$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9b388e43-5501-4c94-b15f-b02861508541.roa File: 9b388e43-5501-4c94-b15f-b02861508541.roa (raw, json) Hash identifier: 5SmT9W2/8FrreVKUIRF9nSKkS5xNnmhREA0SZGq5GLU= Subject key identifier: 1E:18:1C:AC:97:84:6B:E5:E5:A6:34:69:E6:E8:DF:D5:AC:3D:64:35 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 726D1506EBB78E8F79675D51C756679E56E0F25D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9b388e43-5501-4c94-b15f-b02861508541.roa Signing time: Mon 28 Jul 2025 15:11:15 +0000 ROA not before: Mon 28 Jul 2025 15:11:15 +0000 ROA not after: Mon 01 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:48c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:6d:15:06:eb:b7:8e:8f:79:67:5d:51:c7:56:67:9e:56:e0:f2:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 28 15:11:15 2025 GMT Not After : Sep 1 23:59:59 2025 GMT Subject: serialNumber=d38290fe63a5f3a0f90a473616fb80f126e70b2fb2ba17c84bca4ec60a1b46f8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:f9:73:b8:41:ac:39:04:dc:8d:db:d2:44:fc: 75:fa:b7:32:de:71:16:d3:07:69:a4:a3:10:9d:9c: 5b:7a:72:bd:b2:ad:09:c6:6b:60:79:12:47:34:b1: 86:e7:16:c4:5d:0b:da:37:a3:19:d2:38:fd:23:ed: a7:3c:f8:da:5f:60:b1:ef:33:c5:b5:37:6c:33:0c: 86:cd:4b:08:6e:c0:28:3a:89:2d:e5:5b:5b:5f:8f: 8c:66:f6:5d:a3:7f:a7:e8:03:84:1a:5d:87:54:c6: c1:d7:7b:81:11:2b:a0:d0:04:61:44:92:2f:70:1b: 6f:67:f3:9d:26:db:09:cf:02:97:9c:c2:72:bc:a3: ce:3f:73:8b:c2:56:50:9f:98:30:67:38:28:a9:84: 5e:04:0c:1f:c1:31:d6:ab:2c:da:27:21:0b:a2:b1: 28:01:d0:60:08:e0:41:44:2c:31:0a:16:f7:a1:83: 10:3a:69:0c:9c:86:72:65:bc:b2:51:81:68:f9:79: ae:b6:a4:0c:87:50:ca:7d:52:3b:d2:a0:79:15:67: a0:73:a1:96:09:d3:0e:a2:b7:9c:0b:bc:ff:b9:bf: 12:9f:7a:ee:e8:68:a0:13:0b:f9:e5:03:8e:8f:a3: c1:7a:6e:a9:af:7b:53:cb:80:9a:31:4b:70:95:0b: fb:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:18:1C:AC:97:84:6B:E5:E5:A6:34:69:E6:E8:DF:D5:AC:3D:64:35 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9b388e43-5501-4c94-b15f-b02861508541.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:48c0::/48 Signature Algorithm: sha256WithRSAEncryption 36:c2:70:7e:ec:dc:e1:84:b9:d3:49:71:d0:c3:9e:c8:57:9a: de:54:01:34:2c:4a:68:b2:f3:20:df:28:71:20:4c:16:c6:a1: f9:fe:0b:1c:7b:70:8e:b0:47:ba:81:93:0c:68:a5:fe:20:6b: 9d:67:c2:2e:00:d1:66:ab:b5:73:49:63:3a:25:c6:d6:5e:d0: e2:cf:af:f2:b8:86:5d:36:cc:7a:54:a1:91:22:66:bc:bb:56: 1d:6f:4a:4c:9e:21:af:06:04:be:c7:a7:78:57:92:0c:b2:8f: fe:9e:c1:6b:b6:6c:06:c8:22:2e:f6:60:31:ec:27:7d:76:77: 95:d3:ef:72:4e:ad:04:61:0d:a2:62:24:be:f0:4d:93:35:d1: a7:1e:44:92:7a:c2:28:5c:4b:27:ab:e2:e0:24:e4:b9:b1:0e: 79:33:5a:e5:9c:bc:08:e4:15:74:96:d5:d2:3e:a5:0c:6e:b8: 41:c4:2b:79:15:76:e3:fb:14:e5:56:59:cf:93:5d:b5:9b:3c: b7:9b:2a:7e:35:3d:49:e1:c9:4c:b6:0e:c8:f8:d0:77:b6:75: 2f:82:a5:a3:6b:44:cc:77:ed:72:a9:f5:13:fe:47:d3:3d:c1: 36:1d:9d:a0:7a:3b:d1:48:e7:58:57:e0:65:26:75:3c:d7:cf: 15:71:a1:95 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUcm0VBuu3jo95Z11Rx1Znnlbg8l0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyODE1MTExNVoX DTI1MDkwMTIzNTk1OVowejFJMEcGA1UEBRNAZDM4MjkwZmU2M2E1ZjNhMGY5MGE0 NzM2MTZmYjgwZjEyNmU3MGIyZmIyYmExN2M4NGJjYTRlYzYwYTFiNDZmODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/lzuEGsOQTcjdvSRPx1+rcy3nEW 0wdppKMQnZxbenK9sq0JxmtgeRJHNLGG5xbEXQvaN6MZ0jj9I+2nPPjaX2Cx7zPF tTdsMwyGzUsIbsAoOokt5VtbX4+MZvZdo3+n6AOEGl2HVMbB13uBESug0ARhRJIv cBtvZ/OdJtsJzwKXnMJyvKPOP3OLwlZQn5gwZzgoqYReBAwfwTHWqyzaJyELorEo AdBgCOBBRCwxChb3oYMQOmkMnIZyZbyyUYFo+XmutqQMh1DKfVI70qB5FWegc6GW CdMOorecC7z/ub8Sn3ru6GigEwv55QOOj6PBem6pr3tTy4CaMUtwlQv77QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFB4YHKyXhGvl5aY0aebo39WsPWQ1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzliMzg4ZTQzLTU1MDEtNGM5NC1iMTVmLWIwMjg2MTUwODU0MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYUjAMA0GCSqGSIb3DQEBCwUAA4IBAQA2wnB+7NzhhLnTSXHQ w57IV5reVAE0LEposvMg3yhxIEwWxqH5/gsce3COsEe6gZMMaKX+IGudZ8IuANFm q7VzSWM6JcbWXtDiz6/yuIZdNsx6VKGRIma8u1Ydb0pMniGvBgS+x6d4V5IMso/+ nsFrtmwGyCIu9mAx7Cd9dneV0+9yTq0EYQ2iYiS+8E2TNdGnHkSSesIoXEsnq+Lg JOS5sQ55M1rlnLwI5BV0ltXSPqUMbrhBxCt5FXbj+xTlVlnPk121mzy3myp+NT1J 4clMtg7I+NB3tnUvgqWja0TMd+1yqfUT/kfTPcE2HZ2gejvRSOdYV+BlJnU8188V caGV -----END CERTIFICATE-----Generated at Thu Jul 31 01:05:48 2025 by rpki-client