$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b148abe3-0284-4eae-805f-b83c0f2291f5.roa File: b148abe3-0284-4eae-805f-b83c0f2291f5.roa (raw, json) Hash identifier: cz/ht2ex751XOX9QcpVzQCQY+sOZ2ysSECOs9Fr+KW4= Subject key identifier: 53:59:DF:1D:11:44:4F:8E:5D:42:74:38:6E:A8:F5:9F:6A:AA:44:BA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 56A79ECCA7D26EDB918E70667A58D1C3DBCFD62C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b148abe3-0284-4eae-805f-b83c0f2291f5.roa Signing time: Sat 12 Jul 2025 00:00:16 +0000 ROA not before: Sat 12 Jul 2025 00:00:16 +0000 ROA not after: Sat 16 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daef:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:a7:9e:cc:a7:d2:6e:db:91:8e:70:66:7a:58:d1:c3:db:cf:d6:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 12 00:00:16 2025 GMT Not After : Aug 16 23:59:59 2025 GMT Subject: serialNumber=73cfaef7feb1aeecb62bd2cc5624309d75c034be75a1506a456a4a6b8af5f808, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:b6:fe:05:d6:d8:83:3e:9a:cb:bb:f1:c7:b9: ef:29:52:0e:64:30:e8:44:0a:1c:2b:c8:a4:07:cb: 6b:ca:0e:5c:e1:59:8a:02:51:cf:62:78:dd:01:f2: 87:78:a8:06:13:57:0e:1a:15:8b:93:f9:c2:e4:35: d1:3d:02:c7:52:9c:0f:a0:e7:15:64:91:32:53:03: 9b:fe:2a:53:dc:bf:9e:b7:b8:ef:12:b4:dd:6d:89: 71:8b:cc:b8:eb:a4:79:af:56:48:cd:2f:50:f6:65: bb:87:fa:54:fe:09:f3:5c:cc:72:33:d0:cf:f3:cf: 74:f3:7c:7c:81:47:e5:e6:dc:00:d1:e8:1f:43:9b: 44:ed:bf:47:c1:3a:83:29:26:ea:6c:b1:ea:e9:28: e8:32:93:09:42:fe:be:4b:b0:d8:15:a0:e4:46:3b: 96:46:55:6d:33:ef:cb:9f:9b:0e:2c:51:38:82:6c: b6:52:cb:42:1b:50:aa:fa:1e:20:09:7a:44:f3:2e: 9a:49:0d:4d:a7:fa:8b:f9:7b:7e:b2:f6:3f:5d:a2: 4f:ee:a6:2f:e0:e2:e0:ec:1e:f0:0e:ee:5f:35:9c: 35:e3:b3:49:be:c0:78:31:c8:ed:27:67:ca:de:5f: b8:f0:5b:d8:c1:b3:66:33:fd:80:6d:55:6b:f2:54: b2:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:59:DF:1D:11:44:4F:8E:5D:42:74:38:6E:A8:F5:9F:6A:AA:44:BA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b148abe3-0284-4eae-805f-b83c0f2291f5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:2000::/40 Signature Algorithm: sha256WithRSAEncryption bd:60:8d:1d:0a:88:fc:2c:a9:1e:6a:c5:9b:37:f6:60:8f:8e: da:eb:70:08:ed:7c:94:08:be:b7:e2:5b:28:bf:8e:92:57:4e: 6d:85:eb:fd:92:94:a0:1b:79:a5:6d:4e:a7:bc:b4:30:79:86: 53:0f:95:56:16:6a:4b:c8:e2:0e:2e:3d:f4:51:b8:08:c6:92: 97:8a:7a:10:84:99:cf:79:3e:55:84:21:93:da:77:50:cc:f3: 79:d1:83:6b:e2:d9:3e:ea:ea:7c:4a:89:04:6f:f8:37:67:5f: 5c:ce:95:21:7e:65:7f:fb:0a:4c:35:31:9f:35:fa:eb:d2:79: ec:55:50:73:31:6e:63:0c:3a:9d:2c:56:60:f8:c6:58:a5:fd: 7e:9f:76:3a:7c:47:ff:b6:3b:67:b9:ec:c6:18:78:07:1e:9f: 32:ee:3d:b6:64:94:ad:ea:65:94:70:0f:ab:b7:e2:d8:b1:72: 58:58:94:c2:c4:e2:58:88:c7:2f:33:5b:03:78:2c:7e:6c:47: bb:41:b7:b6:fa:a5:d5:ea:2d:23:e7:e6:ab:d5:a1:83:b3:24: e8:50:e7:a8:7c:20:62:5e:7e:bc:fa:67:37:de:c4:08:ed:0c: df:d3:c2:f6:7c:c0:2c:59:55:83:60:f1:d1:de:bf:af:cf:84: 03:a0:c4:1a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVqeezKfSbtuRjnBmeljRw9vP1iwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcxMjAwMDAxNloX DTI1MDgxNjIzNTk1OVowejFJMEcGA1UEBRNANzNjZmFlZjdmZWIxYWVlY2I2MmJk MmNjNTYyNDMwOWQ3NWMwMzRiZTc1YTE1MDZhNDU2YTRhNmI4YWY1ZjgwODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7b+BdbYgz6ay7vxx7nvKVIOZDDo RAocK8ikB8tryg5c4VmKAlHPYnjdAfKHeKgGE1cOGhWLk/nC5DXRPQLHUpwPoOcV ZJEyUwOb/ipT3L+et7jvErTdbYlxi8y466R5r1ZIzS9Q9mW7h/pU/gnzXMxyM9DP 889083x8gUfl5twA0egfQ5tE7b9HwTqDKSbqbLHq6SjoMpMJQv6+S7DYFaDkRjuW RlVtM+/Ln5sOLFE4gmy2UstCG1Cq+h4gCXpE8y6aSQ1Np/qL+Xt+svY/XaJP7qYv 4OLg7B7wDu5fNZw147NJvsB4McjtJ2fK3l+48FvYwbNmM/2AbVVr8lSy0QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFNZ3x0RRE+OXUJ0OG6o9Z9qqkS6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IxNDhhYmUzLTAyODQtNGVhZS04MDVmLWI4M2MwZjIyOTFmNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7yAwDQYJKoZIhvcNAQELBQADggEBAL1gjR0KiPwsqR5qxZs3 9mCPjtrrcAjtfJQIvrfiWyi/jpJXTm2F6/2SlKAbeaVtTqe8tDB5hlMPlVYWakvI 4g4uPfRRuAjGkpeKehCEmc95PlWEIZPad1DM83nRg2vi2T7q6nxKiQRv+DdnX1zO lSF+ZX/7Ckw1MZ81+uvSeexVUHMxbmMMOp0sVmD4xlil/X6fdjp8R/+2O2e57MYY eAcenzLuPbZklK3qZZRwD6u34tixclhYlMLE4liIxy8zWwN4LH5sR7tBt7b6pdXq LSPn5qvVoYOzJOhQ56h8IGJefrz6ZzfexAjtDN/TwvZ8wCxZVYNg8dHev6/PhAOg xBo= -----END CERTIFICATE-----Generated at Thu Jul 31 00:59:18 2025 by rpki-client