$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ef6ab83-cb4a-4c45-a58b-8383ab2bf4f7.roa File: 9ef6ab83-cb4a-4c45-a58b-8383ab2bf4f7.roa (raw, json) Hash identifier: s9874rjbhpX90edTS6AqqbSJfCKVuh2KJW4wq6n4HNw= Subject key identifier: D2:B2:CF:AF:94:12:AC:67:82:F1:CD:0F:D3:D5:9F:7B:9B:2B:58:F1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 43480BA8674A6E7CE176BE7AE1774D9492DC224F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ef6ab83-cb4a-4c45-a58b-8383ab2bf4f7.roa Signing time: Fri 25 Jul 2025 00:01:09 +0000 ROA not before: Fri 25 Jul 2025 00:01:09 +0000 ROA not after: Fri 29 Aug 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da60:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:48:0b:a8:67:4a:6e:7c:e1:76:be:7a:e1:77:4d:94:92:dc:22:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 25 00:01:09 2025 GMT Not After : Aug 29 23:59:59 2025 GMT Subject: serialNumber=a5d17e435652d6da7334c720efc995eb4f3a20808cb6f7351e62cd40ec97f7f8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:bd:b3:ba:e4:2a:52:6f:d8:db:ef:7a:1f:16: 41:6e:a6:27:75:64:c6:45:f3:91:e4:89:dc:68:3e: ec:5d:82:86:15:4c:2a:fc:a0:24:97:b0:88:a8:29: b8:43:1f:34:ac:7d:f8:4d:9e:f0:56:d4:af:fe:01: 62:d5:db:93:a8:78:23:87:dc:e8:56:d1:63:9a:81: 83:e2:99:1d:8b:a4:f5:81:e6:3e:7f:71:7f:7d:c4: 2b:29:3b:df:27:5e:8b:36:0c:19:9b:98:c6:22:6b: 81:0e:ad:4d:25:5a:7c:cc:97:b8:dd:66:3a:f4:f5: de:be:8c:6d:7d:6c:ca:64:bf:87:32:58:29:57:3e: ab:d3:a2:27:22:b1:8b:f7:4c:5b:12:81:a5:af:77: 20:a0:63:13:a0:c4:c5:eb:25:92:b6:b5:60:90:21: a5:03:33:29:39:41:18:01:d4:de:45:75:b2:0f:6a: 5a:5a:62:62:9d:13:d5:ff:26:c6:52:59:b3:12:48: fa:0f:77:46:28:d0:05:81:b2:bf:e3:e2:b0:ed:49: f4:e0:cc:4d:1e:70:8e:cc:78:67:b2:4f:82:f7:82: 90:35:9a:b0:97:fc:ea:35:30:7a:3c:92:04:a7:63: 52:b0:8b:8e:66:d1:dc:02:1a:9b:d1:6f:f5:42:0f: fe:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:B2:CF:AF:94:12:AC:67:82:F1:CD:0F:D3:D5:9F:7B:9B:2B:58:F1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9ef6ab83-cb4a-4c45-a58b-8383ab2bf4f7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:b000::/40 Signature Algorithm: sha256WithRSAEncryption ca:53:76:6f:26:6b:23:06:6c:13:1b:cf:07:00:42:13:e9:9a: 64:d6:4d:a8:fa:83:88:9d:2e:58:0a:a3:cc:36:91:98:2b:65: 19:97:39:c2:25:b6:a3:34:e1:dc:73:47:79:9a:04:5a:6a:53: 9e:7e:25:3e:00:f9:dc:7a:2a:95:86:c0:d3:fa:92:71:a8:c4: 4e:35:38:a9:c0:92:9f:5c:89:52:3f:cd:4b:05:45:42:27:12: 35:38:77:9c:54:d5:95:59:11:ab:26:d3:04:f7:d0:06:b0:47: fd:f2:87:ee:d6:b1:2d:4a:d1:81:d5:b5:57:22:dc:70:c0:eb: 71:a8:90:32:87:c1:f1:bd:0a:c6:ac:fc:2c:3d:3b:bb:0a:bc: 10:e3:94:b5:32:49:6f:6c:cb:c7:31:3c:70:52:5a:ac:17:e7: 2e:46:58:cb:43:57:24:73:21:e4:c1:24:92:3d:bf:93:db:64: 87:ab:92:af:87:8f:e4:a9:eb:bb:c5:03:27:fc:b6:00:89:f3: 04:e4:11:78:2c:ac:61:d1:b4:bf:b1:4a:a3:4c:b1:b8:68:b9: 7b:a1:db:d5:a5:3f:ad:25:64:74:1a:36:9f:7e:df:cf:34:f0: 08:aa:50:16:86:b8:87:d7:4b:0c:2a:cd:bb:af:5c:91:f7:38: 8d:4f:57:29 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQ0gLqGdKbnzhdr564XdNlJLcIk8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyNTAwMDEwOVoX DTI1MDgyOTIzNTk1OVowejFJMEcGA1UEBRNAYTVkMTdlNDM1NjUyZDZkYTczMzRj NzIwZWZjOTk1ZWI0ZjNhMjA4MDhjYjZmNzM1MWU2MmNkNDBlYzk3ZjdmODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwr2zuuQqUm/Y2+96HxZBbqYndWTG RfOR5IncaD7sXYKGFUwq/KAkl7CIqCm4Qx80rH34TZ7wVtSv/gFi1duTqHgjh9zo VtFjmoGD4pkdi6T1geY+f3F/fcQrKTvfJ16LNgwZm5jGImuBDq1NJVp8zJe43WY6 9PXevoxtfWzKZL+HMlgpVz6r06InIrGL90xbEoGlr3cgoGMToMTF6yWStrVgkCGl AzMpOUEYAdTeRXWyD2paWmJinRPV/ybGUlmzEkj6D3dGKNAFgbK/4+Kw7Un04MxN HnCOzHhnsk+C94KQNZqwl/zqNTB6PJIEp2NSsIuOZtHcAhqb0W/1Qg/+BQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNKyz6+UEqxngvHND9PVn3ubK1jxMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzllZjZhYjgzLWNiNGEtNGM0NS1hNThiLTgzODNhYjJiZjRmNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYLAwDQYJKoZIhvcNAQELBQADggEBAMpTdm8mayMGbBMbzwcA QhPpmmTWTaj6g4idLlgKo8w2kZgrZRmXOcIltqM04dxzR3maBFpqU55+JT4A+dx6 KpWGwNP6knGoxE41OKnAkp9ciVI/zUsFRUInEjU4d5xU1ZVZEasm0wT30AawR/3y h+7WsS1K0YHVtVci3HDA63GokDKHwfG9Csas/Cw9O7sKvBDjlLUySW9sy8cxPHBS WqwX5y5GWMtDVyRzIeTBJJI9v5PbZIerkq+Hj+Sp67vFAyf8tgCJ8wTkEXgsrGHR tL+xSqNMsbhouXuh29WlP60lZHQaNp9+38808AiqUBaGuIfXSwwqzbuvXJH3OI1P Vyk= -----END CERTIFICATE-----Generated at Thu Jul 31 01:00:36 2025 by rpki-client