$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/830802a5-d8f4-4fa8-945f-86772db3ed31.roa File: 830802a5-d8f4-4fa8-945f-86772db3ed31.roa (raw, json) Hash identifier: jknZQpDmNNwnMpOA/R5UeZoRKuZhp41+NvbDK8a5CtM= Subject key identifier: 81:80:B9:2B:43:50:5C:2D:C6:AA:52:95:1B:C5:91:3C:66:A0:7A:98 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 571977AA9049FEEB82CB5AA6A5B90ECBE633C567 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/830802a5-d8f4-4fa8-945f-86772db3ed31.roa Signing time: Fri 25 Jul 2025 00:01:47 +0000 ROA not before: Fri 25 Jul 2025 00:01:47 +0000 ROA not after: Fri 29 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:19:77:aa:90:49:fe:eb:82:cb:5a:a6:a5:b9:0e:cb:e6:33:c5:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 25 00:01:47 2025 GMT Not After : Aug 29 23:59:59 2025 GMT Subject: serialNumber=4625cd7cff30273cf8f077c518bb964e6abcdb4e009d407b1dbcae2b62983767, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:5b:92:42:d6:30:2f:9c:2d:8d:67:5e:71:c5: ab:3f:1d:c7:07:ae:d2:cd:d0:0e:12:92:b0:65:83: 67:72:55:03:78:0f:8c:ff:d5:97:de:2f:c9:49:82: f7:d5:61:b8:d1:98:5f:d0:8e:09:aa:12:3a:ed:92: 3a:52:84:a3:63:bd:48:6e:4d:28:e9:73:2c:24:00: e9:9b:04:8e:e9:17:c4:63:f7:1f:f3:5c:cf:0e:65: 81:2e:e2:5d:81:37:6e:ef:25:d7:76:3a:34:c3:a1: 9e:4d:80:ab:bf:47:71:a6:15:f6:c6:ed:f0:fa:fa: 5a:f9:d9:fa:ec:10:bd:6e:61:95:2b:cd:46:5c:ff: 21:f7:00:24:42:10:6f:d2:82:7c:4f:30:b3:89:fb: fb:3e:1d:aa:17:68:4f:36:2a:d0:65:e7:6c:26:62: c1:77:5d:1f:c3:33:d4:e5:e8:80:56:7e:30:05:c3: 09:91:7a:09:61:e4:f5:be:e3:0d:98:88:dd:60:de: dc:87:cd:d7:c1:92:4c:95:71:53:4a:fd:17:7d:87: 63:07:41:33:ab:31:d2:a9:c0:cd:a5:66:77:67:b6: a7:9d:0b:6a:33:67:eb:e0:76:da:3f:f4:f6:ef:70: 30:7b:5c:60:35:2f:fc:0a:a7:d7:2b:4a:9c:6d:42: 9c:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:80:B9:2B:43:50:5C:2D:C6:AA:52:95:1B:C5:91:3C:66:A0:7A:98 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/830802a5-d8f4-4fa8-945f-86772db3ed31.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:f000::/40 Signature Algorithm: sha256WithRSAEncryption 2f:24:17:59:98:79:53:f9:42:3e:90:a6:88:f0:23:f4:2d:e7: b3:85:fb:bd:3c:c8:17:bc:18:95:b9:5c:53:98:a8:62:d0:4c: 17:f1:ce:4f:66:da:49:9f:0b:dd:e5:14:c9:27:9f:49:35:fa: f4:43:29:d3:82:15:b3:07:4f:9d:7d:1f:d1:53:a8:bc:da:53: 00:64:16:33:17:97:43:a0:91:c0:84:73:92:42:75:42:d8:ff: f6:a1:40:5a:97:5e:8c:49:c8:c5:43:3f:2a:2e:a0:63:ac:16: 22:ae:70:73:37:77:8b:b2:69:b2:2c:ed:db:e9:8e:3e:56:9a: 7c:24:0c:59:43:da:63:d7:e7:75:39:1e:61:44:d0:5f:a4:11: 29:c6:bc:83:db:6e:dd:ff:c9:18:aa:1d:cd:2f:85:a3:21:a1: 77:83:d6:2e:fb:58:72:d8:0a:23:f8:bd:b0:0e:da:2e:0d:cd: 8f:37:2d:d4:f6:e8:62:c0:3f:e7:00:01:d3:48:60:34:8a:49: c5:56:16:3b:a9:ac:1b:6e:8b:d3:4c:65:b7:e8:76:a8:0f:60: 52:34:f4:09:3a:82:99:80:94:28:2b:25:05:64:ea:35:6b:ca: 7a:80:4e:22:d3:b3:a2:19:7b:b6:d4:d7:d5:ee:6c:d9:5b:28: 0d:42:b8:a4 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVxl3qpBJ/uuCy1qmpbkOy+YzxWcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyNTAwMDE0N1oX DTI1MDgyOTIzNTk1OVowejFJMEcGA1UEBRNANDYyNWNkN2NmZjMwMjczY2Y4ZjA3 N2M1MThiYjk2NGU2YWJjZGI0ZTAwOWQ0MDdiMWRiY2FlMmI2Mjk4Mzc2NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVuSQtYwL5wtjWdeccWrPx3HB67S zdAOEpKwZYNnclUDeA+M/9WX3i/JSYL31WG40Zhf0I4JqhI67ZI6UoSjY71Ibk0o 6XMsJADpmwSO6RfEY/cf81zPDmWBLuJdgTdu7yXXdjo0w6GeTYCrv0dxphX2xu3w +vpa+dn67BC9bmGVK81GXP8h9wAkQhBv0oJ8TzCzifv7Ph2qF2hPNirQZedsJmLB d10fwzPU5eiAVn4wBcMJkXoJYeT1vuMNmIjdYN7ch83XwZJMlXFTSv0XfYdjB0Ez qzHSqcDNpWZ3Z7annQtqM2fr4HbaP/T273Awe1xgNS/8CqfXK0qcbUKc+QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIGAuStDUFwtxqpSlRvFkTxmoHqYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzgzMDgwMmE1LWQ4ZjQtNGZhOC05NDVmLTg2NzcyZGIzZWQzMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYPAwDQYJKoZIhvcNAQELBQADggEBAC8kF1mYeVP5Qj6Qpojw I/Qt57OF+708yBe8GJW5XFOYqGLQTBfxzk9m2kmfC93lFMknn0k1+vRDKdOCFbMH T519H9FTqLzaUwBkFjMXl0OgkcCEc5JCdULY//ahQFqXXoxJyMVDPyouoGOsFiKu cHM3d4uyabIs7dvpjj5WmnwkDFlD2mPX53U5HmFE0F+kESnGvIPbbt3/yRiqHc0v haMhoXeD1i77WHLYCiP4vbAO2i4NzY83LdT26GLAP+cAAdNIYDSKScVWFjuprBtu i9NMZbfodqgPYFI09Ak6gpmAlCgrJQVk6jVrynqATiLTs6IZe7bU19XubNlbKA1C uKQ= -----END CERTIFICATE-----Generated at Thu Jul 31 01:02:32 2025 by rpki-client