$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dfeb39ad-2644-4f2a-b23e-18f51ccd49e3.roa File: dfeb39ad-2644-4f2a-b23e-18f51ccd49e3.roa (raw, json) Hash identifier: XeojLb2AsxAI3iZQljebllLOuBdoQaeQ1w7GuS6kOcY= Subject key identifier: 90:E5:37:63:3C:FD:A3:38:27:32:D6:27:D0:12:C4:9B:C0:58:59:63 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 61BF2B0CD7A4EAFFB48846F5338259A9DD8238F3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dfeb39ad-2644-4f2a-b23e-18f51ccd49e3.roa Signing time: Tue 29 Jul 2025 00:41:36 +0000 ROA not before: Tue 29 Jul 2025 00:41:36 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:10c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:bf:2b:0c:d7:a4:ea:ff:b4:88:46:f5:33:82:59:a9:dd:82:38:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:41:36 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=6daea6707eaac3ece3174a28a4a20322e369404133eeb9feed43f8f7874255ba, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:38:34:60:09:bb:a0:68:a7:db:eb:d4:06:8e: f9:4d:e6:70:86:a0:00:89:79:14:b6:fd:cd:25:55: ce:32:ab:34:37:22:ab:e3:3a:c7:02:db:cd:9b:b3: 68:8f:ef:4a:d1:38:fb:65:e7:e5:41:e1:da:94:2c: 73:7a:ec:ff:0c:6a:bd:9e:c9:2c:37:13:29:4e:c1: 57:84:50:f7:42:31:40:5a:23:11:e4:c8:76:40:5a: 23:46:2c:3f:fd:34:cd:d3:7b:57:67:96:4d:5f:2b: bf:e5:6c:57:37:0b:ba:e9:7d:97:c1:20:98:2c:ab: 60:43:eb:21:e4:56:c8:97:02:e3:ad:0b:64:09:d9: 94:e1:cf:6e:ed:e0:e2:0e:4e:3b:8f:ee:5a:14:96: 1c:79:c6:ab:52:82:e9:71:d1:9a:48:28:45:e3:77: 76:37:6d:ee:6d:da:af:87:84:3e:df:36:f0:ef:ee: 75:68:8e:58:0f:a8:72:16:ed:26:b6:e2:86:e2:53: a3:93:73:e7:42:9c:95:e7:3d:1e:cd:64:14:e3:84: cc:06:72:3d:c7:95:fa:42:9d:6d:9e:36:d8:af:4e: b3:ab:05:cf:93:a5:e0:40:fc:ca:5c:4a:ad:46:85: 28:d3:cd:7e:84:4a:20:0c:23:8b:e9:a7:87:ae:37: 60:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:E5:37:63:3C:FD:A3:38:27:32:D6:27:D0:12:C4:9B:C0:58:59:63 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dfeb39ad-2644-4f2a-b23e-18f51ccd49e3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:10c0::/48 Signature Algorithm: sha256WithRSAEncryption 1e:d4:c9:f7:20:3a:7c:3c:cc:67:4d:bd:8e:06:55:86:5c:bb: 30:cf:45:77:c4:00:91:69:ec:fc:1a:6d:39:be:32:3a:48:21: f4:d4:90:24:38:ed:c9:43:61:97:79:50:aa:17:b6:43:eb:c0: 1b:72:fd:85:e8:b3:07:70:4a:19:91:f7:48:5d:f6:92:65:c5: 44:e8:c7:a4:b3:d2:7f:f2:e9:30:fa:79:9a:bc:fe:fb:32:fd: dc:fc:5b:b6:1f:c2:11:11:12:33:c6:55:3b:a1:4a:75:95:40: 46:6c:c1:d9:43:a3:f5:b8:cd:1b:87:94:41:1f:20:32:a4:e2: 0d:9d:4d:1c:a8:cd:29:41:b2:9f:70:20:d8:b4:37:8f:7e:97: 02:d3:22:db:26:76:de:05:c2:ba:bb:bd:10:64:d2:25:4c:c6: a3:bd:51:8d:45:e8:65:90:2d:42:e7:c8:fb:a6:12:b9:2c:5d: 1d:eb:98:36:c2:96:70:3f:1f:f1:28:91:9a:50:15:d0:b7:1b: 97:ed:4a:8a:a4:c2:2c:6d:3f:3a:95:2f:89:9c:e3:42:c5:df: 78:b4:95:b7:cc:cf:8e:12:ea:51:7e:22:16:d0:16:65:0e:21: c7:f5:d0:55:1d:72:34:70:fc:0e:34:18:8b:59:9b:e9:d5:91: 8d:b6:2a:b8 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYb8rDNek6v+0iEb1M4JZqd2COPMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwNDEzNloX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNANmRhZWE2NzA3ZWFhYzNlY2UzMTc0 YTI4YTRhMjAzMjJlMzY5NDA0MTMzZWViOWZlZWQ0M2Y4Zjc4NzQyNTViYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDg0YAm7oGin2+vUBo75TeZwhqAA iXkUtv3NJVXOMqs0NyKr4zrHAtvNm7Noj+9K0Tj7ZeflQeHalCxzeuz/DGq9nsks NxMpTsFXhFD3QjFAWiMR5Mh2QFojRiw//TTN03tXZ5ZNXyu/5WxXNwu66X2XwSCY LKtgQ+sh5FbIlwLjrQtkCdmU4c9u7eDiDk47j+5aFJYcecarUoLpcdGaSChF43d2 N23ubdqvh4Q+3zbw7+51aI5YD6hyFu0mtuKG4lOjk3PnQpyV5z0ezWQU44TMBnI9 x5X6Qp1tnjbYr06zqwXPk6XgQPzKXEqtRoUo081+hEogDCOL6aeHrjdgCQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJDlN2M8/aM4JzLWJ9ASxJvAWFljMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RmZWIzOWFkLTI2NDQtNGYyYS1iMjNlLTE4ZjUxY2NkNDllMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYRDAMA0GCSqGSIb3DQEBCwUAA4IBAQAe1Mn3IDp8PMxnTb2O BlWGXLswz0V3xACRaez8Gm05vjI6SCH01JAkOO3JQ2GXeVCqF7ZD68Abcv2F6LMH cEoZkfdIXfaSZcVE6Meks9J/8ukw+nmavP77Mv3c/Fu2H8IRERIzxlU7oUp1lUBG bMHZQ6P1uM0bh5RBHyAypOINnU0cqM0pQbKfcCDYtDePfpcC0yLbJnbeBcK6u70Q ZNIlTMajvVGNRehlkC1C58j7phK5LF0d65g2wpZwPx/xKJGaUBXQtxuX7UqKpMIs bT86lS+JnONCxd94tJW3zM+OEupRfiIW0BZlDiHH9dBVHXI0cPwONBiLWZvp1ZGN tiq4 -----END CERTIFICATE-----Generated at Thu Jul 31 01:00:18 2025 by rpki-client