$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e32899b9-14c3-4649-a1dc-82fec0214193.roa File: e32899b9-14c3-4649-a1dc-82fec0214193.roa (raw, json) Hash identifier: +ZGfGtjap4DmlmJC56SBON9e/SRFM4OL6Ba41/DEMZ0= Subject key identifier: C2:33:D8:C6:CB:22:19:E2:63:D9:F2:7B:51:71:EC:A1:1E:6C:CE:BE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 61CD46C5EB4746243405217DFF32F735B2A90741 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e32899b9-14c3-4649-a1dc-82fec0214193.roa Signing time: Mon 28 Jul 2025 15:00:10 +0000 ROA not before: Mon 28 Jul 2025 15:00:10 +0000 ROA not after: Mon 01 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:e080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:cd:46:c5:eb:47:46:24:34:05:21:7d:ff:32:f7:35:b2:a9:07:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 28 15:00:10 2025 GMT Not After : Sep 1 23:59:59 2025 GMT Subject: serialNumber=35c7e0db46e6413aed4feeddc79c896c1b0a38769e36749793729920d2b873bb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:99:f4:9c:22:ec:5b:25:b6:e6:cd:da:ac:17: 52:fa:c2:16:b4:81:e0:7c:1f:2d:f7:d9:60:32:f3: 4f:ab:68:26:ca:3c:fd:f5:40:53:0d:f4:8a:b8:ca: ed:5c:f7:42:cf:dc:4b:1c:38:37:d5:dd:de:43:25: d0:92:3a:4d:4c:c2:5f:65:f6:ff:ae:e8:62:80:eb: ce:c6:60:9c:3e:30:5a:37:32:dd:ec:9c:23:1f:ee: 5f:64:25:ba:44:88:59:65:bc:e0:5c:93:53:b4:03: 96:a3:dc:d9:08:59:0b:71:23:19:f3:50:39:3f:24: b8:a5:3f:2d:54:64:73:fe:e7:d7:64:c4:ed:10:21: d9:6c:e5:9d:ba:11:8f:90:34:38:b1:1f:7e:83:8e: a0:3d:d7:ff:2f:d2:0e:6e:21:fb:0f:d0:82:86:c5: ac:13:3c:8f:d9:64:bd:91:54:e3:37:3a:13:ec:7e: a0:d4:71:23:5a:67:bf:6a:82:84:07:bf:e1:99:80: 1b:e6:55:ed:de:3f:44:08:db:3e:f3:30:6d:5a:94: 1a:25:48:39:76:93:6f:73:ee:98:af:6d:c3:7c:93: 5d:06:3a:3b:59:b6:fd:7d:e7:60:a3:a3:83:e1:1f: f5:bf:b5:67:fb:69:18:40:f1:f1:38:ef:73:e8:ef: 72:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:33:D8:C6:CB:22:19:E2:63:D9:F2:7B:51:71:EC:A1:1E:6C:CE:BE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e32899b9-14c3-4649-a1dc-82fec0214193.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:e080::/48 Signature Algorithm: sha256WithRSAEncryption bd:b1:a5:dc:99:cd:e0:33:14:65:5e:3e:77:37:ca:86:14:fa: 89:15:7b:6f:1d:87:03:10:8d:bd:28:fc:0b:05:f3:22:83:ad: ca:bd:25:9b:66:85:b5:90:85:55:f0:a8:33:6a:a5:96:09:c8: 95:a1:8a:ed:a2:4b:4a:e5:32:79:b0:61:1c:29:e5:dd:78:a3: fc:2b:ef:26:1a:e4:82:c1:aa:3b:71:59:24:75:d6:5c:1c:a2: 84:a7:cc:5d:4e:35:f5:51:80:3c:91:95:2f:86:52:ef:93:81: 57:08:98:d3:fd:84:f4:95:79:26:b5:8b:55:2e:1b:8e:87:f8: 1d:38:cd:6f:fa:ff:d9:7f:ae:06:99:42:13:f9:33:45:65:11: f8:39:46:77:23:d7:7d:8d:30:d8:08:e6:52:56:ea:fa:df:85: fe:63:38:1f:9e:fe:27:46:84:1b:d2:64:87:26:51:94:23:78: 44:f2:25:99:30:d4:8d:ea:8d:e9:08:83:5c:99:11:f3:44:cb: de:c1:4b:f4:91:0b:36:89:e7:02:6d:d2:b8:2e:5a:d5:91:b5: 29:41:34:cb:dc:75:8f:5f:28:9a:3d:b8:b3:28:51:b5:74:64: 7e:36:45:b9:cb:3e:3d:4d:23:9b:ea:38:03:24:a9:b6:8d:cb: 15:17:c3:93 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYc1GxetHRiQ0BSF9/zL3NbKpB0EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyODE1MDAxMFoX DTI1MDkwMTIzNTk1OVowejFJMEcGA1UEBRNAMzVjN2UwZGI0NmU2NDEzYWVkNGZl ZWRkYzc5Yzg5NmMxYjBhMzg3NjllMzY3NDk3OTM3Mjk5MjBkMmI4NzNiYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5n0nCLsWyW25s3arBdS+sIWtIHg fB8t99lgMvNPq2gmyjz99UBTDfSKuMrtXPdCz9xLHDg31d3eQyXQkjpNTMJfZfb/ ruhigOvOxmCcPjBaNzLd7JwjH+5fZCW6RIhZZbzgXJNTtAOWo9zZCFkLcSMZ81A5 PyS4pT8tVGRz/ufXZMTtECHZbOWduhGPkDQ4sR9+g46gPdf/L9IObiH7D9CChsWs EzyP2WS9kVTjNzoT7H6g1HEjWme/aoKEB7/hmYAb5lXt3j9ECNs+8zBtWpQaJUg5 dpNvc+6Yr23DfJNdBjo7Wbb9fedgo6OD4R/1v7Vn+2kYQPHxOO9z6O9ymQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMIz2MbLIhniY9nye1Fx7KEebM6+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UzMjg5OWI5LTE0YzMtNDY0OS1hMWRjLTgyZmVjMDIxNDE5My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAOCAMA0GCSqGSIb3DQEBCwUAA4IBAQC9saXcmc3gMxRlXj53 N8qGFPqJFXtvHYcDEI29KPwLBfMig63KvSWbZoW1kIVV8KgzaqWWCciVoYrtoktK 5TJ5sGEcKeXdeKP8K+8mGuSCwao7cVkkddZcHKKEp8xdTjX1UYA8kZUvhlLvk4FX CJjT/YT0lXkmtYtVLhuOh/gdOM1v+v/Zf64GmUIT+TNFZRH4OUZ3I9d9jTDYCOZS Vur634X+Yzgfnv4nRoQb0mSHJlGUI3hE8iWZMNSN6o3pCINcmRHzRMvewUv0kQs2 iecCbdK4LlrVkbUpQTTL3HWPXyiaPbizKFG1dGR+NkW5yz49TSOb6jgDJKm2jcsV F8OT -----END CERTIFICATE-----Generated at Thu Jul 31 01:03:58 2025 by rpki-client