$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8058c69-4025-477b-844b-ad5268c2470c.roa File: a8058c69-4025-477b-844b-ad5268c2470c.roa (raw, json) Hash identifier: HVsxn+LraIpJBxiFbXf1qVDuJBLUAHesA/N3RiRiK1s= Subject key identifier: 02:1B:6E:B6:56:F5:27:14:AF:F6:FA:33:54:0E:71:12:6D:9C:A3:3A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 032B55E1086C7F4225417FE584E527D354A1EC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8058c69-4025-477b-844b-ad5268c2470c.roa Signing time: Tue 29 Jul 2025 00:01:31 +0000 ROA not before: Tue 29 Jul 2025 00:01:31 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:8840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:2b:55:e1:08:6c:7f:42:25:41:7f:e5:84:e5:27:d3:54:a1:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:01:31 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=e43cd5be3acb5a20bb64cac0c61df94927e5968874f8a7d2febf4125e9406f26, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:22:1a:f8:c2:62:94:66:ad:34:f4:b4:83:52: ee:a2:bb:ce:90:1f:d8:f8:48:58:da:33:eb:9e:8c: 8b:3a:24:c6:e7:42:d8:d4:3a:6c:d1:84:a5:c9:25: b2:0a:4c:eb:13:1f:0c:bc:a0:a4:be:b5:cf:a6:f9: 1a:b0:bb:48:69:3b:69:09:0c:c0:d0:b8:8b:c6:04: cc:d5:d2:2d:57:15:c1:34:f2:1d:b0:18:54:5d:c4: 1d:a2:30:a7:19:3d:64:a9:d3:8e:be:12:e0:ca:e5: 3d:5d:b2:56:d0:04:06:df:33:29:a4:7b:cc:c4:ca: f8:f2:46:63:ff:59:91:db:2f:3a:45:3e:fb:75:87: 98:b2:38:42:fb:9b:c7:ae:f4:d3:3a:0c:71:b4:b7: 4c:10:2a:06:f1:81:e9:31:35:a7:6f:2e:60:29:c5: f4:3c:8a:a5:68:c4:fc:f6:01:f1:64:60:99:7d:4b: 08:89:1f:70:6a:82:f9:5d:6c:46:cd:eb:e5:56:7b: b2:dd:4d:2a:98:92:5f:0c:22:55:0f:8c:a9:6a:e4: f1:55:a6:a7:fd:f5:87:2a:ee:de:75:ba:a8:7f:e5: 2f:10:54:4e:84:33:c8:17:43:3e:fc:e5:e5:cf:21: 88:81:bb:5f:93:dc:79:2b:2d:6b:83:61:49:b4:1a: 93:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:1B:6E:B6:56:F5:27:14:AF:F6:FA:33:54:0E:71:12:6D:9C:A3:3A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8058c69-4025-477b-844b-ad5268c2470c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:8840::/48 Signature Algorithm: sha256WithRSAEncryption 7d:04:24:cb:f3:82:04:dd:b5:df:de:5f:29:b0:b9:ab:5c:72: f3:cc:b3:a6:e0:01:1f:a8:25:52:63:1a:5c:92:46:a6:0d:9e: 24:f2:31:53:08:4b:b7:c3:d1:2b:d2:70:e4:06:79:eb:e6:01: 07:79:49:30:08:40:d4:14:5f:17:10:21:96:93:50:ff:51:49: 5a:3f:93:9a:2f:ce:e7:3b:7a:98:7e:cc:f4:15:e0:e9:50:e7: d2:cf:ed:44:6c:1a:69:3d:5d:b6:ad:d3:0c:6c:9f:59:93:1f: be:12:a9:03:33:f6:fd:fc:84:ee:c0:f4:47:7e:a4:15:ad:49: a2:ed:6e:85:b7:9d:2b:88:e5:7f:d1:68:43:ac:ed:da:f9:95: ab:82:c3:35:32:ae:0c:f1:90:39:95:0b:b4:8a:d9:c8:7f:bd: 24:e2:ab:72:69:18:a7:85:5f:6a:5a:84:96:47:9c:52:ca:56: 69:84:56:cd:9b:db:4a:18:d8:97:7a:13:fd:6c:f8:3d:d8:77: 3b:6f:0d:a0:32:30:50:bb:05:7a:39:99:c5:c5:34:ec:0b:75: 7c:8a:e4:f8:d1:07:fe:11:3f:68:0f:24:4e:58:af:9f:fb:e3: e9:f2:0b:b5:86:6c:a6:8f:93:df:6d:c1:46:24:73:fe:a4:a8: 44:3c:05:74 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgITAytV4Qhsf0IlQX/lhOUn01Sh7DANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjUwNzI5MDAwMTMxWhcN MjUwOTAyMjM1OTU5WjB6MUkwRwYDVQQFE0BlNDNjZDViZTNhY2I1YTIwYmI2NGNh YzBjNjFkZjk0OTI3ZTU5Njg4NzRmOGE3ZDJmZWJmNDEyNWU5NDA2ZjI2MS0wKwYD VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmIhr4wmKUZq009LSDUu6iu86QH9j4 SFjaM+uejIs6JMbnQtjUOmzRhKXJJbIKTOsTHwy8oKS+tc+m+Rqwu0hpO2kJDMDQ uIvGBMzV0i1XFcE08h2wGFRdxB2iMKcZPWSp046+EuDK5T1dslbQBAbfMymke8zE yvjyRmP/WZHbLzpFPvt1h5iyOEL7m8eu9NM6DHG0t0wQKgbxgekxNadvLmApxfQ8 iqVoxPz2AfFkYJl9SwiJH3BqgvldbEbN6+VWe7LdTSqYkl8MIlUPjKlq5PFVpqf9 9Ycq7t51uqh/5S8QVE6EM8gXQz785eXPIYiBu1+T3HkrLWuDYUm0GpOVAgMBAAGj ggJLMIICRzAdBgNVHQ4EFgQUAhtutlb1JxSv9vozVA5xEm2cozowHwYDVR0jBBgw FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv YTgwNThjNjktNDAyNS00NzdiLTg0NGItYWQ1MjY4YzI0NzBjLnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E AgACMAkDBwAkBto4iEAwDQYJKoZIhvcNAQELBQADggEBAH0EJMvzggTdtd/eXymw uatccvPMs6bgAR+oJVJjGlySRqYNniTyMVMIS7fD0SvScOQGeevmAQd5STAIQNQU XxcQIZaTUP9RSVo/k5ovzuc7eph+zPQV4OlQ59LP7URsGmk9Xbat0wxsn1mTH74S qQMz9v38hO7A9Ed+pBWtSaLtboW3nSuI5X/RaEOs7dr5lauCwzUyrgzxkDmVC7SK 2ch/vSTiq3JpGKeFX2pahJZHnFLKVmmEVs2b20oY2Jd6E/1s+D3YdztvDaAyMFC7 BXo5mcXFNOwLdXyK5PjRB/4RP2gPJE5Yr5/74+nyC7WGbKaPk99twUYkc/6kqEQ8 BXQ= -----END CERTIFICATE-----Generated at Thu Jul 31 00:58:24 2025 by rpki-client