$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e34a1112-42b9-4563-9cde-de9af887a3d6.roa File: e34a1112-42b9-4563-9cde-de9af887a3d6.roa (raw, json) Hash identifier: vNWvqL7anTnJta6QNVxtBB4Eub+xMNx1t3WcagS3pp0= Subject key identifier: 22:A0:B6:51:F7:E0:75:E7:C7:77:DC:A2:63:0D:07:0F:2D:E0:AD:3D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 07229A92BD0C2E43F0FA892706291CDDB0A2351B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e34a1112-42b9-4563-9cde-de9af887a3d6.roa Signing time: Mon 07 Jul 2025 15:20:17 +0000 ROA not before: Mon 07 Jul 2025 15:20:17 +0000 ROA not after: Mon 11 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 00:51:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:22:9a:92:bd:0c:2e:43:f0:fa:89:27:06:29:1c:dd:b0:a2:35:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 7 15:20:17 2025 GMT Not After : Aug 11 23:59:59 2025 GMT Subject: serialNumber=67eb3399cf813353ba5fbef043fd94094efc69388716cb8627548d2358d512e7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:ed:c5:d0:06:c7:7c:ad:0b:4e:1f:c1:d7:7f: 17:64:3d:06:98:fc:e7:9a:2b:47:9c:64:3b:b5:e5: ce:8a:eb:ad:3a:5b:f0:2f:d1:f5:8d:9d:3e:2a:cf: f4:aa:6e:1b:d5:43:f7:70:a9:62:f0:64:9e:f8:92: 27:78:e5:8e:99:7d:97:b0:a2:53:20:7f:05:92:6f: d6:ef:e6:3e:2e:c6:d6:6c:26:92:9b:0b:00:d9:b0: c3:47:2a:d8:7e:53:1b:27:02:cb:26:1b:7e:3b:6b: bc:e8:75:c5:ca:e9:bf:6f:03:09:aa:20:2d:a7:2f: ad:a0:11:8e:a4:6b:b4:3a:8c:7e:1a:4b:fc:3f:8f: e9:c2:d3:77:ad:bf:ab:c4:c7:f1:77:88:eb:af:42: cb:2e:89:09:3e:e0:5b:09:0b:9a:63:ed:23:1d:9f: 87:19:21:d7:ab:96:9e:c7:e7:e9:be:fd:3e:76:ac: 68:1e:8f:d1:dc:fe:b9:24:f4:2b:8c:62:51:de:1e: ca:87:92:c6:09:e9:85:32:8a:f0:86:b8:6c:4a:a7: 21:ee:73:0a:38:fb:c5:4d:54:47:aa:47:53:a4:df: e7:d9:14:18:be:6d:0e:ab:5c:2b:d4:33:e0:48:17: 0c:bb:77:86:03:b8:fd:2b:c4:f2:29:1e:fc:d1:4e: 5d:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:A0:B6:51:F7:E0:75:E7:C7:77:DC:A2:63:0D:07:0F:2D:E0:AD:3D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e34a1112-42b9-4563-9cde-de9af887a3d6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:2000::/40 Signature Algorithm: sha256WithRSAEncryption 83:03:50:7d:a5:4f:95:c4:c9:f2:a1:74:d0:bc:ad:d0:c0:d9: c3:32:3d:08:14:58:8d:35:ec:cc:39:9e:53:34:4c:ec:da:7b: e7:cd:74:39:41:77:7e:0d:5d:3d:19:e7:3a:ab:13:44:8d:ee: 5b:f0:9a:10:7c:d1:70:c7:32:b8:9d:8f:47:06:b8:99:1b:a2: 5a:a9:54:0f:7d:6a:95:0b:5f:63:bf:ea:17:d5:9b:a7:48:c1: 7f:b8:8a:63:94:3a:82:f7:8b:cd:77:48:37:da:06:80:be:4e: 1f:cb:61:ed:a5:af:8b:ae:e9:e8:4b:4b:00:7c:cf:3c:65:df: 1d:e4:23:33:5e:1c:dd:f9:90:ec:d7:0c:6f:2a:c9:43:a4:f1: 99:f5:33:de:21:51:2f:52:d5:93:58:44:11:7c:81:43:d5:9f: 04:48:8e:2f:1c:7a:cf:ee:02:9f:d9:9f:e3:0c:8c:41:60:a2: 29:db:03:95:18:52:f7:7c:1b:85:90:e2:f2:4a:28:a0:a6:5d: 4c:50:37:ea:85:53:af:00:19:0c:b9:36:d0:84:ca:bb:bf:6b: ec:6c:96:b1:c1:dd:3a:5d:54:94:10:46:89:cb:74:d7:7f:01: ab:96:0c:a6:ea:61:8d:d4:12:55:3a:d2:7e:3e:df:6b:8c:00: d3:dc:b0:3c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUByKakr0MLkPw+oknBikc3bCiNRswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE1MjAxN1oX DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNANjdlYjMzOTljZjgxMzM1M2JhNWZi ZWYwNDNmZDk0MDk0ZWZjNjkzODg3MTZjYjg2Mjc1NDhkMjM1OGQ1MTJlNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAme3F0AbHfK0LTh/B138XZD0GmPzn mitHnGQ7teXOiuutOlvwL9H1jZ0+Ks/0qm4b1UP3cKli8GSe+JIneOWOmX2XsKJT IH8Fkm/W7+Y+LsbWbCaSmwsA2bDDRyrYflMbJwLLJht+O2u86HXFyum/bwMJqiAt py+toBGOpGu0Oox+Gkv8P4/pwtN3rb+rxMfxd4jrr0LLLokJPuBbCQuaY+0jHZ+H GSHXq5aex+fpvv0+dqxoHo/R3P65JPQrjGJR3h7Kh5LGCemFMorwhrhsSqch7nMK OPvFTVRHqkdTpN/n2RQYvm0Oq1wr1DPgSBcMu3eGA7j9K8TyKR780U5d4QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCKgtlH34HXnx3fcomMNBw8t4K09MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UzNGExMTEyLTQyYjktNDU2My05Y2RlLWRlOWFmODg3YTNkNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOCAwDQYJKoZIhvcNAQELBQADggEBAIMDUH2lT5XEyfKhdNC8 rdDA2cMyPQgUWI017Mw5nlM0TOzae+fNdDlBd34NXT0Z5zqrE0SN7lvwmhB80XDH Mridj0cGuJkbolqpVA99apULX2O/6hfVm6dIwX+4imOUOoL3i813SDfaBoC+Th/L Ye2lr4uu6ehLSwB8zzxl3x3kIzNeHN35kOzXDG8qyUOk8Zn1M94hUS9S1ZNYRBF8 gUPVnwRIji8ces/uAp/Zn+MMjEFgoinbA5UYUvd8G4WQ4vJKKKCmXUxQN+qFU68A GQy5NtCEyru/a+xslrHB3TpdVJQQRonLdNd/AauWDKbqYY3UElU60n4+32uMANPc sDw= -----END CERTIFICATE-----Generated at Wed Jul 30 10:46:29 2025 by rpki-client