$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae908e37-68c8-401d-9ecf-fd9a8d785f85.roa File: ae908e37-68c8-401d-9ecf-fd9a8d785f85.roa (raw, json) Hash identifier: +cg5Yyzu2y6BEIwCb2oYuh1126M5npNfBhIGMs/1zCo= Subject key identifier: D0:67:16:D6:01:30:01:3B:5F:98:A4:65:CB:E2:0A:41:78:10:0D:EC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3372763E45782D41D6292CF6815C0AFDD83A333A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae908e37-68c8-401d-9ecf-fd9a8d785f85.roa Signing time: Mon 07 Jul 2025 15:10:07 +0000 ROA not before: Mon 07 Jul 2025 15:10:07 +0000 ROA not after: Mon 11 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:7000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:72:76:3e:45:78:2d:41:d6:29:2c:f6:81:5c:0a:fd:d8:3a:33:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 7 15:10:07 2025 GMT Not After : Aug 11 23:59:59 2025 GMT Subject: serialNumber=a2e414e24345c986f8087faa5d9b2197af26bd14ee6636ab8f43b24264a38e38, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:6a:12:5a:41:09:0c:ef:e1:d7:6e:03:c4:ba: 0b:e2:31:f1:72:43:75:50:40:f2:f5:8f:ab:57:85: cd:24:76:81:05:a3:96:be:32:7c:f9:34:e4:e7:00: 82:9f:78:57:62:cd:f7:bf:8f:15:1f:46:10:b0:90: de:ce:2e:a7:de:eb:82:d3:ff:64:58:26:f1:99:d5: 41:a1:44:6f:f7:15:d6:7c:ff:ff:42:84:db:8f:b0: 56:3b:3a:d7:db:dc:cc:33:c4:d4:7b:f9:9a:2e:53: f2:e3:71:3c:17:34:9f:de:42:3d:55:b8:a0:7a:9b: 50:32:d4:15:07:21:73:43:12:e0:ab:78:39:d2:d7: 97:e9:de:78:0f:32:64:29:af:40:2b:07:b3:6e:a1: b3:a7:57:ca:89:25:69:93:bc:5d:a0:70:23:44:0a: 9f:70:d2:d5:75:70:f3:65:ed:32:d3:9c:0f:12:67: 78:ed:79:c8:e8:3f:c1:d6:1a:6f:54:1d:34:50:41: 7d:c0:37:e5:20:b8:54:15:0e:11:a0:93:8f:2f:62: c7:9a:d4:0b:73:ec:72:8b:6c:82:ae:03:5a:98:9c: b0:75:9d:63:26:ab:17:73:25:e8:eb:54:ea:ad:25: 81:42:2e:76:b4:37:b6:e4:23:11:68:5e:03:8f:f3: 46:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:67:16:D6:01:30:01:3B:5F:98:A4:65:CB:E2:0A:41:78:10:0D:EC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae908e37-68c8-401d-9ecf-fd9a8d785f85.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:7000::/40 Signature Algorithm: sha256WithRSAEncryption 27:16:e4:3f:4f:b7:6f:c0:d4:d5:76:78:2b:ce:ac:83:96:c8: c1:78:a6:59:60:e5:c6:3c:ba:9a:03:f8:e2:b3:2c:f5:6a:d6: 0e:cc:0f:96:e6:c1:e6:1b:bf:4e:1e:f0:49:60:be:79:3d:57: fa:32:40:76:fe:d3:e5:78:b0:ff:1d:31:32:59:e9:4d:dc:85: 5e:d2:10:32:d1:de:44:9a:b9:6d:d3:9d:4c:df:1e:d8:21:d5: f0:10:2a:33:2a:80:4a:f0:3b:a5:7e:49:d0:04:f6:6d:d5:2d: 12:6a:ed:78:14:f9:b8:40:1e:c8:56:fe:f4:f1:9d:72:6a:13: f1:b7:48:2a:17:12:7c:4f:aa:98:d6:1c:44:92:28:af:92:e8: 50:ec:59:6c:7f:4d:b7:45:28:3b:37:6a:96:99:a6:eb:5f:b9: 31:96:21:7a:06:0f:14:54:4a:b0:ba:53:e3:76:d1:49:95:3c: 17:1f:5d:74:ab:64:cc:8f:37:a2:6b:9f:e8:7f:ca:4a:6e:be: bd:df:ff:cd:0d:5a:9f:55:ed:89:31:5a:33:95:7e:26:a0:6a: 26:e2:a9:83:95:de:b2:a7:f7:07:8a:9b:00:1e:e7:b9:66:ee: 99:f4:68:b2:19:75:86:36:3d:0a:7b:7e:41:d4:7e:bc:5b:aa: d7:da:e5:94 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUM3J2PkV4LUHWKSz2gVwK/dg6MzowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE1MTAwN1oX DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAYTJlNDE0ZTI0MzQ1Yzk4NmY4MDg3 ZmFhNWQ5YjIxOTdhZjI2YmQxNGVlNjYzNmFiOGY0M2IyNDI2NGEzOGUzODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWoSWkEJDO/h124DxLoL4jHxckN1 UEDy9Y+rV4XNJHaBBaOWvjJ8+TTk5wCCn3hXYs33v48VH0YQsJDezi6n3uuC0/9k WCbxmdVBoURv9xXWfP//QoTbj7BWOzrX29zMM8TUe/maLlPy43E8FzSf3kI9Vbig eptQMtQVByFzQxLgq3g50teX6d54DzJkKa9AKwezbqGzp1fKiSVpk7xdoHAjRAqf cNLVdXDzZe0y05wPEmd47XnI6D/B1hpvVB00UEF9wDflILhUFQ4RoJOPL2LHmtQL c+xyi2yCrgNamJywdZ1jJqsXcyXo61TqrSWBQi52tDe25CMRaF4Dj/NGrQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNBnFtYBMAE7X5ikZcviCkF4EA3sMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FlOTA4ZTM3LTY4YzgtNDAxZC05ZWNmLWZkOWE4ZDc4NWY4NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNnAwDQYJKoZIhvcNAQELBQADggEBACcW5D9Pt2/A1NV2eCvO rIOWyMF4pllg5cY8upoD+OKzLPVq1g7MD5bmweYbv04e8Elgvnk9V/oyQHb+0+V4 sP8dMTJZ6U3chV7SEDLR3kSauW3TnUzfHtgh1fAQKjMqgErwO6V+SdAE9m3VLRJq 7XgU+bhAHshW/vTxnXJqE/G3SCoXEnxPqpjWHESSKK+S6FDsWWx/TbdFKDs3apaZ putfuTGWIXoGDxRUSrC6U+N20UmVPBcfXXSrZMyPN6Jrn+h/ykpuvr3f/80NWp9V 7YkxWjOVfiagaibiqYOV3rKn9weKmwAe57lm7pn0aLIZdYY2PQp7fkHUfrxbqtfa 5ZQ= -----END CERTIFICATE-----Generated at Thu Jul 31 00:57:23 2025 by rpki-client