$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7b1c1ce-ca99-4712-96c8-2e4dc35d25f1.roa File: c7b1c1ce-ca99-4712-96c8-2e4dc35d25f1.roa (raw, json) Hash identifier: 1DZ2atc1US2/QqaiVCTYI4KFPsKERJCbFowyohrN7cI= Subject key identifier: 4E:29:EE:FB:EA:B4:B7:B2:5D:8D:6C:C2:95:71:64:16:23:AE:77:26 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 50C167F95B859802C49D10661BD56B4603ECE0A5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7b1c1ce-ca99-4712-96c8-2e4dc35d25f1.roa Signing time: Sat 26 Jul 2025 00:00:20 +0000 ROA not before: Sat 26 Jul 2025 00:00:20 +0000 ROA not after: Sat 30 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:c1:67:f9:5b:85:98:02:c4:9d:10:66:1b:d5:6b:46:03:ec:e0:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 26 00:00:20 2025 GMT Not After : Aug 30 23:59:59 2025 GMT Subject: serialNumber=1e80b315470ef7260efa257df36c07d53a649ce6772fea34801ab9b4c0d4fe70, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:25:3e:8d:04:19:a6:0e:1d:95:d0:fe:b1:e9: 36:b1:d8:1e:21:a0:a0:e7:91:a8:15:5b:96:76:4f: ad:a1:53:dc:8f:68:4d:2d:4d:3e:24:54:bd:fa:a3: 2d:3f:92:f5:b3:d6:a3:c7:41:ab:29:c2:eb:51:db: 9e:87:85:8e:0d:4f:1f:2a:ae:00:d2:0d:47:e8:d5: be:24:ff:b1:5a:72:c9:d8:88:ec:d0:28:38:68:6c: 1c:d7:17:22:b2:6a:b8:b6:f2:6a:86:c0:a3:08:8b: db:22:e8:46:fb:0b:bf:4c:39:89:b7:40:f1:0d:0c: e1:e7:da:ac:86:d3:7f:e8:43:43:21:3a:8b:e3:21: 4f:2c:00:40:1c:ad:fa:25:dc:6b:99:3b:65:a7:97: 6f:e6:c2:90:8f:2d:e7:94:26:f7:26:d6:23:50:86: 88:bc:85:f8:0f:84:ae:44:1d:ae:c8:06:64:21:17: b2:d5:db:4c:12:89:7b:04:a5:0f:3a:32:4c:1b:db: 55:cd:93:4b:a7:c8:55:f7:48:6e:79:bc:90:e5:57: d2:2b:6b:d6:e2:71:97:1d:92:83:87:f6:47:30:5f: b7:b4:d2:e3:40:7c:c8:cd:80:e1:38:cb:dd:20:d4: 7e:b0:3d:6d:51:c7:1c:ab:97:68:9d:28:f6:17:d8: 37:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:29:EE:FB:EA:B4:B7:B2:5D:8D:6C:C2:95:71:64:16:23:AE:77:26 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7b1c1ce-ca99-4712-96c8-2e4dc35d25f1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:a000::/40 Signature Algorithm: sha256WithRSAEncryption 12:ba:e5:b6:2c:f3:32:28:3a:1b:70:da:3d:44:01:27:1f:a5: d6:cf:29:d9:57:61:a9:8c:4d:f7:3a:3c:1d:2b:18:55:0a:24: c2:55:1e:1b:36:8e:2c:ff:1a:27:3d:6d:ce:cb:ad:ef:07:cf: c8:e1:0a:9e:ad:49:94:bc:dc:56:1d:51:7e:3a:a2:84:9b:15: e6:79:d1:db:2b:e7:ee:b7:18:95:5e:5c:9a:6d:05:c4:c8:b8: 84:15:9d:5b:cb:32:61:38:f0:8e:8c:1b:62:95:a8:d9:4c:2c: f7:83:52:95:6e:98:45:6c:1d:d0:65:f1:85:f6:1e:98:09:2b: 42:82:90:d5:4f:d1:eb:7c:29:e6:8c:89:07:d0:d7:19:89:29: e6:d8:af:62:02:15:3c:67:e1:b7:b0:35:56:c6:a2:ad:d0:39: c2:83:ea:48:2b:4b:28:dd:ac:77:d1:42:52:7e:17:18:f0:be: 80:04:6f:c1:59:4c:7d:a9:c1:e7:8e:81:26:77:f0:b2:b6:cf: f0:b9:02:41:a9:2d:85:1b:0c:93:ad:98:30:0a:ca:0e:e6:37: 6a:ce:0f:cd:2e:70:87:0c:e2:c4:86:d8:6b:f9:96:ed:38:99: 8e:34:9d:f1:13:6f:d4:e0:5a:7e:33:b8:df:dd:8a:88:eb:8d: 48:ba:5d:18 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUUMFn+VuFmALEnRBmG9VrRgPs4KUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyNjAwMDAyMFoX DTI1MDgzMDIzNTk1OVowejFJMEcGA1UEBRNAMWU4MGIzMTU0NzBlZjcyNjBlZmEy NTdkZjM2YzA3ZDUzYTY0OWNlNjc3MmZlYTM0ODAxYWI5YjRjMGQ0ZmU3MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3CU+jQQZpg4dldD+sek2sdgeIaCg 55GoFVuWdk+toVPcj2hNLU0+JFS9+qMtP5L1s9ajx0GrKcLrUdueh4WODU8fKq4A 0g1H6NW+JP+xWnLJ2Ijs0Cg4aGwc1xcismq4tvJqhsCjCIvbIuhG+wu/TDmJt0Dx DQzh59qshtN/6ENDITqL4yFPLABAHK36JdxrmTtlp5dv5sKQjy3nlCb3JtYjUIaI vIX4D4SuRB2uyAZkIRey1dtMEol7BKUPOjJMG9tVzZNLp8hV90huebyQ5VfSK2vW 4nGXHZKDh/ZHMF+3tNLjQHzIzYDhOMvdINR+sD1tUcccq5donSj2F9g3wQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFE4p7vvqtLeyXY1swpVxZBYjrncmMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M3YjFjMWNlLWNhOTktNDcxMi05NmM4LTJlNGRjMzVkMjVmMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9KAwDQYJKoZIhvcNAQELBQADggEBABK65bYs8zIoOhtw2j1E AScfpdbPKdlXYamMTfc6PB0rGFUKJMJVHhs2jiz/Gic9bc7Lre8Hz8jhCp6tSZS8 3FYdUX46ooSbFeZ50dsr5+63GJVeXJptBcTIuIQVnVvLMmE48I6MG2KVqNlMLPeD UpVumEVsHdBl8YX2HpgJK0KCkNVP0et8KeaMiQfQ1xmJKebYr2ICFTxn4bewNVbG oq3QOcKD6kgrSyjdrHfRQlJ+FxjwvoAEb8FZTH2pweeOgSZ38LK2z/C5AkGpLYUb DJOtmDAKyg7mN2rOD80ucIcM4sSG2Gv5lu04mY40nfETb9TgWn4zuN/diojrjUi6 XRg= -----END CERTIFICATE-----Generated at Thu Jul 31 00:58:24 2025 by rpki-client