$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e516b28b-c549-41c8-a3c8-97331669f493.roa File: e516b28b-c549-41c8-a3c8-97331669f493.roa (raw, json) Hash identifier: ny18w4c769yNv/NePsa7tQ/o+FtFIyqIIAc7zuESzgY= Subject key identifier: BE:19:59:31:FB:1D:DA:28:CE:CF:27:30:E7:2D:E1:FC:B4:79:9A:C8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3E565F87EAB202B29D9ABACF95DB0CDFCD73E1F0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e516b28b-c549-41c8-a3c8-97331669f493.roa Signing time: Tue 29 Jul 2025 00:40:15 +0000 ROA not before: Tue 29 Jul 2025 00:40:15 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:c800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:56:5f:87:ea:b2:02:b2:9d:9a:ba:cf:95:db:0c:df:cd:73:e1:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:40:15 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=99b2f06c0fdd60ea5212787b52d56cf8aa749114a48aa2f56d7c53798a91d820, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:cf:7f:c0:53:87:58:4b:a3:1b:42:69:3c:b4: 17:16:64:83:24:87:c2:17:56:72:d7:42:d4:33:4e: c4:a2:2a:f3:9d:5c:63:5f:5d:93:51:93:a7:71:fd: 30:87:90:9a:7e:07:17:0d:c8:aa:d0:5b:f4:19:fb: e0:8e:8c:1f:a8:c9:a8:82:90:90:3d:df:ae:8b:51: 59:f7:b4:7a:ed:c2:58:d7:fe:e5:a4:80:c9:e5:c6: 43:9b:ee:cb:60:4c:a5:e9:39:9a:86:2c:33:e0:c4: 29:61:d5:ab:58:8d:51:64:0a:63:2a:7d:77:5e:fc: af:49:35:69:d0:6f:68:90:c8:6e:b0:de:5d:2d:df: 6a:61:56:db:31:b2:bc:2c:d1:8a:2b:80:9e:d4:7d: b2:dd:d9:cd:2f:84:59:8b:ec:02:b8:b1:fe:2a:be: 11:d6:99:a1:33:d8:d3:b1:d0:91:15:dc:ca:02:3c: 6d:62:0e:0d:66:b2:68:1f:e5:ef:f7:66:1e:1e:f8: 07:12:b8:50:28:c9:c4:7d:63:d4:1a:b6:2b:57:01: b7:b6:b1:e2:59:cc:c0:b8:61:87:7e:cf:42:fa:4f: f6:84:f7:36:85:86:dc:9c:41:af:a8:d3:e0:66:30: 18:ca:97:b3:49:a3:c7:c9:61:f8:77:b4:84:63:c3: c0:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:19:59:31:FB:1D:DA:28:CE:CF:27:30:E7:2D:E1:FC:B4:79:9A:C8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e516b28b-c549-41c8-a3c8-97331669f493.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:c800::/40 Signature Algorithm: sha256WithRSAEncryption aa:99:45:8a:9d:99:62:15:80:e3:fb:40:d1:ce:f7:08:69:d9: a9:1e:7f:7d:12:36:84:01:e3:25:62:a9:32:34:44:a1:13:f9: a7:34:e7:3b:7c:5d:97:66:3c:9f:6a:31:ee:a2:c1:5e:f5:97: 8d:4d:cc:15:41:56:65:76:22:d0:2e:02:e7:92:67:e1:4b:00: 19:61:8b:30:93:13:14:87:9c:5d:de:84:61:a1:fe:a7:65:a6: 79:5f:64:d7:c2:f8:3f:7c:1b:32:7d:84:01:52:64:b6:50:a0: 87:bd:b0:c0:44:cf:a9:05:42:31:98:8f:aa:4c:f6:69:41:d6: d7:9b:a5:87:e4:6c:b4:68:d6:a9:e0:53:70:2b:f5:45:0b:67: 08:b1:5d:f8:17:c9:65:9c:44:67:d8:ee:0e:17:80:05:fe:47: 6f:8e:fb:d1:78:20:4b:72:c3:5f:dc:a6:d4:04:b4:9a:cc:2f: 3f:99:01:4c:6e:03:99:5f:8e:4d:01:bc:6e:4c:1a:73:15:13: 66:2c:29:2b:03:97:ce:af:a7:41:4d:d6:a8:80:96:9c:31:54: 3c:ff:61:b6:45:47:94:fe:35:27:14:4e:fa:84:25:0c:49:49: 2b:22:19:82:20:4f:00:45:0a:86:36:65:00:d8:a1:55:bb:c5: c2:16:b1:3d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPlZfh+qyArKdmrrPldsM381z4fAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwNDAxNVoX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNAOTliMmYwNmMwZmRkNjBlYTUyMTI3 ODdiNTJkNTZjZjhhYTc0OTExNGE0OGFhMmY1NmQ3YzUzNzk4YTkxZDgyMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw89/wFOHWEujG0JpPLQXFmSDJIfC F1Zy10LUM07EoirznVxjX12TUZOncf0wh5CafgcXDciq0Fv0GfvgjowfqMmogpCQ Pd+ui1FZ97R67cJY1/7lpIDJ5cZDm+7LYEyl6Tmahiwz4MQpYdWrWI1RZApjKn13 XvyvSTVp0G9okMhusN5dLd9qYVbbMbK8LNGKK4Ce1H2y3dnNL4RZi+wCuLH+Kr4R 1pmhM9jTsdCRFdzKAjxtYg4NZrJoH+Xv92YeHvgHErhQKMnEfWPUGrYrVwG3trHi WczAuGGHfs9C+k/2hPc2hYbcnEGvqNPgZjAYypezSaPHyWH4d7SEY8PATwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFL4ZWTH7Hdoozs8nMOct4fy0eZrIMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2U1MTZiMjhiLWM1NDktNDFjOC1hM2M4LTk3MzMxNjY5ZjQ5My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8sgwDQYJKoZIhvcNAQELBQADggEBAKqZRYqdmWIVgOP7QNHO 9whp2akef30SNoQB4yViqTI0RKET+ac05zt8XZdmPJ9qMe6iwV71l41NzBVBVmV2 ItAuAueSZ+FLABlhizCTExSHnF3ehGGh/qdlpnlfZNfC+D98GzJ9hAFSZLZQoIe9 sMBEz6kFQjGYj6pM9mlB1tebpYfkbLRo1qngU3Ar9UULZwixXfgXyWWcRGfY7g4X gAX+R2+O+9F4IEtyw1/cptQEtJrMLz+ZAUxuA5lfjk0BvG5MGnMVE2YsKSsDl86v p0FN1qiAlpwxVDz/YbZFR5T+NScUTvqEJQxJSSsiGYIgTwBFCoY2ZQDYoVW7xcIW sT0= -----END CERTIFICATE-----Generated at Thu Jul 31 01:00:41 2025 by rpki-client