$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf6f6e75-6bab-4bc1-8822-1b7ec1fc148d.roa File: cf6f6e75-6bab-4bc1-8822-1b7ec1fc148d.roa (raw, json) Hash identifier: hkgsxA3hGRoPOGURcyAeKRzbm6ZgllAoG4I3VbDxX1U= Subject key identifier: 27:92:D0:46:A1:CF:C4:C5:87:23:99:D1:00:A3:69:12:0B:77:AC:14 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 73A7EBF74648F8917D1BC59BB11B545415F8ACAD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf6f6e75-6bab-4bc1-8822-1b7ec1fc148d.roa Signing time: Mon 28 Jul 2025 15:01:11 +0000 ROA not before: Mon 28 Jul 2025 15:01:11 +0000 ROA not after: Mon 01 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:60c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:a7:eb:f7:46:48:f8:91:7d:1b:c5:9b:b1:1b:54:54:15:f8:ac:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 28 15:01:11 2025 GMT Not After : Sep 1 23:59:59 2025 GMT Subject: serialNumber=59bacae2e139f034c05fa50bac9ed4521f0c0a1000ec8d997ce95a78bf7296a9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:37:e0:83:40:bf:1b:81:bf:d0:52:22:0f:f5: 47:d9:0c:a9:5e:17:0e:06:2c:a1:30:46:57:08:81: c9:c6:e8:f2:43:c3:95:d9:bd:35:ef:b8:8b:75:df: 18:b6:3a:e1:07:d7:8f:3a:11:66:13:47:20:20:cf: 93:c4:d0:dd:0b:84:54:9d:bd:21:23:d7:bf:23:36: f2:c8:84:27:4b:a7:ce:c5:fa:17:40:d6:1c:92:36: a4:af:94:51:67:46:9f:35:bf:90:a8:90:64:d3:aa: ab:d9:5d:20:64:31:7c:5e:a0:e4:ee:34:8e:62:f4: e2:ff:12:0a:8e:21:bf:62:4d:6b:e2:7a:62:69:6f: 95:6c:98:67:78:69:c9:d2:06:28:7d:2e:20:6a:99: 85:5e:88:4f:8c:c1:04:fd:58:ec:a0:63:e5:87:dd: c9:10:70:5e:c4:95:74:c5:eb:b5:c5:60:10:7a:a0: 70:29:ba:ed:c1:d6:af:fb:3f:db:8f:8c:48:1b:51: 79:26:e2:a5:c2:2c:01:b7:c0:30:82:e8:70:cb:46: 96:e0:62:e8:bb:ea:bc:d2:f9:6f:c2:40:66:17:5c: 7f:b1:4d:f8:36:f4:8e:22:5d:31:bf:91:be:37:ca: 59:d9:fb:3c:06:dc:b7:2a:20:94:7b:09:c8:f8:0e: 74:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:92:D0:46:A1:CF:C4:C5:87:23:99:D1:00:A3:69:12:0B:77:AC:14 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf6f6e75-6bab-4bc1-8822-1b7ec1fc148d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:60c0::/48 Signature Algorithm: sha256WithRSAEncryption a2:e2:ba:43:22:3c:98:72:ff:11:93:22:91:cf:a5:02:49:c8: 3d:58:61:53:70:6a:03:2c:9a:33:ab:ee:c5:4c:57:fc:6f:31: 05:65:f1:ed:06:a9:56:0e:ed:63:a4:5e:cc:43:1c:4f:fd:aa: e6:ae:4c:cb:ef:6f:c6:7b:df:d9:97:e2:20:54:b6:7b:ad:df: 62:cf:99:65:c7:36:68:d4:07:3e:27:a5:66:90:9e:68:a3:e0: a9:19:aa:8e:2e:92:a0:de:fc:fa:bc:2c:3e:49:7a:74:99:99: d3:90:a5:75:f4:86:26:96:e5:86:fa:cb:2e:13:54:d8:70:0f: 4a:de:39:c5:ff:b2:f1:ad:68:7b:4a:99:67:8f:40:ee:16:11: 4b:df:fa:a1:bd:6f:10:aa:9f:8f:4d:3c:72:33:1c:6f:72:5c: c9:d0:59:67:ee:51:31:4e:cd:d7:be:7d:a4:be:3d:1f:5d:2d: 9c:30:d7:75:b6:ba:89:46:3a:95:35:a9:28:1b:4d:a8:33:85: 0f:f3:22:ce:8c:55:0a:2d:46:f1:1a:fe:80:05:7c:65:9f:ae: 45:5d:0d:b9:82:0e:74:88:ba:26:a9:d3:93:f1:6a:b5:ad:78: dd:d5:55:5f:e8:e6:70:35:e7:fa:b5:17:b4:d3:3e:13:d2:d4: 5b:13:5d:09 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUc6fr90ZI+JF9G8WbsRtUVBX4rK0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyODE1MDExMVoX DTI1MDkwMTIzNTk1OVowejFJMEcGA1UEBRNANTliYWNhZTJlMTM5ZjAzNGMwNWZh NTBiYWM5ZWQ0NTIxZjBjMGExMDAwZWM4ZDk5N2NlOTVhNzhiZjcyOTZhOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDfgg0C/G4G/0FIiD/VH2QypXhcO BiyhMEZXCIHJxujyQ8OV2b0177iLdd8YtjrhB9ePOhFmE0cgIM+TxNDdC4RUnb0h I9e/IzbyyIQnS6fOxfoXQNYckjakr5RRZ0afNb+QqJBk06qr2V0gZDF8XqDk7jSO YvTi/xIKjiG/Yk1r4npiaW+VbJhneGnJ0gYofS4gapmFXohPjMEE/VjsoGPlh93J EHBexJV0xeu1xWAQeqBwKbrtwdav+z/bj4xIG1F5JuKlwiwBt8Awguhwy0aW4GLo u+q80vlvwkBmF1x/sU34NvSOIl0xv5G+N8pZ2fs8Bty3KiCUewnI+A50yQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCeS0Eahz8TFhyOZ0QCjaRILd6wUMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NmNmY2ZTc1LTZiYWItNGJjMS04ODIyLTFiN2VjMWZjMTQ4ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8mDAMA0GCSqGSIb3DQEBCwUAA4IBAQCi4rpDIjyYcv8RkyKR z6UCScg9WGFTcGoDLJozq+7FTFf8bzEFZfHtBqlWDu1jpF7MQxxP/armrkzL72/G e9/Zl+IgVLZ7rd9iz5llxzZo1Ac+J6VmkJ5oo+CpGaqOLpKg3vz6vCw+SXp0mZnT kKV19IYmluWG+ssuE1TYcA9K3jnF/7LxrWh7Splnj0DuFhFL3/qhvW8Qqp+PTTxy MxxvclzJ0Fln7lExTs3Xvn2kvj0fXS2cMNd1trqJRjqVNakoG02oM4UP8yLOjFUK LUbxGv6ABXxln65FXQ25gg50iLomqdOT8Wq1rXjd1VVf6OZwNef6tRe00z4T0tRb E10J -----END CERTIFICATE-----Generated at Thu Jul 31 01:00:20 2025 by rpki-client