$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/94aecf12-a0a8-43cd-b24c-37950ef5429d.roa File: 94aecf12-a0a8-43cd-b24c-37950ef5429d.roa (raw, json) Hash identifier: 6yo+FQV9bQdpreLTCx/ARt3RbjSw1hcJSuDLDy1K5OQ= Subject key identifier: FB:DA:06:22:7E:29:63:32:A6:07:E0:13:B7:DC:58:0B:91:CA:16:9C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6418D0AEE35664DBA7760910409FD70D36DC417C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/94aecf12-a0a8-43cd-b24c-37950ef5429d.roa Signing time: Tue 22 Jul 2025 00:00:38 +0000 ROA not before: Tue 22 Jul 2025 00:00:38 +0000 ROA not after: Tue 26 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da27::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:18:d0:ae:e3:56:64:db:a7:76:09:10:40:9f:d7:0d:36:dc:41:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 22 00:00:38 2025 GMT Not After : Aug 26 23:59:59 2025 GMT Subject: serialNumber=6498cfccf55662835e56b9124829a3d604be9047ba5892e48857358300c1d864, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:67:51:6f:22:e7:d5:ab:8b:4f:09:d2:d6:74: ee:9d:3e:52:1d:fd:ed:bc:31:77:b4:52:25:09:4b: 4f:11:66:46:f9:eb:75:b0:1d:46:63:05:97:76:9f: ad:c3:2a:f9:c1:30:f4:a0:08:42:09:a2:71:5b:58: f0:a7:86:fb:5f:1f:7f:3d:a2:ce:1b:70:69:99:ab: 75:c3:fa:9b:0a:66:26:92:d8:cb:ca:79:ea:27:45: cf:61:f0:90:44:7d:0a:e6:58:f3:0c:2e:12:fb:8b: 6f:81:ae:0d:0c:f0:64:d2:65:29:58:44:87:b2:a0: c9:d0:77:81:d6:ff:c2:6a:01:1f:de:85:36:66:0d: f2:35:ab:30:3a:b4:83:d1:2e:22:7e:71:39:a6:d6: 57:e7:5a:a0:35:24:42:75:86:c1:19:8b:8e:93:9d: f5:9d:61:ad:f1:c8:09:ae:73:cd:a7:5b:0d:48:13: 47:14:09:44:ba:8a:51:d2:dd:6a:04:1c:70:1e:3a: 61:ce:21:f3:37:39:97:ff:63:b2:dd:e9:0a:36:6e: cb:b0:55:95:07:8c:f4:c4:4f:11:e7:52:c8:0b:53: 4e:76:c1:f8:af:23:27:3c:6a:99:62:76:37:22:58: b8:fb:99:d3:5e:c3:66:39:6d:a9:3b:9a:da:8b:d6: 1d:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:DA:06:22:7E:29:63:32:A6:07:E0:13:B7:DC:58:0B:91:CA:16:9C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/94aecf12-a0a8-43cd-b24c-37950ef5429d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da27::/36 Signature Algorithm: sha256WithRSAEncryption 9f:c0:76:ef:94:a5:85:88:8a:fa:11:e8:66:77:b1:10:9c:99: 63:31:62:7a:83:4a:63:9e:6c:41:60:55:f5:2b:b9:0b:c4:49: 57:f9:01:a6:01:c7:cf:26:23:0f:7d:3d:1f:5f:3a:5b:05:ad: eb:54:e8:db:9a:47:a0:fd:1f:4e:e5:51:0c:24:44:ff:5d:30: 7a:3c:c8:06:fc:39:02:d6:f9:ba:23:e5:bf:f9:ec:7a:90:24: d9:6f:2f:9f:7c:e5:c2:d9:6b:c1:4c:78:17:9b:4f:de:1b:89: de:6b:ed:44:82:33:4d:a0:42:7c:f3:54:86:17:39:d3:f2:3a: 96:db:cd:6e:2f:11:51:bd:b2:8a:62:8f:6a:ac:07:33:67:e9: 2f:72:45:a5:50:54:2d:18:70:e0:ce:db:2a:45:fb:2e:6b:96: 48:ea:af:be:be:8a:84:bd:fe:fe:3f:b8:4e:62:47:64:c4:72: 57:22:77:f7:89:e0:1f:8b:9e:05:60:37:39:72:eb:a6:72:04: f8:ba:86:ac:cd:2d:a1:29:5d:24:09:75:36:e9:bf:6c:5f:dd: eb:b3:f5:2b:b7:20:14:8f:39:40:9f:74:d0:b5:03:a4:43:69: 4e:8f:e7:bd:3a:2a:a4:4f:e3:cb:13:c4:02:5e:83:48:19:96: 2e:25:6a:09 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZBjQruNWZNundgkQQJ/XDTbcQXwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMjAwMDAzOFoX DTI1MDgyNjIzNTk1OVowejFJMEcGA1UEBRNANjQ5OGNmY2NmNTU2NjI4MzVlNTZi OTEyNDgyOWEzZDYwNGJlOTA0N2JhNTg5MmU0ODg1NzM1ODMwMGMxZDg2NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2dRbyLn1auLTwnS1nTunT5SHf3t vDF3tFIlCUtPEWZG+et1sB1GYwWXdp+twyr5wTD0oAhCCaJxW1jwp4b7Xx9/PaLO G3Bpmat1w/qbCmYmktjLynnqJ0XPYfCQRH0K5ljzDC4S+4tvga4NDPBk0mUpWESH sqDJ0HeB1v/CagEf3oU2Zg3yNaswOrSD0S4ifnE5ptZX51qgNSRCdYbBGYuOk531 nWGt8cgJrnPNp1sNSBNHFAlEuopR0t1qBBxwHjphziHzNzmX/2Oy3ekKNm7LsFWV B4z0xE8R51LIC1NOdsH4ryMnPGqZYnY3Ili4+5nTXsNmOW2pO5rai9YdLwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPvaBiJ+KWMypgfgE7fcWAuRyhacMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk0YWVjZjEyLWEwYTgtNDNjZC1iMjRjLTM3OTUwZWY1NDI5ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaJwAwDQYJKoZIhvcNAQELBQADggEBAJ/Adu+UpYWIivoR6GZ3 sRCcmWMxYnqDSmOebEFgVfUruQvESVf5AaYBx88mIw99PR9fOlsFretU6NuaR6D9 H07lUQwkRP9dMHo8yAb8OQLW+boj5b/57HqQJNlvL5985cLZa8FMeBebT94bid5r 7USCM02gQnzzVIYXOdPyOpbbzW4vEVG9sopij2qsBzNn6S9yRaVQVC0YcODO2ypF +y5rlkjqr76+ioS9/v4/uE5iR2TEclcid/eJ4B+LngVgNzly66ZyBPi6hqzNLaEp XSQJdTbpv2xf3euz9Su3IBSPOUCfdNC1A6RDaU6P5706KqRP48sTxAJeg0gZli4l agk= -----END CERTIFICATE-----Generated at Thu Jul 31 00:58:24 2025 by rpki-client