$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b0c7485a-6d94-4adf-ad68-d031efad9d50.roa File: b0c7485a-6d94-4adf-ad68-d031efad9d50.roa (raw, json) Hash identifier: VJs5RMMRJ4cCCzE0BhGNuTmpK/tidkhDAF01w7oU08E= Subject key identifier: BE:2D:20:9F:9A:E1:3D:32:C0:96:AA:9E:90:D0:1C:0D:E4:9E:A4:66 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 19C58EAE650447CBA9F2DA9F65DAA3112DA6EE2F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b0c7485a-6d94-4adf-ad68-d031efad9d50.roa Signing time: Tue 29 Jul 2025 00:41:02 +0000 ROA not before: Tue 29 Jul 2025 00:41:02 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:9080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:c5:8e:ae:65:04:47:cb:a9:f2:da:9f:65:da:a3:11:2d:a6:ee:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:41:02 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=75622757b77064f3d988498102d136649a3c268c18276343e1ed401109b8f414, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:e8:c5:52:f8:ce:eb:fa:d0:ec:4c:55:4b:2e: 04:58:ab:79:a8:d9:9f:d7:73:4b:98:0c:77:22:f4: 1d:6d:46:eb:f1:c9:73:5e:d1:5c:90:5a:d4:bc:02: 74:22:de:bf:07:a5:93:33:81:2a:b1:14:e6:27:cc: da:75:45:f3:1d:7a:10:3e:97:3b:56:15:e6:91:b1: 5f:bc:f8:bd:2f:a0:90:ec:16:b8:27:02:61:30:9b: 43:4b:fe:99:53:47:bb:19:db:94:da:f8:b0:7d:b4: 76:5a:ed:8b:99:9d:51:86:5d:df:cc:0e:42:53:ff: 45:4d:2b:d1:6e:5d:98:ca:28:7f:3c:64:d4:8b:b1: 85:fb:31:41:74:a2:9a:0a:c8:06:f8:7a:11:10:60: cc:de:74:fd:c7:17:ee:f3:83:00:13:46:ac:b4:4b: a7:ed:a6:6b:82:a5:62:5d:d3:d9:ed:2f:eb:6c:e3: 8c:4e:70:21:9e:93:2f:cc:46:9e:42:cf:be:f9:7c: 12:5f:f6:07:2c:80:8e:23:a1:7f:24:bc:b9:99:ee: d8:61:31:05:77:df:8e:37:cc:ab:e7:6f:73:60:6b: c4:6d:35:52:8e:44:69:b4:d4:a2:4c:05:47:59:a9: 92:01:2d:8b:bb:40:58:5d:41:d3:52:49:db:39:4c: 9f:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:2D:20:9F:9A:E1:3D:32:C0:96:AA:9E:90:D0:1C:0D:E4:9E:A4:66 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b0c7485a-6d94-4adf-ad68-d031efad9d50.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:9080::/48 Signature Algorithm: sha256WithRSAEncryption 31:74:7b:cf:56:e0:c2:54:9c:27:be:3a:b5:34:f8:cd:51:a9: 3b:10:83:c6:c6:05:ce:bc:3b:70:27:1b:b8:1b:ff:52:03:a8: 36:6c:2c:de:c5:0b:9d:93:dd:19:aa:76:45:35:eb:9b:c1:72: 97:17:56:42:65:27:54:34:6b:8c:a5:64:30:57:65:0d:b8:ce: 1b:e0:af:cc:c6:eb:c1:66:5b:40:bc:c2:f0:a0:39:40:6f:63: 96:cf:a6:6e:f5:a0:78:df:7a:db:2d:a8:22:98:be:b2:74:09: 6c:d0:34:54:51:28:54:79:cb:fb:0c:9e:a3:ff:70:1f:d2:de: ef:32:b0:2a:0f:02:2f:83:e3:f8:a8:a8:f5:e3:4f:d6:5c:12: 5f:5f:d2:fd:d3:91:b6:de:be:64:dc:c0:eb:b2:a1:c3:86:80: 57:1f:fc:75:e8:6a:e2:3e:de:59:50:e4:4f:35:09:72:88:06: be:7a:49:7c:5e:49:0f:1b:1a:62:4d:2b:bf:49:4b:fc:1c:3e: 23:d1:d0:bd:4e:1e:cf:d9:89:7a:dc:b1:24:ab:85:e0:48:01: 61:ca:d8:72:f0:60:8f:6d:70:f5:39:ff:95:5e:5d:f3:f4:6b: 5e:04:01:a5:fb:34:05:bb:cb:72:87:ad:64:2e:72:0d:32:36: 19:e5:f1:0e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGcWOrmUER8up8tqfZdqjES2m7i8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwNDEwMloX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNANzU2MjI3NTdiNzcwNjRmM2Q5ODg0 OTgxMDJkMTM2NjQ5YTNjMjY4YzE4Mjc2MzQzZTFlZDQwMTEwOWI4ZjQxNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+jFUvjO6/rQ7ExVSy4EWKt5qNmf 13NLmAx3IvQdbUbr8clzXtFckFrUvAJ0It6/B6WTM4EqsRTmJ8zadUXzHXoQPpc7 VhXmkbFfvPi9L6CQ7Ba4JwJhMJtDS/6ZU0e7GduU2viwfbR2Wu2LmZ1Rhl3fzA5C U/9FTSvRbl2Yyih/PGTUi7GF+zFBdKKaCsgG+HoREGDM3nT9xxfu84MAE0astEun 7aZrgqViXdPZ7S/rbOOMTnAhnpMvzEaeQs+++XwSX/YHLICOI6F/JLy5me7YYTEF d9+ON8yr529zYGvEbTVSjkRptNSiTAVHWamSAS2Lu0BYXUHTUknbOUyfpwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFL4tIJ+a4T0ywJaqnpDQHA3knqRmMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IwYzc0ODVhLTZkOTQtNGFkZi1hZDY4LWQwMzFlZmFkOWQ1MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAJCAMA0GCSqGSIb3DQEBCwUAA4IBAQAxdHvPVuDCVJwnvjq1 NPjNUak7EIPGxgXOvDtwJxu4G/9SA6g2bCzexQudk90ZqnZFNeubwXKXF1ZCZSdU NGuMpWQwV2UNuM4b4K/MxuvBZltAvMLwoDlAb2OWz6Zu9aB433rbLagimL6ydAls 0DRUUShUecv7DJ6j/3Af0t7vMrAqDwIvg+P4qKj140/WXBJfX9L905G23r5k3MDr sqHDhoBXH/x16GriPt5ZUORPNQlyiAa+ekl8XkkPGxpiTSu/SUv8HD4j0dC9Th7P 2Yl63LEkq4XgSAFhythy8GCPbXD1Of+VXl3z9GteBAGl+zQFu8tyh61kLnINMjYZ 5fEO -----END CERTIFICATE-----Generated at Thu Jul 31 01:02:17 2025 by rpki-client