$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b834337f-a753-44b7-be9e-389ab2d2acad.roa File: b834337f-a753-44b7-be9e-389ab2d2acad.roa (raw, json) Hash identifier: c3vk/DOaHX3vlpcey90mARPK76HN2cZHiMYI0rwj6tY= Subject key identifier: 1C:21:AA:0F:21:4A:3B:32:7B:BA:E9:BD:EA:38:68:59:1A:F9:AB:E1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7700FD2F9C678223C9F8945FF674A689DBAAEE86 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b834337f-a753-44b7-be9e-389ab2d2acad.roa Signing time: Thu 26 Jun 2025 20:22:03 +0000 ROA not before: Thu 26 Jun 2025 20:22:03 +0000 ROA not after: Thu 31 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 15:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:00:fd:2f:9c:67:82:23:c9:f8:94:5f:f6:74:a6:89:db:aa:ee:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 26 20:22:03 2025 GMT Not After : Jul 31 23:59:59 2025 GMT Subject: serialNumber=b6ca594b55cb980b770e928448017a00053dad454628b7a1eb75e3cf9e0ac095, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:37:40:4d:d3:0c:03:e4:6c:77:ba:56:2c:58: 38:62:0c:4f:ec:17:1e:ea:82:11:5b:f7:61:d6:11: af:3e:fc:3b:0b:31:b3:d5:71:a2:78:2a:59:72:98: db:51:d6:b0:58:e9:b4:b1:34:e0:4e:13:d2:cb:1c: 0a:a4:06:00:63:34:96:06:4a:64:40:ac:bf:94:4c: 8c:52:74:76:ac:06:79:84:56:76:94:59:0f:64:e9: 04:6a:1b:1d:93:0c:49:f0:08:b5:fe:b0:46:c2:3d: 91:49:ba:8a:20:39:79:7d:7f:0e:e2:47:dc:0f:39: 66:ca:22:55:61:0b:3b:7f:4c:66:31:1b:46:af:30: eb:0e:62:3c:e7:cf:dc:e8:3b:bb:28:5e:e7:7c:f1: 78:76:10:79:bd:51:59:1f:7c:54:66:06:ff:f8:43: 28:e7:ee:a9:86:13:57:15:0e:7a:a4:73:11:9b:71: a4:ec:49:a9:3b:1e:57:8c:b3:6d:e5:a9:3f:6d:3e: c6:2b:93:1d:68:d0:a9:88:19:d6:20:6a:bc:9f:84: 89:fa:0f:3d:6b:45:6d:7f:60:37:5b:bd:5f:b3:1e: 87:e1:61:66:8c:c0:51:62:57:75:d1:c4:a0:8b:32: 19:9e:7b:d3:0f:82:63:aa:86:79:c0:38:c9:f2:83: fd:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:21:AA:0F:21:4A:3B:32:7B:BA:E9:BD:EA:38:68:59:1A:F9:AB:E1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b834337f-a753-44b7-be9e-389ab2d2acad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:a000::/40 Signature Algorithm: sha256WithRSAEncryption 08:c2:d8:5c:60:5a:c3:45:2e:96:1e:39:0b:f5:d9:4c:8c:a7: 25:ca:d8:d8:1e:c7:ad:ee:7a:d7:9b:da:b6:25:64:65:3e:7f: 78:5a:c6:19:96:f6:5a:3e:f0:4c:8b:e4:1a:ec:22:8a:9a:0e: 56:4f:6a:04:2e:ee:e2:9c:b8:71:52:89:e3:94:41:51:08:26: 78:4d:09:f2:14:4b:e9:86:a3:cd:59:35:c5:e9:69:db:ca:87: 19:4f:25:51:ba:d8:46:c7:4a:e3:03:db:17:bb:bb:fb:f8:45: 54:59:ce:ae:c9:da:b1:cd:a1:59:31:d9:7e:2b:97:7d:29:b6: ab:fa:9e:7f:63:13:0d:d9:09:02:1a:99:58:78:58:95:4a:e5: e6:8d:81:41:d4:0a:a2:c1:f9:a6:16:32:e6:7a:16:bd:dc:d3: dc:8f:12:8f:2e:07:fe:d6:06:95:3f:20:d2:df:1b:9c:0a:4c: 9b:83:bc:b7:8f:06:b2:db:88:b2:9d:52:6f:5b:e0:c7:06:8c: 57:9b:92:c5:ee:67:8c:04:a4:30:63:87:7c:d3:5e:40:26:af: 54:00:39:5c:22:c6:71:bb:5d:a4:a5:51:77:9c:a8:10:71:2a: be:0f:a4:f2:35:19:06:f8:e2:06:84:65:df:1a:1b:c7:66:4c: 7a:d6:f4:6b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdwD9L5xngiPJ+JRf9nSmiduq7oYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyNjIwMjIwM1oX DTI1MDczMTIzNTk1OVowejFJMEcGA1UEBRNAYjZjYTU5NGI1NWNiOTgwYjc3MGU5 Mjg0NDgwMTdhMDAwNTNkYWQ0NTQ2MjhiN2ExZWI3NWUzY2Y5ZTBhYzA5NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDdATdMMA+Rsd7pWLFg4YgxP7Bce 6oIRW/dh1hGvPvw7CzGz1XGieCpZcpjbUdawWOm0sTTgThPSyxwKpAYAYzSWBkpk QKy/lEyMUnR2rAZ5hFZ2lFkPZOkEahsdkwxJ8Ai1/rBGwj2RSbqKIDl5fX8O4kfc DzlmyiJVYQs7f0xmMRtGrzDrDmI858/c6Du7KF7nfPF4dhB5vVFZH3xUZgb/+EMo 5+6phhNXFQ56pHMRm3Gk7EmpOx5XjLNt5ak/bT7GK5MdaNCpiBnWIGq8n4SJ+g89 a0Vtf2A3W71fsx6H4WFmjMBRYld10cSgizIZnnvTD4JjqoZ5wDjJ8oP9NwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBwhqg8hSjsye7rpveo4aFka+avhMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I4MzQzMzdmLWE3NTMtNDRiNy1iZTllLTM4OWFiMmQyYWNhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba86AwDQYJKoZIhvcNAQELBQADggEBAAjC2FxgWsNFLpYeOQv1 2UyMpyXK2Ngex63ueteb2rYlZGU+f3haxhmW9lo+8EyL5BrsIoqaDlZPagQu7uKc uHFSieOUQVEIJnhNCfIUS+mGo81ZNcXpadvKhxlPJVG62EbHSuMD2xe7u/v4RVRZ zq7J2rHNoVkx2X4rl30ptqv6nn9jEw3ZCQIamVh4WJVK5eaNgUHUCqLB+aYWMuZ6 Fr3c09yPEo8uB/7WBpU/INLfG5wKTJuDvLePBrLbiLKdUm9b4McGjFebksXuZ4wE pDBjh3zTXkAmr1QAOVwixnG7XaSlUXecqBBxKr4PpPI1GQb44gaEZd8aG8dmTHrW 9Gs= -----END CERTIFICATE-----Generated at Mon Jun 30 22:44:18 2025 by rpki-client