$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa File: c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa (raw, json) Hash identifier: O9CVSr+KtJeiv9cLjvlAznsW4yHT+WEeW6Ni9mUZPwA= Subject key identifier: 1B:12:AD:AB:22:57:D3:DD:BA:E3:A3:87:C4:38:BC:90:03:A0:3E:79 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 37196BE50AF02C32369CBE5C082139D1393B3D8D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa Signing time: Mon 28 Jul 2025 15:10:59 +0000 ROA not before: Mon 28 Jul 2025 15:10:59 +0000 ROA not after: Mon 01 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:a040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:19:6b:e5:0a:f0:2c:32:36:9c:be:5c:08:21:39:d1:39:3b:3d:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 28 15:10:59 2025 GMT Not After : Sep 1 23:59:59 2025 GMT Subject: serialNumber=370191db0f80e855b73a2e177fd145e6e37356e1e208897794b94676107b34ac, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:cd:b8:2e:7b:aa:5e:0a:f8:28:5c:97:46:c2: ca:09:46:fa:d1:eb:cd:a1:2f:8a:0c:ee:50:49:73: 63:a4:90:e7:e8:5e:e1:29:8c:9f:b2:ca:27:0b:4f: 56:70:c1:ba:7b:2f:cd:81:94:3c:0d:d9:68:79:c5: 9d:2d:07:64:67:f7:1f:f0:aa:db:14:e7:4f:bb:18: e1:3f:5b:62:f3:8e:6a:61:f4:90:88:1d:57:16:6f: d9:af:49:8e:ea:a1:85:27:6e:7e:10:b3:b1:2c:44: 49:9c:12:76:35:c8:6b:c3:06:a7:ac:cd:2e:f0:3b: a6:9d:13:d4:51:82:b5:a7:43:78:4e:52:e6:28:68: 05:93:47:3a:ab:0f:f4:76:f1:36:62:6a:5f:ce:77: c0:31:f6:3c:7f:e9:39:98:50:6e:34:43:ba:06:56: 9d:bb:47:e8:8b:4a:59:40:60:a5:36:38:34:8e:60: 48:69:9e:8b:b0:f8:3f:b2:14:36:7f:0b:c9:8f:6c: a0:0e:bd:14:30:41:e6:07:f7:01:74:9a:57:4c:2f: 77:7c:47:e7:41:83:0c:13:70:3f:ff:ae:6b:13:9e: 68:c7:47:0b:bd:38:15:55:b5:91:c9:31:82:ba:9c: e1:80:39:05:8a:63:92:cf:b5:cb:34:d4:77:9d:62: 82:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:12:AD:AB:22:57:D3:DD:BA:E3:A3:87:C4:38:BC:90:03:A0:3E:79 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:a040::/48 Signature Algorithm: sha256WithRSAEncryption 9a:1d:51:0b:32:7f:8e:d4:f3:e9:67:be:fc:af:06:e6:02:35: 7c:db:35:54:c8:aa:09:1c:a0:90:e5:72:ae:26:1a:4e:c1:e3: cc:e2:3b:17:2d:e7:ac:26:70:29:aa:fb:0d:b4:91:26:70:61: ca:8b:d2:1d:82:38:7d:a3:64:97:f0:ce:1b:54:00:f2:9d:56: a5:9f:92:ab:19:e0:32:96:b8:9e:ac:5e:8e:ef:d1:9b:60:dc: 79:6b:e2:d5:08:b5:59:ec:a6:4d:f6:8b:e3:eb:34:fa:0e:10: ad:0b:65:cf:16:dd:53:45:63:91:6f:36:c9:1b:c6:1a:d8:1b: d6:7b:7b:2c:2d:b0:5a:5a:7c:5b:f9:ec:01:0c:0f:0d:e4:7b: fa:00:89:8b:71:45:f5:33:5f:70:39:03:32:dc:3b:08:4c:7e: 2b:fb:8a:f2:38:68:6a:2c:f7:2b:d5:e9:e5:62:03:fd:a8:65: a0:90:bb:a1:61:fd:a4:95:61:1a:69:46:73:d5:e7:1a:88:02: 62:c0:10:e6:4a:0a:10:04:14:a7:90:11:31:94:d7:71:a9:74: fb:d4:cc:50:27:e8:e4:a3:2b:d5:c5:18:1d:fe:c4:4f:7e:3c: a8:e0:e5:e6:13:dd:ee:43:1e:41:de:54:02:b0:0b:e9:1c:cc: 25:2e:4d:34 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUNxlr5QrwLDI2nL5cCCE50Tk7PY0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyODE1MTA1OVoX DTI1MDkwMTIzNTk1OVowejFJMEcGA1UEBRNAMzcwMTkxZGIwZjgwZTg1NWI3M2Ey ZTE3N2ZkMTQ1ZTZlMzczNTZlMWUyMDg4OTc3OTRiOTQ2NzYxMDdiMzRhYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8M24LnuqXgr4KFyXRsLKCUb60evN oS+KDO5QSXNjpJDn6F7hKYyfssonC09WcMG6ey/NgZQ8DdloecWdLQdkZ/cf8Krb FOdPuxjhP1ti845qYfSQiB1XFm/Zr0mO6qGFJ25+ELOxLERJnBJ2NchrwwanrM0u 8DumnRPUUYK1p0N4TlLmKGgFk0c6qw/0dvE2YmpfznfAMfY8f+k5mFBuNEO6Blad u0foi0pZQGClNjg0jmBIaZ6LsPg/shQ2fwvJj2ygDr0UMEHmB/cBdJpXTC93fEfn QYMME3A//65rE55ox0cLvTgVVbWRyTGCupzhgDkFimOSz7XLNNR3nWKCrQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBsSrasiV9PduuOjh8Q4vJADoD55MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M3YTFhM2ViLTQ2ZmItNDM0OS1iZWI0LWRiYWRlZjkwN2UyYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAKBAMA0GCSqGSIb3DQEBCwUAA4IBAQCaHVELMn+O1PPpZ778 rwbmAjV82zVUyKoJHKCQ5XKuJhpOwePM4jsXLeesJnApqvsNtJEmcGHKi9Idgjh9 o2SX8M4bVADynValn5KrGeAylrierF6O79GbYNx5a+LVCLVZ7KZN9ovj6zT6DhCt C2XPFt1TRWORbzbJG8Ya2BvWe3ssLbBaWnxb+ewBDA8N5Hv6AImLcUX1M19wOQMy 3DsITH4r+4ryOGhqLPcr1enlYgP9qGWgkLuhYf2klWEaaUZz1ecaiAJiwBDmSgoQ BBSnkBExlNdxqXT71MxQJ+jkoyvVxRgd/sRPfjyo4OXmE93uQx5B3lQCsAvpHMwl Lk00 -----END CERTIFICATE-----Generated at Thu Jul 31 00:57:27 2025 by rpki-client