$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa File: e1567509-f31d-4739-a7a6-ed24530c598b.roa (raw, json) Hash identifier: 6TfasXNLrEZjv9iZuxX+qfxmTqNZaUdO+cEgMosvglY= Subject key identifier: BD:A3:7A:5A:2F:58:EF:37:3D:81:74:63:4D:9C:7A:F0:F6:B5:D2:75 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 708EDCA5D0E2C3C127A8750D4DFCA03216DB4FDC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa Signing time: Tue 22 Jul 2025 00:00:26 +0000 ROA not before: Tue 22 Jul 2025 00:00:26 +0000 ROA not after: Tue 26 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:8e:dc:a5:d0:e2:c3:c1:27:a8:75:0d:4d:fc:a0:32:16:db:4f:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 22 00:00:26 2025 GMT Not After : Aug 26 23:59:59 2025 GMT Subject: serialNumber=95147a01fcd7c0b5dbe1a55e8e197121ea120763d4a0a13491cd42d8a5c3e79b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:d3:9d:b5:3f:b9:a6:1d:70:6f:73:27:80:e0: aa:32:be:31:37:e6:83:cc:19:4e:5e:ef:85:7d:53: 92:5f:99:6a:3a:b1:29:de:d7:dc:1e:6d:28:a2:14: 53:e0:e7:b2:5f:af:ce:3b:ac:bd:5a:0f:2d:82:70: 46:2e:32:cc:84:f7:98:69:77:f0:15:5f:98:79:c4: 8c:1f:c6:05:ac:7d:5e:fa:85:17:a4:fa:b6:c6:4b: 32:a8:ff:87:16:ac:4e:05:31:53:4b:23:50:43:aa: b1:2e:e7:0c:fd:9a:3c:17:9c:55:0c:9c:f7:89:ed: 7f:cc:b7:17:82:ea:ff:44:06:27:00:01:e9:5e:bf: 6a:91:f8:94:6b:a5:4b:8c:8a:e4:37:86:b1:60:9f: 04:41:58:ab:7e:fe:3c:e0:4d:29:b1:69:70:b6:e4: 1a:10:3c:a1:b0:f9:df:48:6e:fb:2c:89:9e:55:74: d5:07:27:86:b1:29:4b:81:d3:cd:8c:e0:af:ae:39: 84:a8:8f:8f:5b:f4:a3:fa:2f:32:4c:04:d9:4f:b2: e0:60:05:f3:31:67:59:6b:25:4a:84:37:92:c1:a1: 6e:1d:ff:3b:50:89:4c:0b:9c:84:3d:9f:07:03:2c: 64:27:c8:f2:38:e4:79:05:4e:e1:bf:3a:71:5b:e2: e0:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:A3:7A:5A:2F:58:EF:37:3D:81:74:63:4D:9C:7A:F0:F6:B5:D2:75 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:c000::/40 Signature Algorithm: sha256WithRSAEncryption 50:a9:2c:d5:b2:cd:97:df:33:72:a1:fa:24:8d:fb:93:08:5f: 94:12:a1:47:a6:f9:01:7d:36:8e:d8:05:eb:27:70:f5:4f:ff: f1:32:63:dd:2f:f5:aa:15:be:be:bd:7f:67:a8:66:f2:82:ff: 34:c1:a4:b0:ca:bd:14:d0:c3:d9:51:fd:e3:1b:f0:f9:5e:31: 4e:ef:c2:ff:55:57:d3:e4:62:01:13:34:71:69:27:cd:77:cb: e2:2b:05:5b:57:6b:5c:39:09:ad:f3:25:49:c1:20:8e:93:88: f1:be:ce:bd:98:ab:4d:48:30:46:89:4d:df:86:29:b8:89:25: 36:cd:3c:9f:c7:5e:f2:31:7d:ea:50:c8:95:54:e3:ae:07:33: be:ff:2a:66:c0:24:39:41:03:b4:b4:e8:30:dc:bd:e0:ec:9c: b0:2b:9b:d3:be:04:76:31:df:b9:97:ed:04:1c:45:0a:dd:73: c2:b9:db:44:5b:5c:6e:d5:e9:dc:c6:30:d0:73:50:16:35:cd: e3:32:ce:90:43:01:2a:f9:b5:5b:9f:65:f6:7f:16:6a:b8:fb: 6c:2c:af:10:f7:98:31:87:20:21:a9:4c:77:d8:8a:ad:b2:53: 0f:bd:73:1d:01:8e:ad:39:7d:c8:94:77:c4:bd:4e:e2:7a:1b: 75:4f:1e:ad -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcI7cpdDiw8EnqHUNTfygMhbbT9wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMjAwMDAyNloX DTI1MDgyNjIzNTk1OVowejFJMEcGA1UEBRNAOTUxNDdhMDFmY2Q3YzBiNWRiZTFh NTVlOGUxOTcxMjFlYTEyMDc2M2Q0YTBhMTM0OTFjZDQyZDhhNWMzZTc5YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdOdtT+5ph1wb3MngOCqMr4xN+aD zBlOXu+FfVOSX5lqOrEp3tfcHm0oohRT4OeyX6/OO6y9Wg8tgnBGLjLMhPeYaXfw FV+YecSMH8YFrH1e+oUXpPq2xksyqP+HFqxOBTFTSyNQQ6qxLucM/Zo8F5xVDJz3 ie1/zLcXgur/RAYnAAHpXr9qkfiUa6VLjIrkN4axYJ8EQVirfv484E0psWlwtuQa EDyhsPnfSG77LImeVXTVByeGsSlLgdPNjOCvrjmEqI+PW/Sj+i8yTATZT7LgYAXz MWdZayVKhDeSwaFuHf87UIlMC5yEPZ8HAyxkJ8jyOOR5BU7hvzpxW+LgdQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFL2jelovWO83PYF0Y02cevD2tdJ1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UxNTY3NTA5LWYzMWQtNDczOS1hN2E2LWVkMjQ1MzBjNTk4Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9cAwDQYJKoZIhvcNAQELBQADggEBAFCpLNWyzZffM3Kh+iSN +5MIX5QSoUem+QF9No7YBesncPVP//EyY90v9aoVvr69f2eoZvKC/zTBpLDKvRTQ w9lR/eMb8PleMU7vwv9VV9PkYgETNHFpJ813y+IrBVtXa1w5Ca3zJUnBII6TiPG+ zr2Yq01IMEaJTd+GKbiJJTbNPJ/HXvIxfepQyJVU464HM77/KmbAJDlBA7S06DDc veDsnLArm9O+BHYx37mX7QQcRQrdc8K520RbXG7V6dzGMNBzUBY1zeMyzpBDASr5 tVufZfZ/Fmq4+2wsrxD3mDGHICGpTHfYiq2yUw+9cx0Bjq05fciUd8S9TuJ6G3VP Hq0= -----END CERTIFICATE-----Generated at Thu Jul 31 00:59:16 2025 by rpki-client