMBpDGGH0Z75Q8bl911UVBDWs2 zHE4unxskLInWfhdaPO2EjFjASOu6DfOpOOnjOVBo2XcZcyOPkShGQ0JM6RTwMPY 5aFsAzn5s89CnJPTbakeZuRuxQ61P56/mI5XDJUgy/PaoSz0DoN/X0ImZ7AKQ8OB U8Bbaha7HKXkjYL/gORoDs7fZ/WW/GYJvSeEH7orqVK1DWcg+pg2cQuQaFe6d8D7 JUd1 -----END CERTIFICATE-----Generated at Thu Jul 31 01:05:52 2025 by rpki-client