$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa File: aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa (raw, json) Hash identifier: ZD8ds6BtDeIBXn3zo9S+XUvzmTKg73ENPLvj6/x6DFc= Subject key identifier: 7E:C3:DE:8E:65:71:7B:75:D3:C1:2C:32:D2:17:BA:9C:DE:36:A7:1C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1BB91E4C83A364C674BFDA5F912D1F8AF7B0ABD2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa Signing time: Sat 19 Jul 2025 00:00:11 +0000 ROA not before: Sat 19 Jul 2025 00:00:11 +0000 ROA not after: Sat 23 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:b9:1e:4c:83:a3:64:c6:74:bf:da:5f:91:2d:1f:8a:f7:b0:ab:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 19 00:00:11 2025 GMT Not After : Aug 23 23:59:59 2025 GMT Subject: serialNumber=a6a53262248dac34865285804f1b604a3b866bcdca5475f7b7c2c2a8dc6f6c89, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:b6:98:fd:a8:dc:f1:14:f9:29:17:8b:d9:eb: 9d:45:5d:4f:60:86:bc:36:03:ab:fd:3b:db:bd:38: 3f:59:25:fa:c7:7b:66:c1:80:2b:88:51:80:36:79: f6:0d:3e:12:6d:44:e6:e6:37:75:68:15:23:02:0b: e1:93:41:8e:56:f5:5c:f7:28:bd:86:b3:6d:22:bb: 7d:b0:2c:a7:96:ec:0f:c0:d0:ff:18:a2:53:ee:c9: 65:9e:d1:5b:2b:ea:9c:76:a4:af:4e:3a:67:21:d5: de:13:80:9a:b3:49:64:8e:46:06:30:1b:6b:16:1e: 56:d4:7a:f8:22:0c:a8:ea:36:98:22:24:55:f6:c4: 12:ba:df:ae:c0:ab:a9:e7:7f:98:30:43:3d:b9:37: 1c:5c:f3:1b:a2:e3:3e:6d:db:59:51:b8:98:e5:a8: 31:5f:78:c1:8d:20:27:f5:08:9c:b2:3e:f2:44:3d: 14:52:9f:e4:3a:74:c6:26:89:11:f6:22:b3:4d:63: 05:fb:fd:96:f3:bc:41:67:86:44:a8:a5:46:e5:64: a8:05:36:2a:2a:68:d7:bb:f2:58:55:8e:3b:f8:35: 04:c3:61:dd:8c:f0:41:2c:fd:44:41:9f:9e:b9:23: f9:f0:98:a9:5d:b2:c3:e1:1b:92:2f:42:33:65:62: 5a:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:C3:DE:8E:65:71:7B:75:D3:C1:2C:32:D2:17:BA:9C:DE:36:A7:1C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:a000::/40 Signature Algorithm: sha256WithRSAEncryption 5a:15:de:4e:04:fe:d9:e4:97:15:5c:f0:15:ca:b2:ad:a4:f4: 3a:8d:bc:2e:09:33:7a:24:8c:f4:2a:db:d1:24:b7:3a:7a:b2: e2:fe:31:72:6f:e0:26:cc:b3:ca:9d:a7:2f:54:9c:af:6b:0e: 80:62:56:26:7a:70:18:f5:b6:bb:58:d2:0e:1e:47:21:dd:ad: e1:4c:83:54:0c:81:6e:81:1c:9f:9f:e9:48:58:5a:68:25:51: a9:78:8d:a7:d1:96:1b:f8:26:84:06:00:73:9c:a5:f9:69:0d: 4d:49:dd:3d:12:6c:3b:72:73:59:81:ea:ed:d4:77:d3:e2:7a: 24:13:ec:07:5a:61:bd:85:d7:73:7a:ca:7c:6e:cc:08:e6:a8: 06:8f:a8:6e:a3:64:a0:53:6c:98:82:2a:a7:b2:9e:12:42:fe: a2:89:5d:63:97:d6:d2:ab:91:e5:09:eb:81:a7:3a:b8:62:1f: a1:4b:5c:98:6a:8e:47:4a:fb:49:de:60:55:7f:61:05:60:ef: 32:ae:68:a8:1e:62:47:f7:f4:43:92:1d:c2:c4:11:c5:e5:eb: 9a:55:be:32:ae:86:5b:2d:d5:e7:82:af:f2:d6:93:f9:72:44: d0:8a:59:fa:b9:73:fb:22:fb:66:d1:cf:ee:cf:91:e5:79:35: df:3d:60:9a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUG7keTIOjZMZ0v9pfkS0fivewq9IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcxOTAwMDAxMVoX DTI1MDgyMzIzNTk1OVowejFJMEcGA1UEBRNAYTZhNTMyNjIyNDhkYWMzNDg2NTI4 NTgwNGYxYjYwNGEzYjg2NmJjZGNhNTQ3NWY3YjdjMmMyYThkYzZmNmM4OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5LaY/ajc8RT5KReL2eudRV1PYIa8 NgOr/TvbvTg/WSX6x3tmwYAriFGANnn2DT4SbUTm5jd1aBUjAgvhk0GOVvVc9yi9 hrNtIrt9sCynluwPwND/GKJT7sllntFbK+qcdqSvTjpnIdXeE4Cas0lkjkYGMBtr Fh5W1Hr4Igyo6jaYIiRV9sQSut+uwKup53+YMEM9uTccXPMbouM+bdtZUbiY5agx X3jBjSAn9Qicsj7yRD0UUp/kOnTGJokR9iKzTWMF+/2W87xBZ4ZEqKVG5WSoBTYq KmjXu/JYVY47+DUEw2HdjPBBLP1EQZ+euSP58JipXbLD4RuSL0IzZWJaewIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFH7D3o5lcXt108EsMtIXupzeNqccMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FiYTIzMThjLWU5NmEtNDA1OC04ZTBjLTVhY2EyYjU2YWFkOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMqAwDQYJKoZIhvcNAQELBQADggEBAFoV3k4E/tnklxVc8BXK sq2k9DqNvC4JM3okjPQq29Ektzp6suL+MXJv4CbMs8qdpy9UnK9rDoBiViZ6cBj1 trtY0g4eRyHdreFMg1QMgW6BHJ+f6UhYWmglUal4jafRlhv4JoQGAHOcpflpDU1J 3T0SbDtyc1mB6u3Ud9PieiQT7AdaYb2F13N6ynxuzAjmqAaPqG6jZKBTbJiCKqey nhJC/qKJXWOX1tKrkeUJ64GnOrhiH6FLXJhqjkdK+0neYFV/YQVg7zKuaKgeYkf3 9EOSHcLEEcXl65pVvjKuhlst1eeCr/LWk/lyRNCKWfq5c/si+2bRz+7PkeV5Nd89 YJo= -----END CERTIFICATE-----Generated at Thu Jul 31 00:57:21 2025 by rpki-client