$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cfb3ce63-3d0a-4724-acc7-374b5da711f1.roa File: cfb3ce63-3d0a-4724-acc7-374b5da711f1.roa (raw, json) Hash identifier: m8j6FzlSTBI2SDZDtebwvewlxregOLAUDoKiB1A/qsk= Subject key identifier: FD:9B:DB:A8:20:BA:FA:CE:CF:90:33:09:FF:FD:61:A0:9A:F0:66:68 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 157F45CF1D45CCFBA2EDEA47C94F203C022B08EF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cfb3ce63-3d0a-4724-acc7-374b5da711f1.roa Signing time: Mon 07 Jul 2025 15:20:09 +0000 ROA not before: Mon 07 Jul 2025 15:20:09 +0000 ROA not after: Mon 11 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:7f:45:cf:1d:45:cc:fb:a2:ed:ea:47:c9:4f:20:3c:02:2b:08:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 7 15:20:09 2025 GMT Not After : Aug 11 23:59:59 2025 GMT Subject: serialNumber=184fdc23514af85ee7679bf42fa795f81703ec0e53a04d9971d1ecb0eb314628, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:29:10:3d:ab:1c:6f:0d:36:04:08:4b:7e:07: 4c:46:a3:ab:d2:1d:bc:ca:20:8a:11:79:d1:8c:2d: 6b:59:4c:d6:2a:1e:c2:fd:e0:0a:1c:ec:1d:33:fe: 3e:65:92:6a:cf:f1:a3:b5:58:e5:cc:0d:67:f6:a5: 0d:8a:72:e8:3c:a0:fc:b9:11:65:fe:2c:4e:22:ea: 58:5c:b4:d9:b5:a0:53:71:6f:dc:83:66:0f:ed:8c: 53:e7:9f:fb:df:fc:e9:f2:d9:7d:52:cb:1a:86:81: 01:c6:07:59:f0:1c:1d:f1:3f:af:cc:2d:2c:f6:49: f7:20:31:58:5b:58:e7:cd:08:05:59:2c:4f:51:13: e9:ae:27:4d:26:47:05:51:f2:19:3e:73:8a:51:7d: 10:4e:4b:cb:16:38:7f:ae:26:79:58:59:8f:e0:d0: 33:70:06:83:ae:fc:03:47:99:c8:a4:50:3a:3c:01: 7e:5b:22:e4:99:a0:aa:1e:fa:e4:58:ec:51:21:d9: 01:6e:3a:1f:fd:60:9e:da:15:84:ef:91:11:4c:ce: 05:ec:f3:7c:bb:7d:2a:f5:01:87:d1:c8:03:06:3a: 61:44:47:d6:fe:6e:6d:14:24:60:aa:9d:96:31:2b: a9:0a:ab:e5:12:37:8d:35:87:d0:a0:c3:40:d4:a3: c4:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:9B:DB:A8:20:BA:FA:CE:CF:90:33:09:FF:FD:61:A0:9A:F0:66:68 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cfb3ce63-3d0a-4724-acc7-374b5da711f1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:b000::/40 Signature Algorithm: sha256WithRSAEncryption 6e:0c:f7:43:01:2c:91:f3:15:10:ff:4d:0d:88:ad:11:0e:91: cc:eb:69:11:35:47:c4:13:58:24:d9:31:49:17:0f:7f:3f:12: 12:b8:d8:ba:33:4d:4a:91:b8:c9:c1:6f:5c:8f:2e:d5:5b:b6: 42:d9:6f:ad:23:51:88:17:3f:43:3f:84:42:cd:af:78:e1:22: 8d:7d:fe:cb:67:63:cd:2b:95:c2:9a:20:5d:58:17:7e:d5:e3: 4a:3d:6f:74:99:04:81:a4:25:a0:69:f9:eb:d6:d8:7b:cf:32: 95:d6:6d:09:a5:8d:86:58:93:8f:fb:ee:3c:c1:da:fa:51:84: 0b:ab:a6:15:c7:ad:91:80:4c:99:13:5f:62:fc:f8:0b:aa:27: 32:e3:ba:1c:53:9e:49:37:ec:cf:2d:e8:77:c4:eb:2b:ef:6e: f1:9d:e5:2b:98:5b:86:ac:0b:25:d4:35:25:7e:fa:94:1b:46: 26:a4:aa:dd:12:44:c7:63:05:52:57:b2:50:ac:ff:0c:59:18: c6:c4:93:54:d5:71:8e:4b:79:d6:9e:28:ce:3b:3b:43:e6:b1: d8:ce:93:95:c2:6f:39:9b:2b:68:fc:33:66:f5:bf:75:0f:88: 6c:44:2e:0e:93:0a:14:cc:7d:f9:06:d8:62:be:23:0a:7a:46: b4:f0:0f:20 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFX9Fzx1FzPui7epHyU8gPAIrCO8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE1MjAwOVoX DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAMTg0ZmRjMjM1MTRhZjg1ZWU3Njc5 YmY0MmZhNzk1ZjgxNzAzZWMwZTUzYTA0ZDk5NzFkMWVjYjBlYjMxNDYyODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjykQPascbw02BAhLfgdMRqOr0h28 yiCKEXnRjC1rWUzWKh7C/eAKHOwdM/4+ZZJqz/GjtVjlzA1n9qUNinLoPKD8uRFl /ixOIupYXLTZtaBTcW/cg2YP7YxT55/73/zp8tl9UssahoEBxgdZ8Bwd8T+vzC0s 9kn3IDFYW1jnzQgFWSxPURPpridNJkcFUfIZPnOKUX0QTkvLFjh/riZ5WFmP4NAz cAaDrvwDR5nIpFA6PAF+WyLkmaCqHvrkWOxRIdkBbjof/WCe2hWE75ERTM4F7PN8 u30q9QGH0cgDBjphREfW/m5tFCRgqp2WMSupCqvlEjeNNYfQoMNA1KPEqQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFP2b26gguvrOz5AzCf/9YaCa8GZoMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NmYjNjZTYzLTNkMGEtNDcyNC1hY2M3LTM3NGI1ZGE3MTFmMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOLAwDQYJKoZIhvcNAQELBQADggEBAG4M90MBLJHzFRD/TQ2I rREOkczraRE1R8QTWCTZMUkXD38/EhK42LozTUqRuMnBb1yPLtVbtkLZb60jUYgX P0M/hELNr3jhIo19/stnY80rlcKaIF1YF37V40o9b3SZBIGkJaBp+evW2HvPMpXW bQmljYZYk4/77jzB2vpRhAurphXHrZGATJkTX2L8+AuqJzLjuhxTnkk37M8t6HfE 6yvvbvGd5SuYW4asCyXUNSV++pQbRiakqt0SRMdjBVJXslCs/wxZGMbEk1TVcY5L edaeKM47O0PmsdjOk5XCbzmbK2j8M2b1v3UPiGxELg6TChTMffkG2GK+Iwp6RrTw DyA= -----END CERTIFICATE-----Generated at Thu Jul 31 01:02:15 2025 by rpki-client