$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa File: d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa (raw, json) Hash identifier: rPsaDFVcOlP3uy5/ZQc8ycugrDpOdO5QN6rxC7WTgC4= Subject key identifier: A9:48:5F:A9:19:36:0C:15:4C:37:F2:16:31:BB:53:E8:00:7F:99:AA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4A257574388A647D1F1271152B9D460C9635ECA4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa Signing time: Wed 30 Jul 2025 00:00:24 +0000 ROA not before: Wed 30 Jul 2025 00:00:24 +0000 ROA not after: Wed 03 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:25:75:74:38:8a:64:7d:1f:12:71:15:2b:9d:46:0c:96:35:ec:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 30 00:00:24 2025 GMT Not After : Sep 3 23:59:59 2025 GMT Subject: serialNumber=03196e4b928799cb4a96cd47e7d6230acf5389e794907e321b1acf10385a7595, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:54:20:15:26:3b:a4:65:32:d7:38:14:73:73: 83:26:7a:bd:c3:cc:50:fe:0c:6c:8e:43:c2:a2:53: dc:98:82:20:eb:02:d3:04:43:a5:27:8f:1d:98:26: a4:7c:31:cd:38:d7:8a:19:bc:78:5a:1f:a3:c4:52: 2d:f0:1a:33:44:64:05:ac:02:11:08:7a:24:76:b2: 11:74:d6:74:b8:b7:2a:38:63:d8:01:bf:06:5a:4f: 02:0e:29:c5:85:73:5c:0f:b8:fa:47:7d:66:5b:ff: c4:5e:2a:bd:1a:55:ef:79:5f:67:66:d9:25:71:74: 56:4a:94:e9:7c:6f:a7:75:00:19:d8:80:97:1b:ae: b2:6c:48:25:83:16:3b:26:17:75:02:e9:d9:dd:f0: 70:6f:2b:f6:4f:c4:07:9b:e6:c7:d4:c0:ad:50:91: d7:11:ee:12:c4:40:0a:6b:87:8f:cf:e1:13:04:f5: 26:e5:f7:35:16:4c:a7:01:62:e8:ec:b2:04:0f:49: ee:a8:3a:9f:70:9c:23:04:e0:2d:f4:9a:ec:85:a7: 49:a3:63:b0:24:3b:fa:32:26:6e:36:c6:9c:e3:53: 32:68:f3:65:8a:f2:f1:05:ba:cf:0f:cd:56:90:be: 37:6a:55:06:46:29:dc:7f:bd:d2:da:7b:81:98:eb: 01:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:48:5F:A9:19:36:0C:15:4C:37:F2:16:31:BB:53:E8:00:7F:99:AA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:4000::/40 Signature Algorithm: sha256WithRSAEncryption 11:a5:f5:33:76:36:ca:c7:16:01:09:8e:3a:eb:25:c5:44:32: 7b:13:ec:ac:59:97:53:e8:4e:6d:55:ca:5b:d6:30:f2:d8:d1: 8f:7e:96:3d:95:9f:f0:70:d6:2a:2a:ec:b3:f9:16:48:1c:48: 33:a0:17:9f:7e:06:85:c6:86:30:7d:88:d6:6d:8d:1c:51:48: f3:a8:54:33:a6:0d:3f:51:b7:1a:33:1d:61:8a:bb:c7:15:59: 22:e0:e2:3b:e5:c7:7d:1c:e6:92:08:62:e2:ac:84:63:ee:f1: 15:6b:d3:d7:01:93:42:d5:91:79:a7:61:03:66:57:62:ce:02: 08:09:b1:6b:9c:5a:d4:61:c0:dd:5d:10:59:9c:08:9c:15:85: 14:c5:cd:36:cd:0a:b9:93:3f:b2:a0:6c:9b:ca:ad:59:65:51: 3d:d5:f9:88:97:19:0d:dd:e8:a4:8d:1a:e9:06:49:50:a0:19: 15:bb:f8:a8:2f:11:32:39:2a:a8:e8:02:3a:f8:da:2a:9f:9f: c2:c9:7e:e4:79:ba:27:aa:eb:47:e3:d2:3b:cb:b4:50:04:21: 97:90:62:33:c5:d7:c0:57:3c:33:8a:95:cc:3b:a5:8f:33:6b: 77:6d:d9:6d:1b:15:27:a6:0e:3d:9d:18:9e:e7:13:27:94:f7: e9:4c:aa:61 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSiV1dDiKZH0fEnEVK51GDJY17KQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMDAyNFoX DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAMDMxOTZlNGI5Mjg3OTljYjRhOTZj ZDQ3ZTdkNjIzMGFjZjUzODllNzk0OTA3ZTMyMWIxYWNmMTAzODVhNzU5NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVQgFSY7pGUy1zgUc3ODJnq9w8xQ /gxsjkPColPcmIIg6wLTBEOlJ48dmCakfDHNONeKGbx4Wh+jxFIt8BozRGQFrAIR CHokdrIRdNZ0uLcqOGPYAb8GWk8CDinFhXNcD7j6R31mW//EXiq9GlXveV9nZtkl cXRWSpTpfG+ndQAZ2ICXG66ybEglgxY7Jhd1AunZ3fBwbyv2T8QHm+bH1MCtUJHX Ee4SxEAKa4ePz+ETBPUm5fc1FkynAWLo7LIED0nuqDqfcJwjBOAt9JrshadJo2Ow JDv6MiZuNsac41MyaPNlivLxBbrPD81WkL43alUGRincf73S2nuBmOsBSwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKlIX6kZNgwVTDfyFjG7U+gAf5mqMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QzYmFlNzkwLTAxZDctNGI2ZS1hMGYwLTkzMDViY2JkNGEzNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAEAwDQYJKoZIhvcNAQELBQADggEBABGl9TN2NsrHFgEJjjrr JcVEMnsT7KxZl1PoTm1VylvWMPLY0Y9+lj2Vn/Bw1ioq7LP5FkgcSDOgF59+BoXG hjB9iNZtjRxRSPOoVDOmDT9RtxozHWGKu8cVWSLg4jvlx30c5pIIYuKshGPu8RVr 09cBk0LVkXmnYQNmV2LOAggJsWucWtRhwN1dEFmcCJwVhRTFzTbNCrmTP7KgbJvK rVllUT3V+YiXGQ3d6KSNGukGSVCgGRW7+KgvETI5KqjoAjr42iqfn8LJfuR5uieq 60fj0jvLtFAEIZeQYjPF18BXPDOKlcw7pY8za3dt2W0bFSemDj2dGJ7nEyeU9+lM qmE= -----END CERTIFICATE-----Generated at Thu Jul 31 00:58:24 2025 by rpki-client