$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8ca371d9-2153-4053-99ac-1bdc0c4294ab.roa File: 8ca371d9-2153-4053-99ac-1bdc0c4294ab.roa (raw, json) Hash identifier: zBNrgiqxHJaKc58azCxnFVZcAesPUvWqGk+Ye2kLiUo= Subject key identifier: 82:FA:7F:87:60:70:8C:6B:46:48:4B:38:10:5D:D3:B0:4E:9B:FC:DA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 376EE94D9582AAB145359583B6DDF1204A04842D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8ca371d9-2153-4053-99ac-1bdc0c4294ab.roa Signing time: Tue 29 Jul 2025 00:40:23 +0000 ROA not before: Tue 29 Jul 2025 00:40:23 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:8020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:6e:e9:4d:95:82:aa:b1:45:35:95:83:b6:dd:f1:20:4a:04:84:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:40:23 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=377311a368eaa02c10658e9fdc0ac4b927fa62579952d6e49133c9774011c5fd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:81:70:91:81:6c:f1:e3:3f:b1:5f:de:23:ed: ad:d4:78:17:71:8c:60:6d:d6:9c:b4:f0:93:de:7d: 9f:cb:65:8d:f1:b7:0b:c5:63:55:a3:32:fb:33:b8: 96:c6:ee:ce:c9:df:e3:9c:34:c8:26:11:ec:89:8c: 24:2f:25:b6:8a:a9:d1:c1:9f:9d:ce:36:50:b4:f1: a6:f6:83:63:27:a4:f5:25:49:71:21:46:b2:4c:49: 6b:a2:81:b9:39:16:4b:18:d6:d4:84:fc:26:91:65: c3:5f:24:04:9c:7e:c3:d1:be:bd:77:a5:7c:12:ea: b4:71:00:46:e1:df:67:f7:e5:c1:a9:1d:53:1e:5e: ea:4b:72:9b:a5:8c:65:db:20:67:fd:42:d7:a2:82: da:60:8e:f0:3f:83:6c:ac:79:89:1b:76:33:16:2c: 53:b9:12:01:b8:86:86:e6:09:f0:61:10:7e:b2:4f: 03:86:9a:a4:c4:f2:e9:75:81:2c:e4:55:e1:52:9b: 66:79:ea:55:01:8f:06:c6:08:b4:8c:d1:41:f3:53: 3e:16:ea:a0:9a:66:75:1f:14:6d:95:fb:a9:6b:db: a7:1c:9a:4c:de:17:a9:0a:aa:e0:a4:e4:1b:9b:99: 9e:0c:25:ce:e4:8e:fe:92:86:7e:9f:e0:83:88:aa: f5:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:FA:7F:87:60:70:8C:6B:46:48:4B:38:10:5D:D3:B0:4E:9B:FC:DA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8ca371d9-2153-4053-99ac-1bdc0c4294ab.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:8020::/48 Signature Algorithm: sha256WithRSAEncryption 61:29:21:35:35:aa:e2:33:63:4a:03:1d:c8:2f:85:f1:03:bf: 20:9c:24:8f:99:82:59:90:bf:a8:36:05:d0:34:cf:d8:ba:d1: 76:12:fd:65:0c:07:08:d4:40:f9:79:d0:cb:42:c1:03:9a:8b: 07:fa:14:7a:5c:9e:7e:b3:d7:12:02:0d:88:83:b2:f7:58:f7: 07:c1:ca:71:3a:be:08:d4:ce:bf:70:de:65:4d:19:e2:e3:9f: 73:22:23:be:e9:2c:18:66:6e:66:45:49:29:af:55:ac:1f:57: ea:af:f0:66:0a:b5:ef:96:db:81:c7:56:3d:11:cd:70:9b:cb: 4c:bb:66:af:c5:92:57:48:54:28:e8:f8:56:51:b2:92:ae:3e: 29:ee:7c:1d:98:f2:e7:a3:84:60:2b:f9:dc:9c:a0:13:21:51: cf:81:8c:09:94:dc:14:00:90:ea:b7:58:5c:1e:a0:0a:ee:f5: 20:ba:da:c9:87:0b:03:a7:22:4f:cd:c2:a3:4e:fc:84:03:14: 8e:fd:05:bb:90:fb:ba:31:d2:f2:9e:db:c1:17:94:5c:e9:7d: aa:06:15:ed:76:1b:e0:fb:02:21:42:65:7b:05:27:0f:4d:0e: 16:e1:2f:a9:86:9c:13:40:44:e6:69:1a:fd:71:d3:b2:3c:c4: ab:f2:50:a3 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUN27pTZWCqrFFNZWDtt3xIEoEhC0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwNDAyM1oX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNAMzc3MzExYTM2OGVhYTAyYzEwNjU4 ZTlmZGMwYWM0YjkyN2ZhNjI1Nzk5NTJkNmU0OTEzM2M5Nzc0MDExYzVmZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIFwkYFs8eM/sV/eI+2t1HgXcYxg bdactPCT3n2fy2WN8bcLxWNVozL7M7iWxu7Oyd/jnDTIJhHsiYwkLyW2iqnRwZ+d zjZQtPGm9oNjJ6T1JUlxIUayTElrooG5ORZLGNbUhPwmkWXDXyQEnH7D0b69d6V8 Euq0cQBG4d9n9+XBqR1THl7qS3KbpYxl2yBn/ULXooLaYI7wP4NsrHmJG3YzFixT uRIBuIaG5gnwYRB+sk8DhpqkxPLpdYEs5FXhUptmeepVAY8Gxgi0jNFB81M+Fuqg mmZ1HxRtlfupa9unHJpM3hepCqrgpOQbm5meDCXO5I7+koZ+n+CDiKr15wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIL6f4dgcIxrRkhLOBBd07BOm/zaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhjYTM3MWQ5LTIxNTMtNDA1My05OWFjLTFiZGMwYzQyOTRhYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAIAgMA0GCSqGSIb3DQEBCwUAA4IBAQBhKSE1NariM2NKAx3I L4XxA78gnCSPmYJZkL+oNgXQNM/YutF2Ev1lDAcI1ED5edDLQsEDmosH+hR6XJ5+ s9cSAg2Ig7L3WPcHwcpxOr4I1M6/cN5lTRni459zIiO+6SwYZm5mRUkpr1WsH1fq r/BmCrXvltuBx1Y9Ec1wm8tMu2avxZJXSFQo6PhWUbKSrj4p7nwdmPLno4RgK/nc nKATIVHPgYwJlNwUAJDqt1hcHqAK7vUgutrJhwsDpyJPzcKjTvyEAxSO/QW7kPu6 MdLyntvBF5Rc6X2qBhXtdhvg+wIhQmV7BScPTQ4W4S+phpwTQETmaRr9cdOyPMSr 8lCj -----END CERTIFICATE-----Generated at Thu Jul 31 01:03:50 2025 by rpki-client