$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f2dd6a07-efa1-4a66-9f07-179c2e6d4574.roa File: f2dd6a07-efa1-4a66-9f07-179c2e6d4574.roa (raw, json) Hash identifier: zdoDcZ2CPrlUjy2W2a4UMjm5PCeyyZhdUhKfiGju3lQ= Subject key identifier: F1:13:46:E1:E5:AE:00:64:01:C4:2E:1F:63:D1:DB:C9:C7:12:13:1A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 202D61D2A88623F445A391C20C3D667708C70C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f2dd6a07-efa1-4a66-9f07-179c2e6d4574.roa Signing time: Fri 25 Jul 2025 00:00:56 +0000 ROA not before: Fri 25 Jul 2025 00:00:56 +0000 ROA not after: Fri 29 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:2d:61:d2:a8:86:23:f4:45:a3:91:c2:0c:3d:66:77:08:c7:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 25 00:00:56 2025 GMT Not After : Aug 29 23:59:59 2025 GMT Subject: serialNumber=9df9387932bd556fdd6d556941155a455e722fc982814323622413e1821ba7ff, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:75:10:68:94:d1:92:9d:19:b6:c0:44:e4:11: 42:4e:b7:79:f6:a5:5d:3a:87:d5:8a:5c:91:a7:a8: 16:35:a6:53:5a:8b:09:19:7a:16:8b:d5:34:44:25: c4:a1:39:e4:ec:0a:2e:56:b6:84:53:76:f5:01:5e: 06:e3:73:23:f6:b8:1b:77:e8:a4:ce:01:dc:e0:6c: 0d:0c:41:0b:43:f5:fa:b5:59:5a:02:86:ca:de:ab: 7e:89:6c:45:2c:2a:d7:12:75:a6:3d:e7:3b:8b:b9: 17:3e:10:c2:ad:60:be:3f:ad:70:a2:31:5c:0e:50: 60:79:8c:46:70:68:e2:7b:fc:f3:d8:3e:f1:dc:2f: b5:7b:0f:9d:cf:6b:02:16:ae:67:88:d7:a3:48:29: 25:78:f7:a9:bc:4a:a4:57:fc:44:2d:6c:51:1c:f1: e4:a0:a7:14:10:36:8e:99:e9:f5:33:36:fd:d0:ca: 44:75:8e:5a:d1:8a:fa:f9:9f:26:96:7f:60:0a:c0: 1b:f0:a0:f5:bf:c9:15:05:fa:1d:cc:68:26:3e:33: d2:2c:3a:67:a3:97:d2:b8:df:02:91:2b:73:f4:fe: ff:6e:62:08:b3:2b:01:26:25:de:a2:74:44:ce:36: d2:41:84:1d:32:9b:00:da:bd:a7:6f:53:52:e7:95: 12:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:13:46:E1:E5:AE:00:64:01:C4:2E:1F:63:D1:DB:C9:C7:12:13:1A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f2dd6a07-efa1-4a66-9f07-179c2e6d4574.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:6000::/40 Signature Algorithm: sha256WithRSAEncryption 45:aa:66:24:a9:e1:9c:3b:a5:a7:9c:79:2b:c7:60:59:17:3f: 23:90:5f:92:48:8e:aa:82:01:f2:51:67:9b:ca:4e:af:8a:40: 90:90:0a:89:0e:74:be:fd:96:5c:ef:71:65:fa:39:f3:c7:85: c5:33:73:21:cc:99:7b:33:0d:9f:fe:14:16:40:de:49:bf:9c: d1:3c:d3:ba:ee:06:d9:66:43:9b:19:bd:29:fe:ee:7d:4c:1d: 59:ee:aa:89:40:f7:55:1b:42:67:98:f4:f9:72:53:a1:72:90: 81:85:93:5b:85:aa:9a:78:14:04:7f:c1:30:1e:0a:d4:2e:3c: 8f:c5:d4:7e:9a:cb:24:e1:63:e9:c6:6a:17:7e:64:29:df:3b: 7f:0e:39:a1:1f:4f:3b:09:97:69:de:00:08:e5:f0:36:61:52: ef:42:e5:ee:e2:e9:50:08:ea:90:d4:8b:36:a5:0e:51:41:9d: 43:f7:f0:7d:06:f4:c0:bc:02:b0:0e:1e:09:a9:2e:4f:28:ca: 34:45:04:6f:fe:2e:70:c4:7e:79:d7:a2:a4:69:1c:2a:a8:87: f5:01:76:d5:9f:17:ad:fe:47:0a:47:dd:c0:96:19:f7:1e:87: 54:a6:03:45:61:58:da:77:bc:e3:d2:d9:97:2b:1f:56:cc:fc: 27:d8:db:10 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgITIC1h0qiGI/RFo5HCDD1mdwjHDDANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjUwNzI1MDAwMDU2WhcN MjUwODI5MjM1OTU5WjB6MUkwRwYDVQQFE0A5ZGY5Mzg3OTMyYmQ1NTZmZGQ2ZDU1 Njk0MTE1NWE0NTVlNzIyZmM5ODI4MTQzMjM2MjI0MTNlMTgyMWJhN2ZmMS0wKwYD VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5dRBolNGSnRm2wETkEUJOt3n2pV06 h9WKXJGnqBY1plNaiwkZehaL1TREJcShOeTsCi5WtoRTdvUBXgbjcyP2uBt36KTO AdzgbA0MQQtD9fq1WVoChsreq36JbEUsKtcSdaY95zuLuRc+EMKtYL4/rXCiMVwO UGB5jEZwaOJ7/PPYPvHcL7V7D53PawIWrmeI16NIKSV496m8SqRX/EQtbFEc8eSg pxQQNo6Z6fUzNv3QykR1jlrRivr5nyaWf2AKwBvwoPW/yRUF+h3MaCY+M9IsOmej l9K43wKRK3P0/v9uYgizKwEmJd6idETONtJBhB0ymwDavadvU1LnlRIHAgMBAAGj ggJKMIICRjAdBgNVHQ4EFgQU8RNG4eWuAGQBxC4fY9HbyccSExowHwYDVR0jBBgw FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv ZjJkZDZhMDctZWZhMS00YTY2LTlmMDctMTc5YzJlNmQ0NTc0LnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E AgACMAgDBgAkBtpgYDANBgkqhkiG9w0BAQsFAAOCAQEARapmJKnhnDulp5x5K8dg WRc/I5BfkkiOqoIB8lFnm8pOr4pAkJAKiQ50vv2WXO9xZfo588eFxTNzIcyZezMN n/4UFkDeSb+c0TzTuu4G2WZDmxm9Kf7ufUwdWe6qiUD3VRtCZ5j0+XJToXKQgYWT W4WqmngUBH/BMB4K1C48j8XUfprLJOFj6cZqF35kKd87fw45oR9POwmXad4ACOXw NmFS70Ll7uLpUAjqkNSLNqUOUUGdQ/fwfQb0wLwCsA4eCakuTyjKNEUEb/4ucMR+ edeipGkcKqiH9QF21Z8Xrf5HCkfdwJYZ9x6HVKYDRWFY2ne849LZlysfVsz8J9jb EA== -----END CERTIFICATE-----Generated at Thu Jul 31 01:02:35 2025 by rpki-client