$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2e0f9ff-5b8b-4b59-8bde-9f8617cadc06.roa File: a2e0f9ff-5b8b-4b59-8bde-9f8617cadc06.roa (raw, json) Hash identifier: 6iRPTbBgjNoSErLniKPsDYlCXe+9CZpNUiwtSxbhn54= Subject key identifier: 6A:1F:0C:09:66:00:B1:C0:25:01:F8:08:52:FF:BB:AD:17:DE:4A:FA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 05128ECC132474DD0630A57CE0345A83F2EE624D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2e0f9ff-5b8b-4b59-8bde-9f8617cadc06.roa Signing time: Tue 29 Jul 2025 00:41:51 +0000 ROA not before: Tue 29 Jul 2025 00:41:51 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:4010::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:12:8e:cc:13:24:74:dd:06:30:a5:7c:e0:34:5a:83:f2:ee:62:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:41:51 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=3128cecea54071947a28e5f9038a7a98865cf36a4d91fd5e0422a0db9c20c96e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:5d:ce:f3:4d:95:a7:77:7f:6f:38:2f:8b:49: 5f:d8:68:ea:af:cc:be:68:0c:6c:f4:a8:4b:9a:28: e8:29:82:d5:bb:fd:1b:9d:eb:c8:c9:17:7d:6e:8d: 64:3e:b1:47:b6:84:f6:b8:03:b5:da:fc:43:47:78: 11:a9:31:a4:b2:32:17:fb:73:ad:c3:2b:d6:46:1f: 63:95:5f:d6:87:65:e2:d1:01:c3:42:95:6c:85:1a: 3f:8d:66:dd:b3:3b:1b:89:77:63:a6:04:66:6e:9f: b3:e3:ff:ba:be:19:87:a1:c2:2c:b0:bf:09:ce:b2: a0:23:3f:a2:05:49:6f:f0:8a:ff:76:e1:25:64:36: bd:3f:42:f3:38:e7:03:3c:54:93:af:1d:f8:18:e4: 71:7f:77:01:79:67:02:f6:c5:0b:c6:2d:86:1c:ba: f8:08:2e:ff:7d:ca:34:49:5e:31:6b:9b:5b:21:c6: c1:f0:84:2a:d2:56:bf:85:94:4e:13:71:76:ef:c6: 5f:5f:0d:a9:a5:f2:96:56:37:eb:48:c1:5a:60:6d: 55:cc:65:89:be:2c:7d:73:74:7e:5d:73:46:d5:6b: 6f:7d:1a:90:85:94:2b:41:7b:a0:3e:8d:94:a6:2d: 4e:57:19:5e:48:37:41:48:5b:4a:31:db:d3:31:a4: 76:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:1F:0C:09:66:00:B1:C0:25:01:F8:08:52:FF:BB:AD:17:DE:4A:FA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2e0f9ff-5b8b-4b59-8bde-9f8617cadc06.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:4010::/48 Signature Algorithm: sha256WithRSAEncryption be:7f:4e:70:6b:c8:47:3f:64:28:84:f7:0f:bc:cc:84:b5:3d: ea:ed:72:37:b0:4d:6b:71:a7:f7:5c:a0:2e:73:11:8e:68:3c: cb:21:b9:ad:1b:e7:43:27:67:de:38:0e:82:2e:69:ee:b9:bb: ac:48:7f:5c:be:9a:3e:eb:38:5e:36:93:a3:80:02:9d:bf:41: ac:1c:a5:2d:2f:5b:7d:b0:5a:3c:3a:d3:1f:4d:35:8c:9b:04: 9b:1a:67:95:71:64:10:93:9f:40:6d:c3:51:d8:01:26:f6:07: a0:1b:7d:e9:20:c6:ff:e6:04:f9:34:8f:e3:28:f0:2e:06:ac: 8b:20:dc:c6:8d:89:09:58:31:45:18:4c:b3:2f:fb:c9:48:36: dc:54:fd:22:7e:4d:b4:45:6e:cf:c1:68:01:9f:30:88:74:82: ea:0c:26:02:dd:f7:f5:43:b8:5b:06:c4:0f:f2:cb:fb:d0:f7: 8d:49:f8:7a:5a:a0:c4:81:a7:55:34:df:96:d6:3d:2d:23:2a: b4:e9:31:f7:6d:34:48:25:57:fc:6b:b8:7a:88:bb:d7:11:ca: 83:f2:12:4a:54:13:dc:29:cc:4c:35:08:c6:42:ae:0c:45:21: 3f:9d:94:0b:cc:c9:75:44:89:a0:1e:5b:01:cc:e5:32:9f:78: 10:a7:a0:0e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUBRKOzBMkdN0GMKV84DRag/LuYk0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwNDE1MVoX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNAMzEyOGNlY2VhNTQwNzE5NDdhMjhl NWY5MDM4YTdhOTg4NjVjZjM2YTRkOTFmZDVlMDQyMmEwZGI5YzIwYzk2ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzF3O802Vp3d/bzgvi0lf2Gjqr8y+ aAxs9KhLmijoKYLVu/0bnevIyRd9bo1kPrFHtoT2uAO12vxDR3gRqTGksjIX+3Ot wyvWRh9jlV/Wh2Xi0QHDQpVshRo/jWbdszsbiXdjpgRmbp+z4/+6vhmHocIssL8J zrKgIz+iBUlv8Ir/duElZDa9P0LzOOcDPFSTrx34GORxf3cBeWcC9sULxi2GHLr4 CC7/fco0SV4xa5tbIcbB8IQq0la/hZROE3F278ZfXw2ppfKWVjfrSMFaYG1VzGWJ vix9c3R+XXNG1WtvfRqQhZQrQXugPo2Upi1OVxleSDdBSFtKMdvTMaR28QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGofDAlmALHAJQH4CFL/u60X3kr6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EyZTBmOWZmLTViOGItNGI1OS04YmRlLTlmODYxN2NhZGMwNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAEAQMA0GCSqGSIb3DQEBCwUAA4IBAQC+f05wa8hHP2QohPcP vMyEtT3q7XI3sE1rcaf3XKAucxGOaDzLIbmtG+dDJ2feOA6CLmnuubusSH9cvpo+ 6zheNpOjgAKdv0GsHKUtL1t9sFo8OtMfTTWMmwSbGmeVcWQQk59AbcNR2AEm9geg G33pIMb/5gT5NI/jKPAuBqyLINzGjYkJWDFFGEyzL/vJSDbcVP0ifk20RW7PwWgB nzCIdILqDCYC3ff1Q7hbBsQP8sv70PeNSfh6WqDEgadVNN+W1j0tIyq06TH3bTRI JVf8a7h6iLvXEcqD8hJKVBPcKcxMNQjGQq4MRSE/nZQLzMl1RImgHlsBzOUyn3gQ p6AO -----END CERTIFICATE-----Generated at Thu Jul 31 00:58:26 2025 by rpki-client