$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a41ae715-9e63-4e83-af61-a9364bcaac32.roa File: a41ae715-9e63-4e83-af61-a9364bcaac32.roa (raw, json) Hash identifier: 7dbzQ5YFl3KSsPzjayPRQsSsn7e37Ek92JfAcFVANt4= Subject key identifier: 5B:A2:73:6C:EA:DE:31:FE:A9:18:C0:FC:91:9F:FD:47:42:0A:13:D2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 331671713323C3F27F4A358F2080CADCEB9B793C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a41ae715-9e63-4e83-af61-a9364bcaac32.roa Signing time: Fri 25 Jul 2025 00:01:44 +0000 ROA not before: Fri 25 Jul 2025 00:01:44 +0000 ROA not after: Fri 29 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:16:71:71:33:23:c3:f2:7f:4a:35:8f:20:80:ca:dc:eb:9b:79:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 25 00:01:44 2025 GMT Not After : Aug 29 23:59:59 2025 GMT Subject: serialNumber=db4985051f32dbd391606cb25e7d6d57ef68380cacaa6fe523c4e32dfd55b35a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:f2:12:1a:e8:bf:7e:a6:05:21:1b:87:57:cd: 48:9c:41:cb:e2:92:b6:0e:f9:16:c1:03:e3:bf:c7: 1e:23:ab:35:2f:47:cb:6a:aa:26:a3:56:56:48:41: 36:1e:e6:81:b3:d5:de:3d:6e:fe:bb:6c:2b:a3:82: 8c:bb:fa:a7:ec:de:89:0b:b4:28:e9:14:03:e7:24: bd:d3:ee:29:75:34:7b:50:f2:c3:fd:77:1f:bd:f0: 07:c4:f1:f4:53:02:b1:b7:70:49:c6:2a:4f:4e:b0: 64:c0:66:f5:09:96:c6:af:5c:5a:8b:f4:6e:fe:f4: 3a:5b:2b:2b:7e:7e:cf:10:10:97:97:b8:95:52:e0: 03:be:cb:5e:9c:d7:d9:95:54:d4:7f:a4:26:ad:e8: 65:4a:6a:f3:2e:31:01:c6:4b:36:40:c2:08:f5:42: 1d:a9:e8:e8:90:d1:24:52:76:aa:f8:dc:78:84:f1: 34:0d:6d:56:50:8a:07:53:be:e2:8f:21:15:06:1c: 64:d0:a2:20:3a:f6:f1:92:24:e9:c1:88:f3:1c:aa: d4:7e:b4:56:c2:7f:c6:4f:b2:2e:a2:5f:54:78:59: 70:2e:24:b9:99:bc:42:7e:f7:59:a1:7a:20:8b:6e: 14:92:ca:39:ae:4e:af:0e:d8:23:87:75:8e:81:58: 0c:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:A2:73:6C:EA:DE:31:FE:A9:18:C0:FC:91:9F:FD:47:42:0A:13:D2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a41ae715-9e63-4e83-af61-a9364bcaac32.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60::/32 Signature Algorithm: sha256WithRSAEncryption 3e:9b:25:29:87:48:a9:61:7b:af:c7:53:96:d5:24:99:83:36: 38:38:29:58:63:e9:cb:2c:e4:12:34:04:a7:b1:14:b8:7b:25: 82:e7:fe:76:9b:6d:30:fe:c5:c5:04:4b:cc:cc:76:05:1b:20: 72:6e:bc:e8:ea:ac:7c:2e:08:48:c2:18:a9:a8:bc:60:22:28: 51:21:e6:e2:61:84:b5:b2:92:8e:07:55:d5:70:5e:70:28:07: 87:7e:81:5a:84:61:59:ff:68:00:b1:ea:51:61:8b:71:8f:26: 3a:c0:14:f2:9a:70:1e:ad:4a:45:fa:ba:f3:09:71:ad:32:bb: ef:74:e5:8d:98:e9:2c:4c:64:f3:52:03:18:ef:81:d1:37:c0: 70:47:e8:15:95:ee:e0:d3:ac:52:cb:8c:a2:1c:4a:2c:00:77: 3a:b2:c5:39:e4:d3:9a:36:b7:84:fc:c2:25:73:fa:7d:a1:0b: ba:f7:6f:aa:08:ea:95:c3:00:1d:65:d9:d2:43:ef:c1:ea:6e: 65:65:cd:9f:ee:ce:56:1c:39:6b:78:4d:41:a3:d8:6d:7f:87: fe:9c:48:b2:29:60:57:20:a3:1e:50:3d:8f:b2:bf:5f:0a:9f: 92:82:3a:f4:f8:e5:62:df:3f:80:28:d8:d1:1b:48:f9:d6:08: 0b:d8:10:73 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUMxZxcTMjw/J/SjWPIIDK3OubeTwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyNTAwMDE0NFoX DTI1MDgyOTIzNTk1OVowejFJMEcGA1UEBRNAZGI0OTg1MDUxZjMyZGJkMzkxNjA2 Y2IyNWU3ZDZkNTdlZjY4MzgwY2FjYWE2ZmU1MjNjNGUzMmRmZDU1YjM1YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/ISGui/fqYFIRuHV81InEHL4pK2 DvkWwQPjv8ceI6s1L0fLaqomo1ZWSEE2HuaBs9XePW7+u2wro4KMu/qn7N6JC7Qo 6RQD5yS90+4pdTR7UPLD/XcfvfAHxPH0UwKxt3BJxipPTrBkwGb1CZbGr1xai/Ru /vQ6Wysrfn7PEBCXl7iVUuADvstenNfZlVTUf6QmrehlSmrzLjEBxks2QMII9UId qejokNEkUnaq+Nx4hPE0DW1WUIoHU77ijyEVBhxk0KIgOvbxkiTpwYjzHKrUfrRW wn/GT7Iuol9UeFlwLiS5mbxCfvdZoXogi24Ukso5rk6vDtgjh3WOgVgMUQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFFuic2zq3jH+qRjA/JGf/UdCChPSMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E0MWFlNzE1LTllNjMtNGU4My1hZjYxLWE5MzY0YmNhYWMzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbaYDANBgkqhkiG9w0BAQsFAAOCAQEAPpslKYdIqWF7r8dTltUk mYM2ODgpWGPpyyzkEjQEp7EUuHslguf+dpttMP7FxQRLzMx2BRsgcm686OqsfC4I SMIYqai8YCIoUSHm4mGEtbKSjgdV1XBecCgHh36BWoRhWf9oALHqUWGLcY8mOsAU 8ppwHq1KRfq68wlxrTK773TljZjpLExk81IDGO+B0TfAcEfoFZXu4NOsUsuMohxK LAB3OrLFOeTTmja3hPzCJXP6faELuvdvqgjqlcMAHWXZ0kPvwepuZWXNn+7OVhw5 a3hNQaPYbX+H/pxIsilgVyCjHlA9j7K/XwqfkoI69PjlYt8/gCjY0RtI+dYIC9gQ cw== -----END CERTIFICATE-----Generated at Thu Jul 31 01:00:40 2025 by rpki-client