$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a0d0474f-3a63-4312-ba91-4caeffc8b819.roa File: a0d0474f-3a63-4312-ba91-4caeffc8b819.roa (raw, json) Hash identifier: mQyne6QqAyt5sUpzDOrxDtx7No14kBCnJozstRu55ME= Subject key identifier: D6:06:74:77:D5:1C:7B:7C:A2:15:E4:FF:D0:EB:5C:EF:0E:EA:D5:D8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 18E23879E28325E1EBAACD6346578247D6A7CA21 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a0d0474f-3a63-4312-ba91-4caeffc8b819.roa Signing time: Mon 07 Jul 2025 15:11:19 +0000 ROA not before: Mon 07 Jul 2025 15:11:19 +0000 ROA not after: Mon 11 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:4800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:e2:38:79:e2:83:25:e1:eb:aa:cd:63:46:57:82:47:d6:a7:ca:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 7 15:11:19 2025 GMT Not After : Aug 11 23:59:59 2025 GMT Subject: serialNumber=c080d52b0d8b6ed5ab13d475672dac30c95ae51f76e4ab099f7dedac3a38e256, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:6f:4b:b7:05:10:6d:0a:5a:e7:fc:c7:b0:fb: d7:69:c0:e0:22:f6:86:d4:6d:95:b5:3a:61:3c:10: 92:49:49:7d:2c:5c:cd:51:04:56:c8:bd:f1:b5:d6: 12:ad:96:fe:c6:bf:49:44:90:cf:4e:bd:0b:30:35: d9:e7:55:70:f2:75:48:51:72:6f:72:ce:02:99:dd: bd:a1:cf:74:8e:9a:dc:92:2a:08:42:fb:53:72:45: b6:f2:07:2e:65:85:b4:c6:e0:ab:a8:b6:87:7c:dd: 12:8d:a1:2e:d3:ca:3e:e3:c6:db:dc:1d:19:17:da: 40:8a:35:03:62:08:eb:5d:c7:32:5a:87:0f:bb:27: e5:27:6a:0f:44:ef:75:2c:01:fe:80:3c:44:4b:92: 8c:c7:f3:06:06:c7:2e:77:ef:32:96:be:36:f9:e6: 19:6f:d8:37:3b:f4:42:61:ab:78:60:da:54:dc:84: 85:39:c4:e3:94:ce:5c:40:f3:03:f8:13:a3:b1:a0: 7f:f7:0d:09:bc:86:a8:ce:06:0b:31:94:2d:05:72: 68:59:cd:40:8b:b2:78:86:ba:c5:3a:15:45:cf:90: 72:77:d2:4c:89:7e:be:8e:76:3e:57:37:a8:ca:21: ce:66:8e:29:5d:51:98:60:94:e8:e0:3e:91:de:1d: 2f:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:06:74:77:D5:1C:7B:7C:A2:15:E4:FF:D0:EB:5C:EF:0E:EA:D5:D8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a0d0474f-3a63-4312-ba91-4caeffc8b819.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:4800::/40 Signature Algorithm: sha256WithRSAEncryption c3:4c:50:5e:08:57:dd:d4:6d:55:36:fe:88:cb:00:84:43:3b: e1:74:cd:b5:80:a1:5d:39:05:bc:4c:54:61:d3:dc:e3:4e:3f: 34:01:cb:18:41:c9:db:4c:d5:e4:6d:6b:bc:89:7f:42:a3:8a: 14:1c:68:fd:8c:5c:ea:db:43:8b:c9:c0:ee:94:f5:2c:57:51: 71:1e:4c:7a:fb:b5:d7:5a:b5:67:fd:e9:01:6c:07:f3:d5:27: e6:69:21:d5:b1:f8:41:ac:01:3f:b7:d9:ce:ff:ab:3b:89:82: 3a:fc:80:32:5e:c2:7a:99:47:69:e4:b0:5f:61:54:5c:d8:16: 2d:84:b0:08:68:19:0e:a4:08:53:bd:46:d9:06:81:5c:64:37: 3c:5a:dc:ff:61:8e:49:a1:81:82:f7:df:45:f2:24:b0:46:d1: 2d:c5:76:ad:8b:f9:aa:61:a1:30:27:0e:b3:0c:08:c7:dc:16: 38:cf:57:93:32:93:8e:c8:17:fd:1c:b9:66:7b:87:e7:b9:11: cc:8f:56:e4:b2:fd:53:d8:5f:87:61:1c:c4:5b:cc:f9:9a:cb: 8e:36:10:a3:af:b3:cc:a0:18:91:19:87:ae:89:a5:0d:79:00: b4:7f:81:6b:16:d2:b5:f2:8d:b5:ff:fe:a2:53:ba:bd:0a:fc: 77:0a:d4:69 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGOI4eeKDJeHrqs1jRleCR9anyiEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE1MTExOVoX DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAYzA4MGQ1MmIwZDhiNmVkNWFiMTNk NDc1NjcyZGFjMzBjOTVhZTUxZjc2ZTRhYjA5OWY3ZGVkYWMzYTM4ZTI1NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzm9LtwUQbQpa5/zHsPvXacDgIvaG 1G2VtTphPBCSSUl9LFzNUQRWyL3xtdYSrZb+xr9JRJDPTr0LMDXZ51Vw8nVIUXJv cs4Cmd29oc90jprckioIQvtTckW28gcuZYW0xuCrqLaHfN0SjaEu08o+48bb3B0Z F9pAijUDYgjrXccyWocPuyflJ2oPRO91LAH+gDxES5KMx/MGBscud+8ylr42+eYZ b9g3O/RCYat4YNpU3ISFOcTjlM5cQPMD+BOjsaB/9w0JvIaozgYLMZQtBXJoWc1A i7J4hrrFOhVFz5Byd9JMiX6+jnY+VzeoyiHOZo4pXVGYYJTo4D6R3h0v5QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNYGdHfVHHt8ohXk/9DrXO8O6tXYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EwZDA0NzRmLTNhNjMtNDMxMi1iYTkxLTRjYWVmZmM4YjgxOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacEgwDQYJKoZIhvcNAQELBQADggEBAMNMUF4IV93UbVU2/ojL AIRDO+F0zbWAoV05BbxMVGHT3ONOPzQByxhBydtM1eRta7yJf0KjihQcaP2MXOrb Q4vJwO6U9SxXUXEeTHr7tddatWf96QFsB/PVJ+ZpIdWx+EGsAT+32c7/qzuJgjr8 gDJewnqZR2nksF9hVFzYFi2EsAhoGQ6kCFO9RtkGgVxkNzxa3P9hjkmhgYL330Xy JLBG0S3Fdq2L+aphoTAnDrMMCMfcFjjPV5Myk47IF/0cuWZ7h+e5EcyPVuSy/VPY X4dhHMRbzPmay442EKOvs8ygGJEZh66JpQ15ALR/gWsW0rXyjbX//qJTur0K/HcK 1Gk= -----END CERTIFICATE-----Generated at Thu Jul 31 01:02:35 2025 by rpki-client