$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ddbf3a2c-9a81-450f-90bf-1a2159e5b48a.roa File: ddbf3a2c-9a81-450f-90bf-1a2159e5b48a.roa (raw, json) Hash identifier: QbWAQ9JIFxhKp4XBSPjCPiF74BbjlPd/ZQfZv4rHIu8= Subject key identifier: D3:EB:25:5A:22:F9:50:F3:C6:5F:7F:16:D3:51:EC:EF:C0:19:05:58 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 07272EB66F12BF327F7FA0FF5237420BFD346BDB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ddbf3a2c-9a81-450f-90bf-1a2159e5b48a.roa Signing time: Fri 25 Jul 2025 00:01:04 +0000 ROA not before: Fri 25 Jul 2025 00:01:04 +0000 ROA not after: Fri 29 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:27:2e:b6:6f:12:bf:32:7f:7f:a0:ff:52:37:42:0b:fd:34:6b:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 25 00:01:04 2025 GMT Not After : Aug 29 23:59:59 2025 GMT Subject: serialNumber=421ffd92580aedd4cb5333fcf282e883c73879017d31c797103c7b8f53370314, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:9c:e1:20:3c:04:d4:73:07:d7:8c:93:62:6f: a2:d2:e6:cf:71:f3:53:c5:cf:fa:1a:34:ff:56:a7: 6a:82:df:03:f9:cd:a9:68:33:96:a2:df:04:98:0f: a6:7b:67:ed:43:ec:e3:e0:9b:4c:9a:6a:7a:85:59: b1:1e:9a:c4:76:e6:d2:96:37:da:a4:47:02:ce:46: 9c:db:0e:60:a3:3f:2f:52:b2:61:32:75:62:3c:60: 9c:44:66:02:8e:ea:be:86:6e:6d:a5:ed:cf:ee:71: 98:62:bc:12:02:5a:0a:43:2d:2f:b0:0e:83:35:8c: 1c:a2:b1:64:76:bf:ed:5c:20:2b:d8:75:5d:75:88: 63:2f:13:77:7a:3f:d2:08:6e:bf:41:94:0c:dc:f3: 98:f7:28:95:02:28:37:23:5e:d6:b6:bc:56:71:12: 48:62:0f:e3:09:f8:0f:99:95:b5:27:39:c2:2f:2d: aa:50:e6:e8:89:13:a4:f3:97:09:97:64:7c:89:38: 31:2d:55:1e:6a:7f:88:2e:b4:f5:55:7f:c9:5b:e1: 9f:c4:38:09:db:d5:7e:15:c0:58:91:65:23:cc:fe: 54:43:60:00:1b:c2:bb:a8:e1:59:1e:44:ea:24:d7: 20:4e:48:39:13:86:38:06:be:0f:a6:50:fb:d9:59: 37:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:EB:25:5A:22:F9:50:F3:C6:5F:7F:16:D3:51:EC:EF:C0:19:05:58 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ddbf3a2c-9a81-450f-90bf-1a2159e5b48a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:1000::/40 Signature Algorithm: sha256WithRSAEncryption 0f:2b:33:41:05:d1:4d:f7:55:10:c4:05:35:21:69:6b:48:a0: 4f:d7:d5:9d:ff:59:1c:ef:bb:7b:cf:42:65:56:4d:ae:cd:d2: 69:c2:96:32:4b:52:e3:d3:aa:e8:e7:1c:98:79:f1:1a:28:65: 33:40:9c:58:e3:95:db:1e:75:04:e9:d6:23:f0:8c:8e:c6:b7: 5f:b2:b7:46:53:5a:c3:73:7a:04:52:4d:2f:23:49:a7:f8:02: d9:01:86:6b:81:a4:3a:5c:e5:f1:80:97:13:4a:fb:fe:ec:57: 5c:65:bf:78:05:b2:e8:2d:14:af:e6:6f:da:6f:91:ef:92:d4: 78:37:61:dd:72:75:de:f1:37:f5:80:e8:98:38:da:d8:e5:d8: f7:1c:84:dd:2f:cb:46:f1:19:cb:75:6a:db:92:e5:00:17:60: d6:63:10:85:54:49:a0:62:26:a8:51:47:ca:27:29:8c:4b:cb: 05:db:9e:61:4d:94:d5:c6:b7:df:43:b4:56:c3:ed:8a:28:1c: ac:c3:0f:82:4f:ad:4e:36:9b:46:88:15:97:3b:7b:86:ee:8e: 64:59:00:91:7e:fd:df:ad:aa:6c:75:ae:b5:ae:a1:e0:bf:8b: 91:ab:3f:1c:52:ea:e8:07:49:a7:19:59:04:35:35:a3:de:fd: 3d:48:70:be -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBycutm8SvzJ/f6D/UjdCC/00a9swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyNTAwMDEwNFoX DTI1MDgyOTIzNTk1OVowejFJMEcGA1UEBRNANDIxZmZkOTI1ODBhZWRkNGNiNTMz M2ZjZjI4MmU4ODNjNzM4NzkwMTdkMzFjNzk3MTAzYzdiOGY1MzM3MDMxNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ZzhIDwE1HMH14yTYm+i0ubPcfNT xc/6GjT/Vqdqgt8D+c2paDOWot8EmA+me2ftQ+zj4JtMmmp6hVmxHprEdubSljfa pEcCzkac2w5goz8vUrJhMnViPGCcRGYCjuq+hm5tpe3P7nGYYrwSAloKQy0vsA6D NYwcorFkdr/tXCAr2HVddYhjLxN3ej/SCG6/QZQM3POY9yiVAig3I17WtrxWcRJI Yg/jCfgPmZW1JznCLy2qUOboiROk85cJl2R8iTgxLVUean+ILrT1VX/JW+GfxDgJ 29V+FcBYkWUjzP5UQ2AAG8K7qOFZHkTqJNcgTkg5E4Y4Br4PplD72Vk3bQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNPrJVoi+VDzxl9/FtNR7O/AGQVYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RkYmYzYTJjLTlhODEtNDUwZi05MGJmLTFhMjE1OWU1YjQ4YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYBAwDQYJKoZIhvcNAQELBQADggEBAA8rM0EF0U33VRDEBTUh aWtIoE/X1Z3/WRzvu3vPQmVWTa7N0mnCljJLUuPTqujnHJh58RooZTNAnFjjldse dQTp1iPwjI7Gt1+yt0ZTWsNzegRSTS8jSaf4AtkBhmuBpDpc5fGAlxNK+/7sV1xl v3gFsugtFK/mb9pvke+S1Hg3Yd1ydd7xN/WA6Jg42tjl2PcchN0vy0bxGct1atuS 5QAXYNZjEIVUSaBiJqhRR8onKYxLywXbnmFNlNXGt99DtFbD7YooHKzDD4JPrU42 m0aIFZc7e4bujmRZAJF+/d+tqmx1rrWuoeC/i5GrPxxS6ugHSacZWQQ1NaPe/T1I cL4= -----END CERTIFICATE-----Generated at Thu Jul 31 00:59:13 2025 by rpki-client