$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f38953cd-42bb-4366-8bc6-17e1a01d2f4a.roa File: f38953cd-42bb-4366-8bc6-17e1a01d2f4a.roa (raw, json) Hash identifier: /iAjDF5vaa8kjH2smdKbWnv5vbFr0eidLOLlDG/rba4= Subject key identifier: 23:A8:A8:5E:8A:51:6F:ED:FA:BE:7A:3B:FC:CA:23:10:05:E7:B1:BC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3E3B4EBC72BD1BB09533E19175366B2480D9BDC9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f38953cd-42bb-4366-8bc6-17e1a01d2f4a.roa Signing time: Fri 25 Jul 2025 00:01:49 +0000 ROA not before: Fri 25 Jul 2025 00:01:49 +0000 ROA not after: Fri 29 Aug 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da60:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:3b:4e:bc:72:bd:1b:b0:95:33:e1:91:75:36:6b:24:80:d9:bd:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 25 00:01:49 2025 GMT Not After : Aug 29 23:59:59 2025 GMT Subject: serialNumber=d75cd2528ad174118aed5a77f5666009b60511d30c0ed0bd08e777a295194d8a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:60:f1:d7:8c:66:91:74:cb:33:9f:50:e3:a2: 3b:11:36:0b:20:92:81:8e:ab:53:a8:bf:fb:00:12: 06:20:f1:4d:57:01:32:62:3c:91:e0:bb:36:12:8f: d2:f7:4e:86:9f:10:86:4a:e5:83:ac:7a:d3:4f:f8: a1:ba:ee:57:f0:da:1a:00:83:a4:c5:96:05:45:62: 53:29:0b:c5:d8:8e:47:7c:95:1f:a8:0d:59:51:08: b0:2e:24:f7:b0:49:aa:b2:01:ea:25:b9:f1:3f:57: c6:48:64:94:f4:cc:5b:64:c1:f8:78:49:e4:20:f4: dc:72:29:56:6c:a5:d2:5f:71:bd:11:81:f5:72:27: b6:c0:f2:c6:87:c9:01:0a:a0:64:0e:85:39:0d:64: 21:de:ab:7a:7f:ae:b2:da:46:a2:8f:64:05:90:c5: 48:ad:94:09:2e:27:d8:2f:e7:bb:2b:2b:9e:8b:ff: 6f:2e:4c:5b:4d:0f:16:40:8f:e6:c2:2c:d3:b3:f2: 50:54:5f:23:43:e3:71:76:0e:19:16:11:3b:3f:71: da:d8:f3:0c:7e:49:42:80:81:65:37:db:b6:98:6e: c9:a7:f8:25:3e:8b:bf:d4:7e:d7:4f:08:19:9a:f6: 8d:40:d8:cd:8b:f3:34:0e:39:a6:00:6c:b2:b8:5c: 54:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:A8:A8:5E:8A:51:6F:ED:FA:BE:7A:3B:FC:CA:23:10:05:E7:B1:BC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f38953cd-42bb-4366-8bc6-17e1a01d2f4a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:7000::/40 Signature Algorithm: sha256WithRSAEncryption 32:dc:d6:fb:e4:9e:d3:72:03:3a:4d:0d:6b:8a:b6:b1:90:36: 93:f7:e1:a0:a8:ee:0c:07:93:92:74:6a:db:02:fa:e1:58:50: d6:51:d5:2a:40:71:c7:6c:66:9d:3a:42:23:90:e3:58:d5:28: ca:b9:55:d0:8e:ad:40:c6:e1:04:e9:2b:1b:90:73:ee:31:bc: a6:0e:1e:b1:a7:86:5d:95:20:d6:15:5a:f5:44:0c:1c:45:52: 6c:f3:36:27:ec:28:92:bc:7f:09:c5:b9:5c:97:34:7e:2e:99: b2:0b:11:fb:80:6a:b6:2f:2c:eb:9d:75:a2:e0:14:61:36:0a: b8:76:04:be:08:89:b9:bd:b6:b9:7a:c2:40:53:1c:1c:15:6d: 8a:8e:13:cb:c6:38:b6:f8:eb:98:40:21:7c:c8:0e:0e:77:4d: ff:80:85:2e:61:d3:29:f6:42:c6:1c:96:67:54:42:62:33:67: 7e:f1:d5:5e:cb:9d:e3:4b:97:21:17:79:f9:b7:9f:ab:01:7f: f4:2c:d9:c1:8c:5b:f5:6f:c8:ab:30:cf:1c:b9:b5:d6:8d:be: 65:1f:5f:c9:2b:37:c7:74:24:bb:d7:6b:ff:2d:f8:9c:d1:0c: f5:20:47:60:98:81:a8:3e:91:3e:d4:f7:f8:4f:c9:33:ad:67: b2:57:bb:a8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPjtOvHK9G7CVM+GRdTZrJIDZvckwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyNTAwMDE0OVoX DTI1MDgyOTIzNTk1OVowejFJMEcGA1UEBRNAZDc1Y2QyNTI4YWQxNzQxMThhZWQ1 YTc3ZjU2NjYwMDliNjA1MTFkMzBjMGVkMGJkMDhlNzc3YTI5NTE5NGQ4YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2GDx14xmkXTLM59Q46I7ETYLIJKB jqtTqL/7ABIGIPFNVwEyYjyR4Ls2Eo/S906GnxCGSuWDrHrTT/ihuu5X8NoaAIOk xZYFRWJTKQvF2I5HfJUfqA1ZUQiwLiT3sEmqsgHqJbnxP1fGSGSU9MxbZMH4eEnk IPTccilWbKXSX3G9EYH1cie2wPLGh8kBCqBkDoU5DWQh3qt6f66y2kaij2QFkMVI rZQJLifYL+e7Kyuei/9vLkxbTQ8WQI/mwizTs/JQVF8jQ+Nxdg4ZFhE7P3Ha2PMM fklCgIFlN9u2mG7Jp/glPou/1H7XTwgZmvaNQNjNi/M0DjmmAGyyuFxUPQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCOoqF6KUW/t+r56O/zKIxAF57G8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YzODk1M2NkLTQyYmItNDM2Ni04YmM2LTE3ZTFhMDFkMmY0YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYHAwDQYJKoZIhvcNAQELBQADggEBADLc1vvkntNyAzpNDWuK trGQNpP34aCo7gwHk5J0atsC+uFYUNZR1SpAccdsZp06QiOQ41jVKMq5VdCOrUDG 4QTpKxuQc+4xvKYOHrGnhl2VINYVWvVEDBxFUmzzNifsKJK8fwnFuVyXNH4umbIL EfuAarYvLOuddaLgFGE2Crh2BL4Iibm9trl6wkBTHBwVbYqOE8vGOLb465hAIXzI Dg53Tf+AhS5h0yn2QsYclmdUQmIzZ37x1V7LneNLlyEXefm3n6sBf/Qs2cGMW/Vv yKswzxy5tdaNvmUfX8krN8d0JLvXa/8t+JzRDPUgR2CYgag+kT7U9/hPyTOtZ7JX u6g= -----END CERTIFICATE-----Generated at Thu Jul 31 01:04:08 2025 by rpki-client