$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/df283100-6f05-4533-89fd-648b23de2ce4.roa File: df283100-6f05-4533-89fd-648b23de2ce4.roa (raw, json) Hash identifier: OLv8E6rL5Vm7aWRzAWGLWv0it717BAf/youkAOSpiNc= Subject key identifier: BD:54:E9:63:64:7D:82:20:CD:20:03:7D:83:FC:C6:10:92:DE:C8:2A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4E212E862B976D053F40EA898DDEE6E9C221121D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/df283100-6f05-4533-89fd-648b23de2ce4.roa Signing time: Tue 22 Jul 2025 00:00:13 +0000 ROA not before: Tue 22 Jul 2025 00:00:13 +0000 ROA not after: Tue 26 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da25::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:21:2e:86:2b:97:6d:05:3f:40:ea:89:8d:de:e6:e9:c2:21:12:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 22 00:00:13 2025 GMT Not After : Aug 26 23:59:59 2025 GMT Subject: serialNumber=13486a27a0cfb457d24c92fb69ca527e52b3044c6dfc2c564655e10df4dcc39a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:c5:1b:39:a5:9e:54:01:18:3f:2e:3f:ac:78: cc:ab:9e:d9:76:90:d1:3e:72:93:83:ea:ee:ed:11: e0:6e:19:d5:e9:c5:5f:a5:23:2b:a4:df:94:95:94: 2f:a4:b4:1c:a9:fb:87:f1:fd:4d:12:eb:a3:65:de: c7:77:a0:43:1a:fa:81:e0:05:5b:05:a9:09:53:ec: 2e:73:01:fc:78:bc:09:83:03:d8:60:9c:81:e8:59: b2:92:49:80:f3:eb:0a:62:0d:30:dc:08:fc:cc:0c: 00:c4:a7:ec:d8:1d:02:89:c5:ad:c2:91:89:81:cf: 2c:d3:6e:0d:68:49:2c:2d:d6:24:47:34:fe:60:31: 95:8e:d6:95:69:e4:9a:78:84:27:d2:dd:9c:4f:85: d9:ae:15:25:44:d6:a2:6c:bc:d1:e4:1b:b2:59:54: 1b:f7:a5:44:25:2e:14:cb:11:7f:de:72:9f:34:ec: 1c:99:e1:97:7f:ef:34:00:a0:44:5c:a8:f6:10:b7: 33:05:43:3d:51:97:2b:ab:27:54:64:8b:5e:09:97: f6:6c:11:c4:a8:03:2b:bf:e2:dc:ca:71:a6:a9:df: 6f:d9:32:00:be:58:d8:75:14:7c:d5:0e:f2:80:10: 50:b4:df:7b:01:2e:5d:ae:f6:de:80:34:ad:65:b5: 6c:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:54:E9:63:64:7D:82:20:CD:20:03:7D:83:FC:C6:10:92:DE:C8:2A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/df283100-6f05-4533-89fd-648b23de2ce4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da25::/36 Signature Algorithm: sha256WithRSAEncryption 6b:86:61:7f:9e:4d:82:5d:85:58:b6:d0:13:c9:17:15:c6:20: 8a:de:53:46:54:d1:67:3d:0a:f7:4a:68:4a:e8:e8:cb:03:1c: 07:9c:35:2f:ac:a5:25:46:a5:35:5d:df:06:f1:d2:24:8d:db: f3:5b:7b:53:25:88:4b:56:ba:fa:2e:39:13:79:00:9c:0d:93: 76:7f:e3:18:c9:6a:33:f0:27:ed:5f:33:0e:52:51:1f:02:70: ae:bc:17:75:7b:24:3c:c3:aa:26:f0:b0:df:4d:b2:80:ab:c9: 63:7f:98:81:e9:9c:bd:7d:a3:7e:54:3c:9a:38:f6:19:62:4f: fb:db:68:a8:7c:ec:20:8e:6d:01:ad:84:41:4c:9f:42:a7:88: 61:f1:e3:d8:96:f0:43:4e:1e:cd:a3:38:24:c7:50:84:ea:07: 9e:8f:51:ba:c9:58:39:8e:b7:15:9b:b1:c7:f2:93:63:50:25: 22:1c:1b:56:e9:81:3e:eb:c2:39:8f:7e:73:97:a1:64:ea:c8: 5c:a5:0e:5d:fb:1f:21:c7:15:62:7b:15:58:11:e5:db:2d:fd: 99:1c:32:cf:1e:c3:de:e4:3e:20:c9:2e:18:be:25:a4:39:32: 79:18:cb:83:dd:f8:13:a5:bd:0a:d4:f1:01:0c:b7:b6:0b:a6: 9c:36:9e:13 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUTiEuhiuXbQU/QOqJjd7m6cIhEh0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMjAwMDAxM1oX DTI1MDgyNjIzNTk1OVowejFJMEcGA1UEBRNAMTM0ODZhMjdhMGNmYjQ1N2QyNGM5 MmZiNjljYTUyN2U1MmIzMDQ0YzZkZmMyYzU2NDY1NWUxMGRmNGRjYzM5YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsUbOaWeVAEYPy4/rHjMq57ZdpDR PnKTg+ru7RHgbhnV6cVfpSMrpN+UlZQvpLQcqfuH8f1NEuujZd7Hd6BDGvqB4AVb BakJU+wucwH8eLwJgwPYYJyB6FmykkmA8+sKYg0w3Aj8zAwAxKfs2B0CicWtwpGJ gc8s024NaEksLdYkRzT+YDGVjtaVaeSaeIQn0t2cT4XZrhUlRNaibLzR5BuyWVQb 96VEJS4UyxF/3nKfNOwcmeGXf+80AKBEXKj2ELczBUM9UZcrqydUZIteCZf2bBHE qAMrv+LcynGmqd9v2TIAvljYdRR81Q7ygBBQtN97AS5drvbegDStZbVs7wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFL1U6WNkfYIgzSADfYP8xhCS3sgqMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RmMjgzMTAwLTZmMDUtNDUzMy04OWZkLTY0OGIyM2RlMmNlNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaJQAwDQYJKoZIhvcNAQELBQADggEBAGuGYX+eTYJdhVi20BPJ FxXGIIreU0ZU0Wc9CvdKaEro6MsDHAecNS+spSVGpTVd3wbx0iSN2/Nbe1MliEtW uvouORN5AJwNk3Z/4xjJajPwJ+1fMw5SUR8CcK68F3V7JDzDqibwsN9NsoCryWN/ mIHpnL19o35UPJo49hliT/vbaKh87CCObQGthEFMn0KniGHx49iW8ENOHs2jOCTH UITqB56PUbrJWDmOtxWbscfyk2NQJSIcG1bpgT7rwjmPfnOXoWTqyFylDl37HyHH FWJ7FVgR5dst/ZkcMs8ew97kPiDJLhi+JaQ5MnkYy4Pd+BOlvQrU8QEMt7YLppw2 nhM= -----END CERTIFICATE-----Generated at Thu Jul 31 01:04:13 2025 by rpki-client