$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d07df133-27a9-413c-9804-adb048f407f3.roa File: d07df133-27a9-413c-9804-adb048f407f3.roa (raw, json) Hash identifier: 2FpxmgjlVqWXLoMMpZ4f0ujEwdLb4JIUKljvoHddDfM= Subject key identifier: 57:42:18:04:DB:A1:F1:35:7D:1A:2F:65:1A:72:E7:20:1C:B5:D0:BF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1266074E8E5C914D0BA228241B4EB8412CE76D79 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d07df133-27a9-413c-9804-adb048f407f3.roa Signing time: Mon 07 Jul 2025 15:30:14 +0000 ROA not before: Mon 07 Jul 2025 15:30:14 +0000 ROA not after: Mon 11 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:66:07:4e:8e:5c:91:4d:0b:a2:28:24:1b:4e:b8:41:2c:e7:6d:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 7 15:30:14 2025 GMT Not After : Aug 11 23:59:59 2025 GMT Subject: serialNumber=5553696d8253294d76b05773ec39577f96d4b4f31a7d0d953c55c7a6e49b1eb4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:c8:03:62:af:1f:d0:f6:6e:a4:c9:0e:96:7f: 5b:e2:23:f3:0e:d0:cf:ec:81:ea:a6:7d:29:45:6a: dc:ae:83:78:82:ab:22:e4:18:04:81:51:01:49:22: 8f:63:9a:d6:d8:c3:ab:3e:b1:7b:48:57:ee:eb:64: 80:1d:40:4c:50:cc:e5:5a:a2:60:a5:65:be:2a:bb: 33:f8:6f:af:af:bd:55:4c:6d:9f:2c:d3:b0:16:47: c7:af:2a:76:92:54:f3:a3:05:f5:94:ab:43:e2:7f: 9d:82:6b:38:1d:df:d8:de:07:80:cf:f1:ba:64:9d: 49:e3:de:12:a3:64:88:98:02:06:52:ac:b1:f4:10: aa:72:ac:1d:4f:58:30:c6:6c:37:61:ed:2e:f8:27: 2a:ff:78:f9:ef:4b:11:6a:fb:6e:2d:19:06:63:4a: f6:4d:ca:4f:54:a3:a1:c6:56:72:45:a6:27:4a:a8: 19:f2:b2:ff:d2:d7:db:4c:a1:0d:04:78:b9:f5:24: ed:48:b0:cb:a2:38:41:7f:66:f7:a8:3a:02:92:c2: 1e:1f:e5:db:e7:65:13:a3:23:bc:27:a5:e2:a2:9f: 0e:17:69:e9:fb:29:79:6b:e8:63:dc:25:17:7c:76: 01:9a:7a:1f:eb:a4:9c:4e:30:71:72:e7:09:de:89: 95:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:42:18:04:DB:A1:F1:35:7D:1A:2F:65:1A:72:E7:20:1C:B5:D0:BF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d07df133-27a9-413c-9804-adb048f407f3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:2800::/40 Signature Algorithm: sha256WithRSAEncryption a3:37:c5:62:4e:fd:8c:08:c6:d6:9b:a9:35:bc:a5:8c:9c:61: e7:e6:8e:53:c9:98:36:88:d8:4e:74:5c:6f:3c:d9:91:f0:c0: 72:5d:3e:52:0f:fa:92:ac:cc:ba:2c:47:88:a8:52:fb:c2:46: 77:2d:98:93:a1:16:bd:55:8b:da:bd:a9:71:7f:00:82:20:56: 0d:78:20:fd:8b:60:8b:2c:b6:85:63:e5:00:f1:98:05:a7:b6: b7:5c:a3:f2:f2:0c:92:8d:36:98:bf:fa:4b:28:a1:27:8c:e9: fe:71:94:ed:63:31:83:13:6c:ba:2a:ad:95:c6:1d:44:c0:b1: e8:ca:ef:23:3b:8b:d7:1e:59:cc:0b:88:79:0a:6b:ad:13:2f: 4b:f2:fd:f4:1d:c4:78:2b:4c:b9:56:96:cf:55:e4:71:9b:42: 2f:38:4e:01:5f:d4:9a:ca:cf:1c:d3:6e:50:ae:0e:58:8a:9e: d1:ea:88:f4:db:c3:fc:84:c3:78:c7:23:0f:27:0f:27:85:c9: 82:0a:85:50:5f:25:f7:63:c0:69:a8:71:e8:93:ac:a1:1a:56: f2:b6:91:ba:c1:12:ce:6b:f2:66:1b:61:b6:5a:45:06:66:d4: f8:7f:34:ee:1e:d8:92:61:0b:4e:51:23:ed:d2:14:01:32:c8: 42:28:a1:f2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEmYHTo5ckU0LoigkG064QSznbXkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE1MzAxNFoX DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNANTU1MzY5NmQ4MjUzMjk0ZDc2YjA1 NzczZWMzOTU3N2Y5NmQ0YjRmMzFhN2QwZDk1M2M1NWM3YTZlNDliMWViNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8gDYq8f0PZupMkOln9b4iPzDtDP 7IHqpn0pRWrcroN4gqsi5BgEgVEBSSKPY5rW2MOrPrF7SFfu62SAHUBMUMzlWqJg pWW+Krsz+G+vr71VTG2fLNOwFkfHryp2klTzowX1lKtD4n+dgms4Hd/Y3geAz/G6 ZJ1J494So2SImAIGUqyx9BCqcqwdT1gwxmw3Ye0u+Ccq/3j570sRavtuLRkGY0r2 TcpPVKOhxlZyRaYnSqgZ8rL/0tfbTKENBHi59STtSLDLojhBf2b3qDoCksIeH+Xb 52UToyO8J6Xiop8OF2np+yl5a+hj3CUXfHYBmnof66ScTjBxcucJ3omVnQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFdCGATbofE1fRovZRpy5yActdC/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QwN2RmMTMzLTI3YTktNDEzYy05ODA0LWFkYjA0OGY0MDdmMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoCgwDQYJKoZIhvcNAQELBQADggEBAKM3xWJO/YwIxtabqTW8 pYycYefmjlPJmDaI2E50XG882ZHwwHJdPlIP+pKszLosR4ioUvvCRnctmJOhFr1V i9q9qXF/AIIgVg14IP2LYIsstoVj5QDxmAWntrdco/LyDJKNNpi/+ksooSeM6f5x lO1jMYMTbLoqrZXGHUTAsejK7yM7i9ceWcwLiHkKa60TL0vy/fQdxHgrTLlWls9V 5HGbQi84TgFf1JrKzxzTblCuDliKntHqiPTbw/yEw3jHIw8nDyeFyYIKhVBfJfdj wGmoceiTrKEaVvK2kbrBEs5r8mYbYbZaRQZm1Ph/NO4e2JJhC05RI+3SFAEyyEIo ofI= -----END CERTIFICATE-----Generated at Thu Jul 31 01:00:19 2025 by rpki-client