$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a75b627d-5e8e-43ef-b339-c430dc1dc703.roa File: a75b627d-5e8e-43ef-b339-c430dc1dc703.roa (raw, json) Hash identifier: k0uZFOpPrpxfzlBd8i+R3hAN2T2nE7P1lFGQOY2PxeE= Subject key identifier: 6C:D2:D7:AB:FC:B2:D7:8D:BE:DF:FB:6E:4B:0A:7E:69:08:15:E0:A7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 22C90316E691E973119E201BAB3B41E1EDAD4419 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a75b627d-5e8e-43ef-b339-c430dc1dc703.roa Signing time: Sat 12 Jul 2025 00:01:23 +0000 ROA not before: Sat 12 Jul 2025 00:01:23 +0000 ROA not after: Sat 16 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daef:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:c9:03:16:e6:91:e9:73:11:9e:20:1b:ab:3b:41:e1:ed:ad:44:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 12 00:01:23 2025 GMT Not After : Aug 16 23:59:59 2025 GMT Subject: serialNumber=b9c50633e8650b138c8cbb260b59913dbf0f2dedde9d59a54a2a332768048eb7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:55:35:b8:2f:c1:4b:c3:c1:54:e0:be:c2:22: bc:a1:53:69:ad:ed:05:f9:75:ad:80:48:4a:b7:5d: 0b:03:7f:eb:1a:44:0e:10:8e:87:4c:34:8e:8d:17: 27:ab:d4:d2:7e:20:3b:94:db:9f:be:e9:14:62:f8: bd:21:17:fa:df:4a:40:71:1e:07:25:97:0e:87:1c: 3e:fe:9d:19:f6:46:3a:92:a7:67:f3:8a:4f:6f:5b: 36:f6:68:c5:cb:af:4e:5d:fa:06:bc:31:2d:64:fb: 25:c4:86:40:3c:27:8b:1c:2a:75:f8:bd:49:42:73: 43:2e:9d:1b:e4:41:42:75:28:5b:97:ff:5c:f7:77: 22:24:42:18:ea:6a:05:79:94:71:03:02:e9:8e:09: 16:5e:da:98:38:9a:41:4a:5b:94:de:d3:ca:64:77: d6:e1:dd:08:9d:ab:b5:d6:06:08:13:e7:97:2d:7b: 9a:15:62:c8:44:1a:06:56:16:97:b0:48:f9:a9:b3: 28:7c:1a:0a:ed:21:2c:16:26:0b:36:07:77:d2:75: 80:95:18:22:a3:fe:6b:6e:b9:d7:ea:51:a7:29:a3: ea:8c:0b:2b:c2:c5:b8:91:4d:aa:7c:80:46:16:da: f8:c1:2e:4d:2d:a0:e8:49:71:06:5f:c3:4d:33:8b: 59:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:D2:D7:AB:FC:B2:D7:8D:BE:DF:FB:6E:4B:0A:7E:69:08:15:E0:A7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a75b627d-5e8e-43ef-b339-c430dc1dc703.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:800::/40 Signature Algorithm: sha256WithRSAEncryption 74:47:96:87:a4:26:52:86:8e:ef:27:3e:73:d7:b7:a9:c1:93: 18:b9:eb:d8:00:0a:f2:b9:cb:84:32:23:fd:51:f2:ca:3a:66: 0d:df:51:67:62:e8:79:3b:9f:8b:dd:22:8b:20:32:21:02:d7: eb:ca:13:44:90:d1:c2:50:17:ba:9b:47:57:0d:6b:54:fa:ec: 40:ad:7a:9b:a7:20:29:f5:e5:83:5c:59:23:6f:51:a6:61:0c: 4b:1e:e4:47:ce:13:c6:df:64:30:24:c4:9b:a0:5b:07:da:1e: 9f:e1:c6:cf:7d:a9:98:cf:e9:5b:3f:78:c5:af:0c:4c:c7:0c: a9:33:db:22:b9:84:36:1c:96:c6:4b:da:fa:0e:35:c3:54:06: cf:8a:ae:b3:ee:ef:e8:e0:66:f0:e2:e7:d7:9c:17:e9:f7:33: b2:3c:3c:ff:a9:6e:51:86:b6:08:ab:14:6f:53:70:dd:f9:f8: 95:35:3a:81:bf:fb:88:02:0c:a1:8d:06:97:b0:2c:97:67:b6: 8e:9a:4a:97:f6:65:5d:75:a7:79:e9:7c:d4:97:41:34:38:19: 06:ce:7f:22:4d:e2:50:57:75:b0:e5:22:6d:22:78:e0:83:f8: 51:89:c4:b9:54:39:83:f2:a2:33:02:f1:a0:d1:9b:e3:16:f2: d4:1c:55:be -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIskDFuaR6XMRniAbqztB4e2tRBkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcxMjAwMDEyM1oX DTI1MDgxNjIzNTk1OVowejFJMEcGA1UEBRNAYjljNTA2MzNlODY1MGIxMzhjOGNi YjI2MGI1OTkxM2RiZjBmMmRlZGRlOWQ1OWE1NGEyYTMzMjc2ODA0OGViNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVU1uC/BS8PBVOC+wiK8oVNpre0F +XWtgEhKt10LA3/rGkQOEI6HTDSOjRcnq9TSfiA7lNufvukUYvi9IRf630pAcR4H JZcOhxw+/p0Z9kY6kqdn84pPb1s29mjFy69OXfoGvDEtZPslxIZAPCeLHCp1+L1J QnNDLp0b5EFCdShbl/9c93ciJEIY6moFeZRxAwLpjgkWXtqYOJpBSluU3tPKZHfW 4d0Inau11gYIE+eXLXuaFWLIRBoGVhaXsEj5qbMofBoK7SEsFiYLNgd30nWAlRgi o/5rbrnX6lGnKaPqjAsrwsW4kU2qfIBGFtr4wS5NLaDoSXEGX8NNM4tZfQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGzS16v8steNvt/7bksKfmkIFeCnMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E3NWI2MjdkLTVlOGUtNDNlZi1iMzM5LWM0MzBkYzFkYzcwMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7wgwDQYJKoZIhvcNAQELBQADggEBAHRHloekJlKGju8nPnPX t6nBkxi569gACvK5y4QyI/1R8so6Zg3fUWdi6Hk7n4vdIosgMiEC1+vKE0SQ0cJQ F7qbR1cNa1T67ECtepunICn15YNcWSNvUaZhDEse5EfOE8bfZDAkxJugWwfaHp/h xs99qZjP6Vs/eMWvDEzHDKkz2yK5hDYclsZL2voONcNUBs+KrrPu7+jgZvDi59ec F+n3M7I8PP+pblGGtgirFG9TcN35+JU1OoG/+4gCDKGNBpewLJdnto6aSpf2ZV11 p3npfNSXQTQ4GQbOfyJN4lBXdbDlIm0ieOCD+FGJxLlUOYPyojMC8aDRm+MW8tQc Vb4= -----END CERTIFICATE-----Generated at Thu Jul 31 00:58:47 2025 by rpki-client