$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d8b275c7-67dd-41a5-a6c7-6668e32899fe.roa File: d8b275c7-67dd-41a5-a6c7-6668e32899fe.roa (raw, json) Hash identifier: F5fv0QSszwrI2avOru9V8PenI4RlpNmbfrRgVbEfR8w= Subject key identifier: 39:ED:3E:40:62:C8:AA:D2:57:DA:26:DE:76:8E:1A:B4:FB:0C:73:5F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1043C58F97EBA05E510F1EDD37D29DB9775742A3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d8b275c7-67dd-41a5-a6c7-6668e32899fe.roa Signing time: Tue 29 Jul 2025 00:10:59 +0000 ROA not before: Tue 29 Jul 2025 00:10:59 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:4090::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:43:c5:8f:97:eb:a0:5e:51:0f:1e:dd:37:d2:9d:b9:77:57:42:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:10:59 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=c56292cd82f00baf21733a53faf2f4b8ae09c786b5dfadfa90090a3998ab8ff4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:1c:2c:88:d9:25:c8:36:ce:58:5b:2f:ef:dd: f2:be:cc:56:9b:32:aa:4b:3a:43:e8:bd:4a:f1:9b: 08:1b:46:a6:65:42:5a:1f:a2:28:5f:b9:09:a8:6f: 01:48:5b:12:23:0b:cd:9e:08:4a:e4:c0:eb:0f:11: 6c:ef:c6:a6:d8:8d:58:6a:e7:5a:ff:90:26:7d:3b: f6:ba:9f:d5:f1:e8:b1:a6:40:39:17:de:64:34:e6: b9:76:be:9d:ea:bb:4c:ab:a2:1c:c7:a4:c4:7a:19: 49:c4:29:c2:79:36:43:48:0e:42:ee:f4:08:c2:c8: a9:3b:63:61:6b:b0:cc:f0:6a:b7:19:fd:83:48:75: 44:b1:fa:bb:9f:79:ed:f2:c3:50:a9:f1:6f:9b:e2: e1:ba:8d:81:8c:e0:4a:95:b6:5d:19:df:5b:90:e2: 96:41:bc:7a:8a:be:01:a5:fe:d5:06:d5:45:16:2c: aa:00:79:97:4d:b5:86:a1:e6:02:d4:aa:b7:ad:10: c8:96:8c:62:ac:49:d0:87:6b:e1:64:5e:4c:c0:f2: 1a:3c:5d:14:7a:71:5a:73:60:c3:79:74:db:e6:e5: af:29:ea:3c:58:96:e3:4e:52:5e:12:3b:fb:98:4b: f0:de:31:4f:b0:56:41:2a:9c:a9:9c:28:3b:cc:4b: cf:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:ED:3E:40:62:C8:AA:D2:57:DA:26:DE:76:8E:1A:B4:FB:0C:73:5F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d8b275c7-67dd-41a5-a6c7-6668e32899fe.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:4090::/48 Signature Algorithm: sha256WithRSAEncryption 70:09:d2:06:32:a4:4b:7f:41:d1:56:9f:65:3d:51:25:01:05: d3:39:e5:de:d6:72:7c:25:d9:93:be:c6:75:f1:74:89:6a:23: 3c:28:e5:29:4e:39:1a:0f:27:85:9a:47:31:34:64:cc:a3:1e: 6f:4d:0e:11:b1:41:07:69:f3:cd:06:93:0d:7e:7a:e9:92:a5: f0:d2:f0:7b:d2:dd:b9:c7:e9:2e:1c:12:d3:82:ef:3d:c1:26: 15:9d:e8:16:f8:80:1b:60:72:df:d6:98:3b:ef:0e:b8:60:71: b0:e8:34:0b:a9:4e:43:c9:e7:bc:b9:3d:08:69:62:ce:5b:b0: 22:db:76:67:2f:70:1b:09:d3:3c:cd:20:4d:f2:b4:30:a3:06: 07:bb:6a:6a:2e:87:b2:8c:4b:3a:43:ae:8f:a8:e3:f2:4b:95: 6e:77:f3:54:82:53:2d:35:23:9d:5c:8a:30:97:e0:d6:9c:a1: 5c:6f:47:ad:14:bb:2d:97:c5:6c:ff:90:74:79:7c:7b:02:3a: a4:31:a1:ef:a3:3e:86:01:96:89:61:07:99:4d:17:6f:15:0b: 69:97:22:14:c0:12:20:ea:4e:e3:fe:ae:d8:3d:89:16:ad:d7: 53:7b:b9:cd:e0:34:ce:eb:1f:97:8d:22:a6:64:a2:35:82:6f: 9a:62:14:cf -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUEEPFj5froF5RDx7dN9KduXdXQqMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwMTA1OVoX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNAYzU2MjkyY2Q4MmYwMGJhZjIxNzMz YTUzZmFmMmY0YjhhZTA5Yzc4NmI1ZGZhZGZhOTAwOTBhMzk5OGFiOGZmNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhwsiNklyDbOWFsv793yvsxWmzKq SzpD6L1K8ZsIG0amZUJaH6IoX7kJqG8BSFsSIwvNnghK5MDrDxFs78am2I1Yauda /5AmfTv2up/V8eixpkA5F95kNOa5dr6d6rtMq6Icx6TEehlJxCnCeTZDSA5C7vQI wsipO2Nha7DM8Gq3Gf2DSHVEsfq7n3nt8sNQqfFvm+Lhuo2BjOBKlbZdGd9bkOKW Qbx6ir4Bpf7VBtVFFiyqAHmXTbWGoeYC1Kq3rRDIloxirEnQh2vhZF5MwPIaPF0U enFac2DDeXTb5uWvKeo8WJbjTlJeEjv7mEvw3jFPsFZBKpypnCg7zEvPxwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDntPkBiyKrSV9om3naOGrT7DHNfMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q4YjI3NWM3LTY3ZGQtNDFhNS1hNmM3LTY2NjhlMzI4OTlmZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAECQMA0GCSqGSIb3DQEBCwUAA4IBAQBwCdIGMqRLf0HRVp9l PVElAQXTOeXe1nJ8JdmTvsZ18XSJaiM8KOUpTjkaDyeFmkcxNGTMox5vTQ4RsUEH afPNBpMNfnrpkqXw0vB70t25x+kuHBLTgu89wSYVnegW+IAbYHLf1pg77w64YHGw 6DQLqU5Dyee8uT0IaWLOW7Ai23ZnL3AbCdM8zSBN8rQwowYHu2pqLoeyjEs6Q66P qOPyS5Vud/NUglMtNSOdXIowl+DWnKFcb0etFLstl8Vs/5B0eXx7AjqkMaHvoz6G AZaJYQeZTRdvFQtplyIUwBIg6k7j/q7YPYkWrddTe7nN4DTO6x+XjSKmZKI1gm+a YhTP -----END CERTIFICATE-----Generated at Thu Jul 31 01:02:15 2025 by rpki-client