$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/743b890a-7e61-4b72-82d0-b83a580809c5.roa File: 743b890a-7e61-4b72-82d0-b83a580809c5.roa (raw, json) Hash identifier: xlcr4Jz4N4BDYCjo8CHZRuF6hO53avr5PQ9saxY3PGo= Subject key identifier: 5E:AB:04:CF:D2:70:95:73:17:FA:37:3B:2A:7D:A2:B3:73:2A:E8:C4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6E13740682A1B4E5560A08DF440FB7DDB82590DE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/743b890a-7e61-4b72-82d0-b83a580809c5.roa Signing time: Sat 12 Jul 2025 00:00:09 +0000 ROA not before: Sat 12 Jul 2025 00:00:09 +0000 ROA not after: Sat 16 Aug 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:13:74:06:82:a1:b4:e5:56:0a:08:df:44:0f:b7:dd:b8:25:90:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 12 00:00:09 2025 GMT Not After : Aug 16 23:59:59 2025 GMT Subject: serialNumber=93bfd356b6b5a357dd49ae53b9682c729881b1d7f62e9646635b13179946b2f6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:87:d8:a2:35:f4:47:b2:ee:5c:d8:e0:db:9f: 52:c5:c6:65:da:1f:4e:b9:41:28:77:ef:40:f3:89: 7f:9c:e0:58:b9:1f:c2:20:76:b9:ac:15:ea:27:ba: 02:d1:94:6f:6b:18:21:1a:a8:24:5b:30:ae:9c:d1: 5d:0a:5f:e0:6b:16:6a:dc:0e:54:5a:48:b7:d6:6e: b0:05:66:b9:29:93:86:75:37:f5:da:8c:bb:db:51: 18:05:68:14:ff:60:18:7a:c3:01:4b:14:e9:ae:82: a8:36:5b:bd:c1:5b:2b:0e:8e:57:c1:0a:e7:68:04: 0d:01:11:fa:69:54:73:38:ea:0d:fc:10:18:ab:e9: a7:2a:3c:9b:a8:17:c2:f9:12:a6:f5:0f:50:5f:75: c1:d0:a4:eb:56:b6:2f:05:1e:e1:95:08:77:13:4e: 82:ce:87:f6:9e:90:5c:86:05:28:91:fd:7a:2a:22: 89:5b:45:5a:72:12:56:bf:65:f2:8b:61:9f:35:4d: 28:10:eb:3b:4b:57:1d:1c:8b:e8:7b:d7:87:cb:01: 5e:1a:67:2c:2d:8a:40:9c:b4:2f:c5:69:80:ae:ae: d8:a0:7f:92:42:96:53:f7:f5:5b:e6:4b:02:f5:b6: 2e:cd:92:cb:d0:58:12:9f:44:08:cf:ab:5d:d6:7d: 58:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:AB:04:CF:D2:70:95:73:17:FA:37:3B:2A:7D:A2:B3:73:2A:E8:C4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/743b890a-7e61-4b72-82d0-b83a580809c5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:8800::/40 Signature Algorithm: sha256WithRSAEncryption 04:7f:0b:5e:db:b2:1a:5c:b5:37:19:80:ec:96:d9:bd:d6:75: fe:4a:a0:cf:b4:7a:39:c2:c6:fd:80:c6:4d:28:a9:10:b5:cc: f5:f0:7e:2a:99:6e:88:cf:26:40:5e:bd:31:ab:6f:3b:9a:5f: 02:36:fa:c7:28:88:ac:d9:67:8a:7a:bc:33:24:a5:8b:f4:6a: a0:9d:24:1f:e8:68:4f:aa:e9:32:3a:02:c7:d0:f1:21:d1:2d: a4:34:9d:cb:ec:df:14:70:7e:3d:8c:3f:e6:a4:d8:6b:29:3f: e8:7c:d4:36:33:69:bf:36:4d:f6:28:38:55:09:cc:0c:70:85: 9d:9c:08:58:ca:52:28:ad:57:99:8f:a4:57:77:89:c7:76:a6: e6:ab:83:03:bf:ec:c0:19:d4:a1:2f:14:ad:24:10:77:39:cc: 9e:b6:52:02:73:cf:84:39:da:8c:fc:75:6c:10:4c:03:24:1a: 47:bd:f9:94:85:1b:c5:43:e7:60:7b:08:63:94:c3:55:82:05: 31:b7:84:53:cb:81:83:54:65:f2:7b:7f:cb:3c:0e:83:d9:f4: 7f:76:af:63:1f:a9:8d:7c:a7:2e:2f:ff:3e:92:67:a3:df:25: 02:60:46:77:d7:81:53:4d:97:34:11:1d:bb:0c:d4:54:8f:75: 3c:9e:bb:f5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbhN0BoKhtOVWCgjfRA+33bglkN4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcxMjAwMDAwOVoX DTI1MDgxNjIzNTk1OVowejFJMEcGA1UEBRNAOTNiZmQzNTZiNmI1YTM1N2RkNDlh ZTUzYjk2ODJjNzI5ODgxYjFkN2Y2MmU5NjQ2NjM1YjEzMTc5OTQ2YjJmNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4fYojX0R7LuXNjg259SxcZl2h9O uUEod+9A84l/nOBYuR/CIHa5rBXqJ7oC0ZRvaxghGqgkWzCunNFdCl/gaxZq3A5U Wki31m6wBWa5KZOGdTf12oy721EYBWgU/2AYesMBSxTproKoNlu9wVsrDo5XwQrn aAQNARH6aVRzOOoN/BAYq+mnKjybqBfC+RKm9Q9QX3XB0KTrVrYvBR7hlQh3E06C zof2npBchgUokf16KiKJW0VachJWv2Xyi2GfNU0oEOs7S1cdHIvoe9eHywFeGmcs LYpAnLQvxWmArq7YoH+SQpZT9/Vb5ksC9bYuzZLL0FgSn0QIz6td1n1Y7wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFF6rBM/ScJVzF/o3Oyp9orNzKujEMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc0M2I4OTBhLTdlNjEtNGI3Mi04MmQwLWI4M2E1ODA4MDljNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba74gwDQYJKoZIhvcNAQELBQADggEBAAR/C17bshpctTcZgOyW 2b3Wdf5KoM+0ejnCxv2Axk0oqRC1zPXwfiqZbojPJkBevTGrbzuaXwI2+scoiKzZ Z4p6vDMkpYv0aqCdJB/oaE+q6TI6AsfQ8SHRLaQ0ncvs3xRwfj2MP+ak2GspP+h8 1DYzab82TfYoOFUJzAxwhZ2cCFjKUiitV5mPpFd3icd2puargwO/7MAZ1KEvFK0k EHc5zJ62UgJzz4Q52oz8dWwQTAMkGke9+ZSFG8VD52B7CGOUw1WCBTG3hFPLgYNU ZfJ7f8s8DoPZ9H92r2MfqY18py4v/z6SZ6PfJQJgRnfXgVNNlzQRHbsM1FSPdTye u/U= -----END CERTIFICATE-----Generated at Thu Jul 31 01:00:15 2025 by rpki-client