$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b105a261-7baa-401b-b853-65b2635b3f6d.roa File: b105a261-7baa-401b-b853-65b2635b3f6d.roa (raw, json) Hash identifier: UIqqe91PcphEQ4JkCu3RSvUtrGxRG8OU30ExqTc7M6k= Subject key identifier: 05:79:D9:0E:EA:29:0B:B0:06:09:A2:54:4F:8A:77:39:F4:75:84:4A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2F606ACE07F51920FEE7F6775B2357449F015F54 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b105a261-7baa-401b-b853-65b2635b3f6d.roa Signing time: Wed 16 Jul 2025 00:00:05 +0000 ROA not before: Wed 16 Jul 2025 00:00:05 +0000 ROA not after: Wed 20 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da24:8000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:60:6a:ce:07:f5:19:20:fe:e7:f6:77:5b:23:57:44:9f:01:5f:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 16 00:00:05 2025 GMT Not After : Aug 20 23:59:59 2025 GMT Subject: serialNumber=60d03f808cafb7c2750039d46970a56ad5b958d028d46fb6dc29327c29ae46e0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:ed:05:72:e9:42:4e:60:b0:42:35:ba:31:88: f9:82:34:24:76:fc:e7:8f:fc:c0:d6:48:13:4d:87: 5a:53:e2:5a:db:5c:9b:43:2a:34:66:d4:44:0e:b5: a9:38:7a:35:b3:9f:46:2b:08:0a:a7:70:5c:2d:90: 84:78:a9:ce:27:e3:ca:45:44:a4:c8:25:ee:c6:fa: 48:f6:8b:af:08:14:36:bd:7f:47:b0:d0:cf:d8:9c: ef:47:6e:ea:51:e8:2d:c7:0b:54:e0:5b:7e:31:0f: 24:76:ad:18:c0:7f:84:7b:52:c4:a6:02:d3:a3:03: 2a:81:62:d7:45:a7:5d:10:b0:61:46:ac:ff:98:49: 11:46:4c:9c:3d:96:26:dd:77:4a:0b:0f:9f:a8:c5: 62:e7:24:25:3e:08:1f:8f:ec:11:05:4a:91:46:34: 60:31:f2:51:f5:ae:21:9b:9e:d7:6c:cc:1f:bb:61: 37:94:9f:5b:18:16:c7:cf:86:6f:07:f1:56:c2:97: e9:5f:31:69:4e:37:cf:36:e4:51:b2:96:0d:13:dd: 49:9b:11:91:e0:a7:2c:74:10:63:83:12:f0:c8:b9: 74:0f:3b:eb:03:b5:9e:d4:a9:cf:3e:bf:d4:ab:36: 09:c7:81:84:b9:e0:8d:52:02:6c:1f:23:95:8d:6b: ef:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:79:D9:0E:EA:29:0B:B0:06:09:A2:54:4F:8A:77:39:F4:75:84:4A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b105a261-7baa-401b-b853-65b2635b3f6d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da24:8000::/36 Signature Algorithm: sha256WithRSAEncryption c6:9d:1e:7b:f7:7b:1b:7b:ad:4b:68:04:c1:38:a4:32:2e:5d: f1:0d:e9:6d:5c:58:3b:ed:4f:83:78:66:dc:90:53:28:23:68: 46:7d:e2:07:6f:25:a2:1a:c3:fe:c8:cb:59:39:41:92:42:8e: 1b:72:4a:d8:3c:4f:ab:c0:2e:81:64:15:53:65:6e:e3:22:af: 1d:05:b3:91:5f:b3:dc:95:e6:b6:ee:0b:8d:bd:6f:14:96:55: b9:d9:80:43:96:a9:b7:0c:cc:be:b7:df:c6:ce:f7:a9:1e:59: 65:41:83:cc:77:38:d8:b3:08:c3:ba:cc:d7:9d:46:82:2f:87: 6a:e8:27:2e:a5:8e:d1:8b:c4:14:50:02:70:06:94:56:f5:e8: 36:d7:3f:2c:f3:5f:8a:7a:e7:7f:c6:45:db:bf:b3:5a:29:52: b2:4e:9d:a3:54:cd:6c:a1:86:d4:ef:fc:a9:48:62:17:2d:40: a1:97:8f:04:e7:68:36:cc:1a:7d:15:42:ae:32:83:0b:cc:f2: 67:83:6e:e4:15:82:84:cc:1a:ee:20:53:bc:07:56:a1:9e:c0: 7e:6a:4f:dd:7c:20:68:46:00:e8:9e:20:89:14:d7:84:7a:f6: 8e:95:24:d2:fd:ef:f4:a6:c7:a1:88:eb:72:e3:b6:48:a9:22: 34:e1:ff:be -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUL2Bqzgf1GSD+5/Z3WyNXRJ8BX1QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcxNjAwMDAwNVoX DTI1MDgyMDIzNTk1OVowejFJMEcGA1UEBRNANjBkMDNmODA4Y2FmYjdjMjc1MDAz OWQ0Njk3MGE1NmFkNWI5NThkMDI4ZDQ2ZmI2ZGMyOTMyN2MyOWFlNDZlMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxu0FculCTmCwQjW6MYj5gjQkdvzn j/zA1kgTTYdaU+Ja21ybQyo0ZtREDrWpOHo1s59GKwgKp3BcLZCEeKnOJ+PKRUSk yCXuxvpI9ouvCBQ2vX9HsNDP2JzvR27qUegtxwtU4Ft+MQ8kdq0YwH+Ee1LEpgLT owMqgWLXRaddELBhRqz/mEkRRkycPZYm3XdKCw+fqMVi5yQlPggfj+wRBUqRRjRg MfJR9a4hm57XbMwfu2E3lJ9bGBbHz4ZvB/FWwpfpXzFpTjfPNuRRspYNE91JmxGR 4KcsdBBjgxLwyLl0DzvrA7We1KnPPr/UqzYJx4GEueCNUgJsHyOVjWvvbwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAV52Q7qKQuwBgmiVE+Kdzn0dYRKMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IxMDVhMjYxLTdiYWEtNDAxYi1iODUzLTY1YjI2MzViM2Y2ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaJIAwDQYJKoZIhvcNAQELBQADggEBAMadHnv3ext7rUtoBME4 pDIuXfEN6W1cWDvtT4N4ZtyQUygjaEZ94gdvJaIaw/7Iy1k5QZJCjhtyStg8T6vA LoFkFVNlbuMirx0Fs5Ffs9yV5rbuC429bxSWVbnZgEOWqbcMzL6338bO96keWWVB g8x3ONizCMO6zNedRoIvh2roJy6ljtGLxBRQAnAGlFb16DbXPyzzX4p653/GRdu/ s1opUrJOnaNUzWyhhtTv/KlIYhctQKGXjwTnaDbMGn0VQq4ygwvM8meDbuQVgoTM Gu4gU7wHVqGewH5qT918IGhGAOieIIkU14R69o6VJNL97/Smx6GI63LjtkipIjTh /74= -----END CERTIFICATE-----Generated at Thu Jul 31 01:05:24 2025 by rpki-client