$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cebc5290-288e-4f33-9035-a2d651433cdd.roa File: cebc5290-288e-4f33-9035-a2d651433cdd.roa (raw, json) Hash identifier: gGq8kwLyD/BLmtSnWkeq7GpXFPeI468ZujjiRsDzoHY= Subject key identifier: 14:CB:1A:45:5B:61:B5:8F:DB:DF:D7:B5:F2:9D:71:DC:1A:CA:43:29 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 74D93C70A3EB9046D2134DA50E491ABCBDA96DC1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cebc5290-288e-4f33-9035-a2d651433cdd.roa Signing time: Tue 29 Jul 2025 00:31:15 +0000 ROA not before: Tue 29 Jul 2025 00:31:15 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:c000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:d9:3c:70:a3:eb:90:46:d2:13:4d:a5:0e:49:1a:bc:bd:a9:6d:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:31:15 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=9c98748093e1a784d52c98bf7623bb8a73a89453326bfec85911e738bab481b0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:b9:10:20:c4:88:aa:a6:19:40:9f:94:8a:b7: 12:95:62:d2:7c:ea:15:a5:3f:aa:75:aa:a4:5d:f1: 45:94:af:c0:63:89:33:6a:28:da:70:41:40:86:e8: 55:25:ea:35:b0:77:67:90:96:67:f5:d8:50:5a:63: be:0b:94:e2:89:b7:c9:1f:3c:08:7e:c0:e9:0c:d1: 5f:b9:22:01:c1:06:05:8d:dc:1f:6c:28:f5:ed:f9: cb:ed:79:5f:03:d2:b4:e3:17:e3:88:16:1d:82:1a: 49:9d:57:d7:65:47:2c:93:43:8f:e8:8a:58:e5:b2: 30:e4:ae:71:d0:c5:2d:b1:7c:ae:b2:36:67:ad:d0: 75:85:c4:89:ac:d8:06:ec:70:03:53:f8:bb:3d:7b: de:1c:2f:4e:b3:af:32:d6:85:3c:3b:2c:d1:ca:df: c5:7e:17:bb:9f:47:c6:15:3e:1a:07:f5:d8:b5:44: 76:72:c7:84:4f:a2:90:49:61:51:50:10:b6:9c:61: 23:71:22:00:f3:9e:37:c0:1e:1a:4d:82:09:af:79: 5e:28:ba:ec:ec:b9:12:c1:69:37:b7:9b:22:0f:8b: 10:da:3b:35:3d:15:f3:56:1c:ec:f5:fa:07:ce:b4: f1:66:76:31:a4:4e:dc:9f:dd:aa:47:a0:29:54:68: 59:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:CB:1A:45:5B:61:B5:8F:DB:DF:D7:B5:F2:9D:71:DC:1A:CA:43:29 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cebc5290-288e-4f33-9035-a2d651433cdd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:c000::/40 Signature Algorithm: sha256WithRSAEncryption 3c:9c:2d:e3:03:7d:6b:ba:56:6d:cc:58:86:ee:cb:7d:7b:05: f5:29:18:64:42:71:59:52:aa:ed:7c:77:7a:cb:66:77:67:24: 1c:a0:70:7e:b8:b9:99:81:a1:0f:1c:b3:7c:9b:d5:bc:51:5b: 67:5c:17:45:e8:e3:40:ff:52:9e:05:22:a3:7b:96:d7:29:20: 57:37:bf:6f:04:e9:40:e2:fb:29:e6:5a:fd:ff:13:54:f3:f1: ed:a2:42:2c:4b:f7:6d:66:8e:f6:3a:66:9a:67:7b:77:df:bb: eb:af:c7:0d:19:22:ec:4a:97:50:2f:19:99:50:5c:f1:a7:30: 2a:60:29:31:43:de:ff:50:6f:c8:e3:cb:0c:44:2e:69:aa:3f: d8:69:82:c6:f5:66:e1:90:9f:6d:6a:d2:a9:18:84:00:96:ae: d9:0e:95:ec:32:96:f7:4b:89:8e:ee:36:df:39:e9:ac:23:de: 82:70:9f:02:b0:65:ea:1e:17:30:a8:02:1d:02:42:44:07:69: fd:ee:2c:65:af:e5:cf:81:0a:cf:7a:8d:73:dd:f7:9e:f0:62: d0:95:5c:51:d5:26:68:7c:91:cb:9a:69:09:d0:67:57:62:65: 02:81:66:f6:0a:37:42:36:19:45:8f:a0:ef:46:aa:f9:08:13: 6c:2d:e7:5b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdNk8cKPrkEbSE02lDkkavL2pbcEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwMzExNVoX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNAOWM5ODc0ODA5M2UxYTc4NGQ1MmM5 OGJmNzYyM2JiOGE3M2E4OTQ1MzMyNmJmZWM4NTkxMWU3MzhiYWI0ODFiMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLkQIMSIqqYZQJ+UircSlWLSfOoV pT+qdaqkXfFFlK/AY4kzaijacEFAhuhVJeo1sHdnkJZn9dhQWmO+C5TiibfJHzwI fsDpDNFfuSIBwQYFjdwfbCj17fnL7XlfA9K04xfjiBYdghpJnVfXZUcsk0OP6IpY 5bIw5K5x0MUtsXyusjZnrdB1hcSJrNgG7HADU/i7PXveHC9Os68y1oU8OyzRyt/F fhe7n0fGFT4aB/XYtUR2cseET6KQSWFRUBC2nGEjcSIA8543wB4aTYIJr3leKLrs 7LkSwWk3t5siD4sQ2js1PRXzVhzs9foHzrTxZnYxpE7cn92qR6ApVGhZ+wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBTLGkVbYbWP29/XtfKdcdwaykMpMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NlYmM1MjkwLTI4OGUtNGYzMy05MDM1LWEyZDY1MTQzM2NkZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAMAwDQYJKoZIhvcNAQELBQADggEBADycLeMDfWu6Vm3MWIbu y317BfUpGGRCcVlSqu18d3rLZndnJBygcH64uZmBoQ8cs3yb1bxRW2dcF0Xo40D/ Up4FIqN7ltcpIFc3v28E6UDi+ynmWv3/E1Tz8e2iQixL921mjvY6Zppne3ffu+uv xw0ZIuxKl1AvGZlQXPGnMCpgKTFD3v9Qb8jjywxELmmqP9hpgsb1ZuGQn21q0qkY hACWrtkOlewylvdLiY7uNt856awj3oJwnwKwZeoeFzCoAh0CQkQHaf3uLGWv5c+B Cs96jXPd957wYtCVXFHVJmh8kcuaaQnQZ1diZQKBZvYKN0I2GUWPoO9GqvkIE2wt 51s= -----END CERTIFICATE-----Generated at Thu Jul 31 01:00:16 2025 by rpki-client