$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a78bbd2b-4153-482f-a036-7e819539104c.roa File: a78bbd2b-4153-482f-a036-7e819539104c.roa (raw, json) Hash identifier: EAoa3wFS8VTZB8h/36KvyzofYXAOyIy/FhU4i/cBIRM= Subject key identifier: AA:1D:4B:D1:78:43:85:21:E3:A6:F7:2C:63:7D:CF:B7:95:24:73:9F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6F5A571E45412D394EB2097C3E5B65321CDD59F1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a78bbd2b-4153-482f-a036-7e819539104c.roa Signing time: Mon 28 Jul 2025 15:20:06 +0000 ROA not before: Mon 28 Jul 2025 15:20:06 +0000 ROA not after: Mon 01 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:4800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:5a:57:1e:45:41:2d:39:4e:b2:09:7c:3e:5b:65:32:1c:dd:59:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 28 15:20:06 2025 GMT Not After : Sep 1 23:59:59 2025 GMT Subject: serialNumber=19e071180bebb06dba939923f8255210482cd69b025cfad3be9dfa5d81209a3a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:bf:f0:97:e6:b7:77:2d:a9:29:b9:f1:36:3c: d6:c7:22:6b:d9:82:a2:ba:2d:e1:86:f3:17:11:59: 3a:82:35:13:aa:ff:a1:d6:00:d7:d9:f3:66:28:62: 57:b7:8d:69:5d:6a:2e:06:a7:7e:71:d9:03:92:9e: 58:78:88:37:45:90:c8:c8:cb:ff:b7:9f:ec:b4:a5: 1c:e9:7d:ea:b0:0d:eb:1e:a7:ee:d7:6e:00:cb:66: 58:0f:4e:b6:87:0e:b3:2e:f2:6b:1c:59:6e:ff:d2: 4d:1f:0a:d3:be:57:d9:87:eb:c7:5e:bb:5f:e0:e7: cc:85:bc:c5:6a:5a:4b:04:4e:a5:bf:51:42:8a:6d: 87:5d:d6:de:29:3a:f1:1f:9c:b5:15:4f:f8:51:b6: 2c:88:5f:df:a5:31:17:7e:de:5e:61:45:cc:2c:e5: a7:40:34:96:c8:2c:6f:63:68:a7:26:dd:bf:ca:65: e0:71:cd:25:97:56:b9:be:a0:42:c9:67:66:34:b6: ed:98:10:30:4e:9e:e5:3f:61:0c:40:e8:bc:58:fd: f9:50:cb:5e:0d:38:b1:61:8f:2f:5b:38:84:48:47: 65:92:3a:e1:1e:7b:e6:fb:ce:7a:b0:58:94:b5:b2: 90:5a:e3:9b:5e:1f:cb:a6:0a:ff:37:e5:e8:24:1b: 8b:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:1D:4B:D1:78:43:85:21:E3:A6:F7:2C:63:7D:CF:B7:95:24:73:9F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a78bbd2b-4153-482f-a036-7e819539104c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:4800::/40 Signature Algorithm: sha256WithRSAEncryption 1d:37:48:b1:55:f7:82:4f:08:85:68:a8:40:6d:94:7a:06:50: a0:7a:a2:09:50:e7:c6:12:c9:17:5d:3e:46:1b:33:d3:0b:c7: 8a:4c:ca:6e:4b:e7:c8:a0:f1:26:fd:ea:c0:35:b7:f4:d5:a4: c9:c4:fc:c7:90:c1:0d:13:33:ca:24:e2:c4:02:4a:d3:9c:a3: be:44:6c:d4:0f:aa:a7:29:65:93:10:5d:07:62:40:f8:26:b3: 90:9c:0f:34:0a:14:f0:44:53:84:a0:5a:f8:5c:89:00:5a:ee: d1:c7:09:ca:2e:82:24:8a:9f:5f:c9:1b:0e:aa:4f:d0:52:64: bd:b8:6f:3e:44:56:04:bf:8b:28:22:b3:d9:6c:22:dc:d7:94: 28:ef:28:4d:9e:2e:8b:b4:89:c4:96:79:6e:a8:34:dc:5d:07: f2:9a:5a:a3:42:57:bf:e7:1a:a2:75:8b:98:1f:24:e3:e0:f2: 83:c3:d2:b3:d7:16:c9:b9:9e:db:d2:e9:53:11:11:f6:17:a0: 43:14:50:d0:38:cb:a3:97:c8:06:1a:e9:98:7b:04:14:a0:11: ed:b5:06:d6:ef:b8:00:4b:f2:38:20:07:b5:e0:14:93:19:ba: f4:fc:0b:1f:d9:f6:e5:6d:62:04:51:91:cb:96:c4:36:e4:94: 0a:b4:ba:56 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUb1pXHkVBLTlOsgl8PltlMhzdWfEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyODE1MjAwNloX DTI1MDkwMTIzNTk1OVowejFJMEcGA1UEBRNAMTllMDcxMTgwYmViYjA2ZGJhOTM5 OTIzZjgyNTUyMTA0ODJjZDY5YjAyNWNmYWQzYmU5ZGZhNWQ4MTIwOWEzYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvb/wl+a3dy2pKbnxNjzWxyJr2YKi ui3hhvMXEVk6gjUTqv+h1gDX2fNmKGJXt41pXWouBqd+cdkDkp5YeIg3RZDIyMv/ t5/stKUc6X3qsA3rHqfu124Ay2ZYD062hw6zLvJrHFlu/9JNHwrTvlfZh+vHXrtf 4OfMhbzFalpLBE6lv1FCim2HXdbeKTrxH5y1FU/4UbYsiF/fpTEXft5eYUXMLOWn QDSWyCxvY2inJt2/ymXgcc0ll1a5vqBCyWdmNLbtmBAwTp7lP2EMQOi8WP35UMte DTixYY8vWziESEdlkjrhHnvm+856sFiUtbKQWuObXh/Lpgr/N+XoJBuL6QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKodS9F4Q4Uh46b3LGN9z7eVJHOfMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E3OGJiZDJiLTQxNTMtNDgyZi1hMDM2LTdlODE5NTM5MTA0Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8kgwDQYJKoZIhvcNAQELBQADggEBAB03SLFV94JPCIVoqEBt lHoGUKB6oglQ58YSyRddPkYbM9MLx4pMym5L58ig8Sb96sA1t/TVpMnE/MeQwQ0T M8ok4sQCStOco75EbNQPqqcpZZMQXQdiQPgms5CcDzQKFPBEU4SgWvhciQBa7tHH CcougiSKn1/JGw6qT9BSZL24bz5EVgS/iygis9lsItzXlCjvKE2eLou0icSWeW6o NNxdB/KaWqNCV7/nGqJ1i5gfJOPg8oPD0rPXFsm5ntvS6VMREfYXoEMUUNA4y6OX yAYa6Zh7BBSgEe21BtbvuABL8jggB7XgFJMZuvT8Cx/Z9uVtYgRRkcuWxDbklAq0 ulY= -----END CERTIFICATE-----Generated at Thu Jul 31 01:00:20 2025 by rpki-client