$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8746c50-b2c6-438f-ad79-3b608da68b61.roa File: a8746c50-b2c6-438f-ad79-3b608da68b61.roa (raw, json) Hash identifier: gCJ04GZPyNt45Wa8fZsns53fr8WFtGqTqQGr4m4bXcQ= Subject key identifier: 9A:FF:7F:9C:72:C6:72:39:8E:75:C7:F0:B1:B0:98:3B:2B:A6:DB:36 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4090436798D36B4870E7685E942D9A443DB0B467 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8746c50-b2c6-438f-ad79-3b608da68b61.roa Signing time: Mon 07 Jul 2025 15:11:16 +0000 ROA not before: Mon 07 Jul 2025 15:11:16 +0000 ROA not after: Mon 11 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Jul 2025 00:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:90:43:67:98:d3:6b:48:70:e7:68:5e:94:2d:9a:44:3d:b0:b4:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 7 15:11:16 2025 GMT Not After : Aug 11 23:59:59 2025 GMT Subject: serialNumber=e352c10182918069bac9a9a76e803497d45c9427f7b76315c9d6801e7b225962, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:97:db:ea:2f:94:73:11:d9:fe:a0:54:24:f1: 68:50:d9:9c:69:4b:cf:23:b1:76:3d:c7:a1:42:f2: a7:6d:1f:60:b1:9c:17:39:67:e9:80:14:f8:3b:53: 31:5a:8d:9c:5e:4c:99:97:93:bd:ca:5d:22:7b:29: 84:a9:0d:97:b9:2a:dd:36:18:3b:52:0b:05:3a:1d: 3d:80:8f:c1:70:51:dd:dd:59:61:72:68:8b:37:d4: be:ae:4b:e5:b1:03:fe:8d:ab:52:f5:fd:e8:4b:2b: 39:8a:10:95:9a:0a:b1:cb:f2:58:da:1e:f2:46:e1: 23:07:2e:c6:a8:bd:c8:78:6a:4d:1b:9d:5f:dd:3e: 8c:d0:86:e9:34:af:1d:8f:8d:7f:bd:8d:5a:3c:e7: ce:cf:d3:6b:8b:1d:ab:d1:b8:d9:70:df:28:c6:a0: 9b:a2:72:dc:27:c2:46:8b:13:c7:91:1d:48:8e:f0: c6:7b:6f:0d:29:fc:a7:5b:12:f5:cb:8f:c6:11:f3: 56:62:3a:65:c6:58:65:06:8a:cf:e0:2a:30:ba:ff: 98:c5:6d:81:d6:8c:82:80:1b:e1:a8:ce:11:c9:64: c8:90:e4:d8:02:ea:a4:c4:29:9f:e0:70:10:5a:ff: 75:1f:3f:dc:ee:85:df:bd:da:ea:e4:f7:2a:c5:13: 08:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:FF:7F:9C:72:C6:72:39:8E:75:C7:F0:B1:B0:98:3B:2B:A6:DB:36 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8746c50-b2c6-438f-ad79-3b608da68b61.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:6000::/40 Signature Algorithm: sha256WithRSAEncryption 2b:fe:25:12:f9:9f:42:07:ac:2b:19:70:86:da:46:44:0c:bc: 7c:42:a8:60:a9:81:87:5b:75:36:dd:47:b9:6d:c1:f2:f5:d9: b9:a1:df:9e:a1:15:8d:c5:d6:f0:44:79:0c:28:04:b4:61:2a: e8:95:3d:ca:29:8b:99:f3:cb:02:71:16:d5:be:a9:c8:c7:58: 87:39:9f:ce:17:54:f9:30:51:b5:cf:ed:6f:00:78:92:03:34: e6:6e:05:89:2a:43:6d:ce:49:c1:ec:62:3d:f4:b7:0e:4b:2d: 27:bd:be:56:37:21:2c:75:a9:9b:df:36:d2:fd:d0:3d:d0:4d: 61:6d:27:b8:2a:e3:79:45:ab:6e:a1:42:26:0f:75:99:42:f4: ce:a0:00:dd:38:ba:e8:35:10:ea:a7:2d:37:29:4e:13:1c:c0: 70:5d:ee:97:c0:86:c6:80:f7:e5:1b:ee:02:b2:02:05:a0:4f: 74:fe:49:05:b7:68:5a:c1:35:9f:7a:5f:ba:b2:73:39:f0:c4: 24:5d:fd:7b:ac:4e:64:a9:b6:e8:28:5d:23:a5:32:f9:5c:bf: eb:e3:e6:66:e0:15:35:a9:ee:91:b1:78:30:9a:66:ff:d9:03: a6:75:18:3b:b3:ae:46:fe:ac:5d:c2:eb:fd:d9:ad:76:94:69: 67:0b:84:5b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQJBDZ5jTa0hw52helC2aRD2wtGcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE1MTExNloX DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAZTM1MmMxMDE4MjkxODA2OWJhYzlh OWE3NmU4MDM0OTdkNDVjOTQyN2Y3Yjc2MzE1YzlkNjgwMWU3YjIyNTk2MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpfb6i+UcxHZ/qBUJPFoUNmcaUvP I7F2PcehQvKnbR9gsZwXOWfpgBT4O1MxWo2cXkyZl5O9yl0ieymEqQ2XuSrdNhg7 UgsFOh09gI/BcFHd3VlhcmiLN9S+rkvlsQP+jatS9f3oSys5ihCVmgqxy/JY2h7y RuEjBy7GqL3IeGpNG51f3T6M0IbpNK8dj41/vY1aPOfOz9Nrix2r0bjZcN8oxqCb onLcJ8JGixPHkR1IjvDGe28NKfynWxL1y4/GEfNWYjplxlhlBorP4Cowuv+YxW2B 1oyCgBvhqM4RyWTIkOTYAuqkxCmf4HAQWv91Hz/c7oXfvdrq5PcqxRMIewIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJr/f5xyxnI5jnXH8LGwmDsrpts2MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E4NzQ2YzUwLWIyYzYtNDM4Zi1hZDc5LTNiNjA4ZGE2OGI2MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaGAwDQYJKoZIhvcNAQELBQADggEBACv+JRL5n0IHrCsZcIba RkQMvHxCqGCpgYdbdTbdR7ltwfL12bmh356hFY3F1vBEeQwoBLRhKuiVPcopi5nz ywJxFtW+qcjHWIc5n84XVPkwUbXP7W8AeJIDNOZuBYkqQ23OScHsYj30tw5LLSe9 vlY3ISx1qZvfNtL90D3QTWFtJ7gq43lFq26hQiYPdZlC9M6gAN04uug1EOqnLTcp ThMcwHBd7pfAhsaA9+Ub7gKyAgWgT3T+SQW3aFrBNZ96X7qycznwxCRd/XusTmSp tugoXSOlMvlcv+vj5mbgFTWp7pGxeDCaZv/ZA6Z1GDuzrkb+rF3C6/3ZrXaUaWcL hFs= -----END CERTIFICATE-----Generated at Tue Jul 8 21:31:46 2025 by rpki-client