$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f607473c-b847-4f33-9284-b75fe670bc74.roa File: f607473c-b847-4f33-9284-b75fe670bc74.roa (raw, json) Hash identifier: Q62+BrVYNTul5N0w9Q7HR4CN76IfYttZVTdn7JO0G+I= Subject key identifier: 65:4B:22:67:B5:AE:72:02:2E:38:E6:C1:25:91:73:56:C7:B3:79:93 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 20C29FD234F7E132BD7BECEBC2A22B0AAA5DF13E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f607473c-b847-4f33-9284-b75fe670bc74.roa Signing time: Wed 30 Jul 2025 00:02:05 +0000 ROA not before: Wed 30 Jul 2025 00:02:05 +0000 ROA not after: Wed 03 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:c000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:c2:9f:d2:34:f7:e1:32:bd:7b:ec:eb:c2:a2:2b:0a:aa:5d:f1:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 30 00:02:05 2025 GMT Not After : Sep 3 23:59:59 2025 GMT Subject: serialNumber=49a63b520fece70a7d31c14cded34e504790f245c069ed6de1e2f73e4185fbe8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:7d:9d:a4:86:b3:33:94:cd:c1:56:9d:6f:f0: 4b:c2:c2:04:9f:bb:02:62:25:05:11:16:34:6b:07: 57:37:69:9d:4a:13:88:db:77:d7:ca:a1:82:9d:18: 0a:43:3e:23:b9:ed:7e:9f:c4:48:01:ae:86:99:12: ac:c8:d7:e3:00:ec:9d:44:a0:59:d3:b6:56:06:5f: 98:7c:3e:7f:89:e7:5d:03:8a:c8:be:78:57:d7:44: e8:51:8e:a4:53:2d:2a:b6:a3:07:1c:43:f1:42:25: a0:ed:92:0c:37:dd:fe:78:a5:de:82:b7:71:eb:78: 56:7e:a0:f6:38:69:9a:ff:98:54:af:a5:1b:9b:d7: c2:58:c0:47:8d:e8:91:08:35:54:fd:64:38:5b:35: b2:3f:1e:0e:d1:5d:a2:c5:71:74:ab:18:02:c4:6e: 93:af:f7:1d:9c:4b:9d:8c:4e:ca:bb:4c:d9:35:14: 01:56:b8:fd:35:77:4b:a2:d7:84:bf:9b:39:71:75: 18:02:e3:0f:90:66:1e:4a:1e:82:01:de:de:55:37: 3c:cf:d7:d0:e2:73:1a:0a:1c:3c:55:f0:ec:7b:b7: 12:d9:51:ed:e2:89:0a:c4:94:6a:76:5b:28:59:8f: ce:d1:4f:db:27:ab:99:41:72:85:4a:23:a3:7b:c0: 95:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:4B:22:67:B5:AE:72:02:2E:38:E6:C1:25:91:73:56:C7:B3:79:93 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f607473c-b847-4f33-9284-b75fe670bc74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:c000::/40 Signature Algorithm: sha256WithRSAEncryption 4f:ca:98:e2:fc:82:32:40:c8:48:76:21:74:a4:3f:e6:4e:13: c1:0f:20:67:9d:a4:e2:8f:b4:f8:a1:ee:1f:13:49:a4:a7:d8: 1f:dd:e2:40:9b:31:f7:1b:8c:c3:d1:2c:6f:da:45:23:d0:4d: ef:a6:f7:47:1a:ca:1f:e2:28:8e:76:fb:8d:97:39:81:61:1d: 4f:ee:f8:42:0d:bd:ae:d3:ee:1d:46:e8:58:5b:98:c5:a5:4b: 39:70:9f:5b:97:c6:ad:a2:40:08:93:1b:e0:77:1b:0d:11:94: c9:da:13:ad:9f:60:c5:eb:69:5a:af:fa:f1:ad:a2:11:c2:26: b5:38:69:9c:8b:53:47:02:d2:c7:ac:1d:ec:13:39:2e:1c:66: c5:ce:e5:78:1e:0b:9b:f4:cb:67:3d:4c:b1:e6:c0:10:f7:d6: ce:d0:a0:dc:44:27:0f:1e:4a:26:6c:fd:ce:a8:f6:7a:0f:e2: cc:2b:75:23:22:92:73:18:7f:89:dc:54:84:23:e1:8e:64:bd: 2e:18:ad:7e:a9:62:c6:02:49:78:0a:bd:af:b5:5f:90:fe:7e: 4b:29:d4:c3:90:bc:fd:47:04:51:74:52:02:0e:f0:58:b1:91: 5b:6f:f3:f8:77:1d:16:b3:84:e9:9e:4f:d4:99:31:de:02:7e: 9c:60:89:aa -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIMKf0jT34TK9e+zrwqIrCqpd8T4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMDIwNVoX DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNANDlhNjNiNTIwZmVjZTcwYTdkMzFj MTRjZGVkMzRlNTA0NzkwZjI0NWMwNjllZDZkZTFlMmY3M2U0MTg1ZmJlODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi32dpIazM5TNwVadb/BLwsIEn7sC YiUFERY0awdXN2mdShOI23fXyqGCnRgKQz4jue1+n8RIAa6GmRKsyNfjAOydRKBZ 07ZWBl+YfD5/ieddA4rIvnhX10ToUY6kUy0qtqMHHEPxQiWg7ZIMN93+eKXegrdx 63hWfqD2OGma/5hUr6Ubm9fCWMBHjeiRCDVU/WQ4WzWyPx4O0V2ixXF0qxgCxG6T r/cdnEudjE7Ku0zZNRQBVrj9NXdLoteEv5s5cXUYAuMPkGYeSh6CAd7eVTc8z9fQ 4nMaChw8VfDse7cS2VHt4okKxJRqdlsoWY/O0U/bJ6uZQXKFSiOje8CVvwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGVLIme1rnICLjjmwSWRc1bHs3mTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y2MDc0NzNjLWI4NDctNGYzMy05Mjg0LWI3NWZlNjcwYmM3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOMAwDQYJKoZIhvcNAQELBQADggEBAE/KmOL8gjJAyEh2IXSk P+ZOE8EPIGedpOKPtPih7h8TSaSn2B/d4kCbMfcbjMPRLG/aRSPQTe+m90cayh/i KI52+42XOYFhHU/u+EINva7T7h1G6FhbmMWlSzlwn1uXxq2iQAiTG+B3Gw0RlMna E62fYMXraVqv+vGtohHCJrU4aZyLU0cC0sesHewTOS4cZsXO5XgeC5v0y2c9TLHm wBD31s7QoNxEJw8eSiZs/c6o9noP4swrdSMiknMYf4ncVIQj4Y5kvS4YrX6pYsYC SXgKva+1X5D+fksp1MOQvP1HBFF0UgIO8FixkVtv8/h3HRazhOmeT9SZMd4Cfpxg iao= -----END CERTIFICATE-----Generated at Thu Jul 31 01:04:00 2025 by rpki-client