$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f30d8c61-acb1-465e-a200-0d6a14eb38de.roa File: f30d8c61-acb1-465e-a200-0d6a14eb38de.roa (raw, json) Hash identifier: 3AjXfW9DemPB7QH/wWV4u4YjLqDJlHT/SkHE9PNYyDU= Subject key identifier: 4C:92:95:80:F0:52:F4:AB:F8:29:95:E8:58:4D:0A:42:2F:37:0E:8E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 418FA45C4DF42E0BFD9F85AC5E1E51DCA44A0651 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f30d8c61-acb1-465e-a200-0d6a14eb38de.roa Signing time: Mon 07 Jul 2025 15:41:04 +0000 ROA not before: Mon 07 Jul 2025 15:41:04 +0000 ROA not after: Mon 11 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da12::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:8f:a4:5c:4d:f4:2e:0b:fd:9f:85:ac:5e:1e:51:dc:a4:4a:06:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 7 15:41:04 2025 GMT Not After : Aug 11 23:59:59 2025 GMT Subject: serialNumber=b40958c9c2c6494a8e6e5a7ee008ebedb285b3fa9f3139aeea0e9077dbfc1bda, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:1d:87:71:08:4e:7e:cf:e1:13:d5:27:8c:4e: 69:48:44:00:e1:c8:84:a0:84:02:0d:ad:ea:7a:61: d9:da:24:8a:ab:9f:a9:03:c7:2c:a6:82:16:a5:e3: 73:44:99:0a:c4:66:ce:9b:a7:d4:9c:47:a4:62:c6: 4c:4d:1d:09:08:39:6d:d7:dc:d0:0b:4d:aa:00:bc: 81:9c:83:bc:d0:4e:8d:1c:65:dd:b3:2e:66:60:6c: b4:89:54:21:34:5b:cb:c6:cc:d3:0b:e5:ed:98:19: 09:47:ca:af:c0:96:6e:a8:5d:e4:de:5d:61:64:3d: 78:5c:84:55:18:e2:a5:b4:b5:b7:b0:40:72:be:22: 7a:40:89:47:85:42:08:8f:e7:c0:d6:a3:32:0d:12: 01:eb:50:a2:02:5f:63:cd:67:be:c4:55:98:e8:95: 13:14:ae:10:12:67:8c:56:b1:fd:c9:08:ad:ca:16: 25:1e:6c:06:d6:84:fa:de:f7:e3:5b:26:33:20:89: ba:51:80:35:80:e6:22:d8:81:98:0a:57:01:91:5c: 2c:14:02:a7:8c:6e:a8:22:14:5d:98:0a:11:64:4f: c9:88:12:f5:ce:b8:60:7a:b7:62:57:ea:dd:e8:55: 84:9e:11:92:31:37:73:f5:cb:ad:9e:d1:3f:59:df: 23:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:92:95:80:F0:52:F4:AB:F8:29:95:E8:58:4D:0A:42:2F:37:0E:8E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f30d8c61-acb1-465e-a200-0d6a14eb38de.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da12::/38 Signature Algorithm: sha256WithRSAEncryption 4f:68:3d:70:e1:86:b8:be:fb:f2:db:ca:c5:7b:75:02:9f:8f: e8:07:e7:3b:19:98:61:48:02:41:13:8f:a0:ee:ff:f2:8f:37: 87:2f:69:44:5a:7f:a8:f8:f1:af:37:ff:d7:7e:f5:9d:d9:94: 11:7b:29:9f:a3:44:d9:80:e0:17:82:20:20:3d:ee:7a:5a:2c: 72:3e:21:27:f1:01:ed:de:2d:89:2b:8c:35:24:6f:6f:db:1a: cf:d3:9a:07:49:6a:b9:ad:87:84:30:e4:3b:16:16:05:ae:11: 74:7e:b9:4c:60:86:d5:98:41:82:48:1c:59:b1:fc:44:7c:e3: 32:8f:1a:04:69:40:61:b8:bd:36:a1:01:a5:af:de:6b:d4:b7: 98:6f:7d:a9:f3:b3:ca:c1:2d:5e:cf:a5:0c:d2:84:98:6a:6e: f2:a1:f7:a0:ff:d7:2b:57:06:d4:c1:73:80:86:37:70:83:29: a0:12:fe:5e:a8:e6:72:b3:64:3d:b9:6b:74:f5:25:76:6f:2b: 9f:3d:80:d5:ac:04:b6:34:35:b6:b5:61:3b:12:97:c5:3d:c0: ca:43:2a:5e:a7:af:cb:ff:ac:71:9d:52:bd:97:7f:dd:cd:11: 1a:8a:94:c5:03:9c:3e:57:19:2c:b7:a0:dd:c0:28:0b:b9:b2: b2:9c:f7:e2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQY+kXE30Lgv9n4WsXh5R3KRKBlEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE1NDEwNFoX DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAYjQwOTU4YzljMmM2NDk0YThlNmU1 YTdlZTAwOGViZWRiMjg1YjNmYTlmMzEzOWFlZWEwZTkwNzdkYmZjMWJkYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlx2HcQhOfs/hE9UnjE5pSEQA4ciE oIQCDa3qemHZ2iSKq5+pA8cspoIWpeNzRJkKxGbOm6fUnEekYsZMTR0JCDlt19zQ C02qALyBnIO80E6NHGXdsy5mYGy0iVQhNFvLxszTC+XtmBkJR8qvwJZuqF3k3l1h ZD14XIRVGOKltLW3sEByviJ6QIlHhUIIj+fA1qMyDRIB61CiAl9jzWe+xFWY6JUT FK4QEmeMVrH9yQityhYlHmwG1oT63vfjWyYzIIm6UYA1gOYi2IGYClcBkVwsFAKn jG6oIhRdmAoRZE/JiBL1zrhgerdiV+rd6FWEnhGSMTdz9cutntE/Wd8jgQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEySlYDwUvSr+CmV6FhNCkIvNw6OMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YzMGQ4YzYxLWFjYjEtNDY1ZS1hMjAwLTBkNmExNGViMzhkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaEgAwDQYJKoZIhvcNAQELBQADggEBAE9oPXDhhri++/LbysV7 dQKfj+gH5zsZmGFIAkETj6Du//KPN4cvaURaf6j48a83/9d+9Z3ZlBF7KZ+jRNmA 4BeCICA97npaLHI+ISfxAe3eLYkrjDUkb2/bGs/TmgdJarmth4Qw5DsWFgWuEXR+ uUxghtWYQYJIHFmx/ER84zKPGgRpQGG4vTahAaWv3mvUt5hvfanzs8rBLV7PpQzS hJhqbvKh96D/1ytXBtTBc4CGN3CDKaAS/l6o5nKzZD25a3T1JXZvK589gNWsBLY0 Nba1YTsSl8U9wMpDKl6nr8v/rHGdUr2Xf93NERqKlMUDnD5XGSy3oN3AKAu5srKc 9+I= -----END CERTIFICATE-----Generated at Thu Jul 31 01:02:13 2025 by rpki-client