$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e3647b30-15b8-4dd3-8527-ddb9634cb404.roa File: e3647b30-15b8-4dd3-8527-ddb9634cb404.roa (raw, json) Hash identifier: A18k9aPqQugL/IlmWKUOYWqRKzvpT3lJIxfcNmacdoM= Subject key identifier: 61:61:F4:01:01:1B:2E:3F:F5:DA:60:7C:84:34:80:DE:B1:0E:DA:D9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6E3611EEEFFB0BF4BABC53C3FA949722ED981935 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e3647b30-15b8-4dd3-8527-ddb9634cb404.roa Signing time: Tue 29 Jul 2025 00:20:20 +0000 ROA not before: Tue 29 Jul 2025 00:20:20 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:c840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:36:11:ee:ef:fb:0b:f4:ba:bc:53:c3:fa:94:97:22:ed:98:19:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:20:20 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=0ca5746df04d6fc58fbd8706de56a871950e7f2ea6eb386966879173e55e45c0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:23:6b:7e:97:39:78:2b:cf:32:b2:d6:bb:c5: 3b:24:fd:34:47:46:62:0e:72:b3:a1:32:ad:b6:92: f3:3a:aa:c0:da:d1:41:cf:e2:96:e0:41:1e:d9:d0: 71:79:8e:69:c2:34:ad:1c:96:7b:6d:82:58:80:9c: f6:82:13:81:ca:77:ee:ce:d5:5e:e3:3d:9b:00:b3: b7:04:cc:fd:f9:12:e6:be:e4:6f:5a:4a:08:6d:77: f8:bb:d0:0a:56:65:9b:e4:f4:31:ab:10:4a:6c:11: ef:f1:47:a5:18:85:2c:38:7b:b1:90:4e:9c:1c:cf: d2:90:75:35:ae:c4:4f:ad:cf:45:a3:fa:90:1d:95: 0e:f9:c5:ad:1c:71:93:74:e4:76:13:f7:ae:3a:af: b0:56:11:3a:36:8a:4b:8c:21:12:1c:1c:9f:29:e7: 17:ff:3c:1d:06:71:d0:27:ee:47:4b:5a:3a:34:7e: 35:2c:41:42:35:29:e0:7f:f3:2c:48:23:43:ad:01: 7c:2d:72:ae:30:e8:13:d2:9b:a0:d7:14:4a:0d:69: 24:2b:2f:d5:a2:de:51:53:39:ef:e0:80:d9:45:38: b8:c0:cc:41:d5:65:5f:16:39:df:fc:67:80:51:cc: 78:54:2e:5c:5d:99:30:af:2c:1d:7a:83:71:e6:10: a9:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:61:F4:01:01:1B:2E:3F:F5:DA:60:7C:84:34:80:DE:B1:0E:DA:D9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e3647b30-15b8-4dd3-8527-ddb9634cb404.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:c840::/48 Signature Algorithm: sha256WithRSAEncryption 04:24:38:40:d7:67:37:1a:dc:25:e3:04:04:fb:e2:1b:f2:83: bd:29:bb:93:0a:35:ba:e0:70:37:38:15:05:99:05:60:0d:96: 48:d0:1d:e6:ac:6b:b7:c1:b5:03:ad:7a:98:32:ad:e9:3d:fe: bf:4a:2e:38:3c:15:d9:05:39:1f:cb:d1:b4:4b:6d:02:cb:36: f1:12:1c:8f:4d:ca:88:b6:c6:e9:50:63:09:a3:4f:3b:4e:95: e5:e7:db:17:89:cb:8e:59:de:74:8b:6a:b8:80:3f:d1:d1:84: b2:36:1f:5d:16:fa:a6:8b:6a:2f:53:a3:2e:03:b2:9d:65:47: be:06:42:d9:5d:62:91:c1:9f:25:cb:d2:68:eb:3d:e1:72:93: ce:fb:a0:19:d8:1d:e2:06:ef:4d:c8:9d:aa:5f:15:7c:b7:6d: cb:6d:f3:6f:21:96:ff:3e:4f:44:19:ac:98:10:71:f6:34:3c: 4d:83:98:d5:61:44:1c:da:e0:28:3b:bb:64:94:e6:c6:40:e7: f1:4a:dd:97:21:f6:4d:6c:a6:43:14:2e:bf:c0:49:06:89:f5: bc:45:fd:65:14:30:16:7b:0c:59:1c:9d:cd:d9:22:16:53:e6: af:be:99:1f:28:99:40:8c:6b:85:f6:d6:a2:96:2a:4c:38:98: d0:00:7c:e6 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUbjYR7u/7C/S6vFPD+pSXIu2YGTUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwMjAyMFoX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNAMGNhNTc0NmRmMDRkNmZjNThmYmQ4 NzA2ZGU1NmE4NzE5NTBlN2YyZWE2ZWIzODY5NjY4NzkxNzNlNTVlNDVjMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSNrfpc5eCvPMrLWu8U7JP00R0Zi DnKzoTKttpLzOqrA2tFBz+KW4EEe2dBxeY5pwjStHJZ7bYJYgJz2ghOBynfuztVe 4z2bALO3BMz9+RLmvuRvWkoIbXf4u9AKVmWb5PQxqxBKbBHv8UelGIUsOHuxkE6c HM/SkHU1rsRPrc9Fo/qQHZUO+cWtHHGTdOR2E/euOq+wVhE6NopLjCESHByfKecX /zwdBnHQJ+5HS1o6NH41LEFCNSngf/MsSCNDrQF8LXKuMOgT0pug1xRKDWkkKy/V ot5RUznv4IDZRTi4wMxB1WVfFjnf/GeAUcx4VC5cXZkwrywdeoNx5hCpWwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGFh9AEBGy4/9dpgfIQ0gN6xDtrZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UzNjQ3YjMwLTE1YjgtNGRkMy04NTI3LWRkYjk2MzRjYjQwNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOMhAMA0GCSqGSIb3DQEBCwUAA4IBAQAEJDhA12c3Gtwl4wQE ++Ib8oO9KbuTCjW64HA3OBUFmQVgDZZI0B3mrGu3wbUDrXqYMq3pPf6/Si44PBXZ BTkfy9G0S20CyzbxEhyPTcqItsbpUGMJo087TpXl59sXicuOWd50i2q4gD/R0YSy Nh9dFvqmi2ovU6MuA7KdZUe+BkLZXWKRwZ8ly9Jo6z3hcpPO+6AZ2B3iBu9NyJ2q XxV8t23LbfNvIZb/Pk9EGayYEHH2NDxNg5jVYUQc2uAoO7tklObGQOfxSt2XIfZN bKZDFC6/wEkGifW8Rf1lFDAWewxZHJ3N2SIWU+avvpkfKJlAjGuF9tailipMOJjQ AHzm -----END CERTIFICATE-----Generated at Thu Jul 31 01:02:35 2025 by rpki-client