$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa File: 996cc3b8-0df0-4f17-97f0-d59aa845427c.roa (raw, json) Hash identifier: ax61cNWdhRH//BolY+OO5yT7ACVsojvINKjl0PLsFfE= Subject key identifier: BF:70:92:9C:FD:8D:21:21:B1:1D:80:88:14:5C:E9:D9:4B:5B:F4:0C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 18800F96A9E5D0CF6822C48F8E7E3AB82BB343D8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa Signing time: Tue 15 Jul 2025 00:00:04 +0000 ROA not before: Tue 15 Jul 2025 00:00:04 +0000 ROA not after: Tue 19 Aug 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da00:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:80:0f:96:a9:e5:d0:cf:68:22:c4:8f:8e:7e:3a:b8:2b:b3:43:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 15 00:00:04 2025 GMT Not After : Aug 19 23:59:59 2025 GMT Subject: serialNumber=381bbc4b1e6e327e692a1c64a6facc1245614c525020843cc1c9e630f31a75ae, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:61:a9:0a:1d:ea:f4:7e:53:5f:11:3d:af:1e: a1:35:71:35:21:96:37:9b:f0:ed:cf:78:8f:0d:fb: 25:64:c0:a9:77:94:65:c3:e3:db:e9:70:c4:89:77: b6:36:89:14:3b:cb:e8:9c:2d:57:72:37:cf:15:ad: 28:9b:55:08:e7:58:82:7d:36:4c:9d:86:a5:1b:2b: a1:ea:6e:c4:3c:6c:3e:b4:12:d2:91:8e:cf:5e:b7: f7:2c:8a:0b:d2:b1:a7:d9:a7:0d:f6:54:bb:9e:37: b7:48:48:f7:2a:25:b4:44:4b:de:bc:4c:66:fc:b2: 6c:c1:03:7c:6d:0e:49:ef:24:e9:fb:c4:fb:71:01: 44:b9:06:9a:51:68:7e:3c:91:db:05:f3:64:87:fb: 21:df:bc:0c:42:c6:b7:8f:de:1f:46:5f:cc:a8:f6: f0:d2:91:c1:2d:2a:ce:03:91:c5:42:32:d0:86:ac: ff:65:c7:a9:4a:66:54:6c:f1:09:a3:f0:d1:9d:9d: 6f:10:12:cc:67:d8:da:f9:09:df:26:f8:57:cf:d5: 83:44:0a:82:30:a5:a8:21:9c:c7:b1:c8:e5:dd:33: 2b:65:27:5c:6b:fc:ba:8b:db:1d:ac:6e:0f:4d:05: 7c:7d:b2:64:e6:bb:58:fb:3a:b2:52:27:a1:75:80: 36:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:70:92:9C:FD:8D:21:21:B1:1D:80:88:14:5C:E9:D9:4B:5B:F4:0C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 0b:c6:7d:91:55:6a:68:60:ee:b8:88:4a:98:c8:94:af:fe:e6: 6f:08:ae:c3:f8:9b:84:07:23:48:67:3f:27:b7:9d:7d:4a:a3: fa:5c:3a:bf:16:c4:23:8c:31:44:de:20:77:f2:c9:96:15:f3: f2:b1:66:0d:2b:0f:68:84:28:bd:6f:d8:b2:3a:69:8a:9c:8b: f5:8c:0a:f0:91:c6:8e:66:47:e0:ae:ec:dc:e8:63:72:4b:8c: e7:4d:eb:f1:52:89:da:66:8f:5e:d6:20:54:7e:5e:36:bf:11: 94:e5:32:58:c9:fb:34:fc:6f:92:9d:c9:20:c7:36:fd:7d:2d: 8c:f5:d9:dc:d7:bb:9f:ea:45:6b:5f:c7:2e:fb:9d:f9:d9:61: 19:0d:07:e9:c8:b7:8b:48:4f:5a:55:20:e1:80:64:dc:27:bb: 48:ad:d0:d0:17:3e:5c:19:68:91:f7:87:e5:31:c0:cc:06:d8: 60:79:6c:ba:1d:5e:52:a8:70:99:96:27:04:0d:f1:86:99:69: 3e:5d:26:74:32:bb:32:09:98:d9:9a:91:07:6f:5f:47:1d:a6: 95:95:fd:36:f8:ec:d6:35:74:12:8a:31:ba:62:0a:c5:01:ec: 35:43:74:bf:80:71:16:50:51:db:1c:4b:c2:06:86:bd:15:e1: b9:2d:0c:e9 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGIAPlqnl0M9oIsSPjn46uCuzQ9gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcxNTAwMDAwNFoX DTI1MDgxOTIzNTk1OVowejFJMEcGA1UEBRNAMzgxYmJjNGIxZTZlMzI3ZTY5MmEx YzY0YTZmYWNjMTI0NTYxNGM1MjUwMjA4NDNjYzFjOWU2MzBmMzFhNzVhZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGGpCh3q9H5TXxE9rx6hNXE1IZY3 m/Dtz3iPDfslZMCpd5Rlw+Pb6XDEiXe2NokUO8vonC1XcjfPFa0om1UI51iCfTZM nYalGyuh6m7EPGw+tBLSkY7PXrf3LIoL0rGn2acN9lS7nje3SEj3KiW0REvevExm /LJswQN8bQ5J7yTp+8T7cQFEuQaaUWh+PJHbBfNkh/sh37wMQsa3j94fRl/MqPbw 0pHBLSrOA5HFQjLQhqz/ZcepSmZUbPEJo/DRnZ1vEBLMZ9ja+QnfJvhXz9WDRAqC MKWoIZzHscjl3TMrZSdca/y6i9sdrG4PTQV8fbJk5rtY+zqyUiehdYA2TwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFL9wkpz9jSEhsR2AiBRc6dlLW/QMMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk5NmNjM2I4LTBkZjAtNGYxNy05N2YwLWQ1OWFhODQ1NDI3Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQALxn2RVWpoYO64iEqY yJSv/uZvCK7D+JuEByNIZz8nt519SqP6XDq/FsQjjDFE3iB38smWFfPysWYNKw9o hCi9b9iyOmmKnIv1jArwkcaOZkfgruzc6GNyS4znTevxUonaZo9e1iBUfl42vxGU 5TJYyfs0/G+Snckgxzb9fS2M9dnc17uf6kVrX8cu+5352WEZDQfpyLeLSE9aVSDh gGTcJ7tIrdDQFz5cGWiR94flMcDMBthgeWy6HV5SqHCZlicEDfGGmWk+XSZ0Mrsy CZjZmpEHb19HHaaVlf02+OzWNXQSijG6YgrFAew1Q3S/gHEWUFHbHEvCBoa9FeG5 LQzp -----END CERTIFICATE-----Generated at Thu Jul 31 01:00:39 2025 by rpki-client