$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f7ec8552-7ddb-4978-bb8c-fc97d0625b4c.roa File: f7ec8552-7ddb-4978-bb8c-fc97d0625b4c.roa (raw, json) Hash identifier: PrjFh+YoHRAHFrS1AFKtj/E3tTyuzDg18ZhLbght6GI= Subject key identifier: 05:42:41:AE:14:15:FA:89:25:FE:D8:C8:8D:45:73:7B:3B:0B:BE:23 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5908A9C41C4CAF2B1870F89944A30E9084C8264E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f7ec8552-7ddb-4978-bb8c-fc97d0625b4c.roa Signing time: Mon 28 Jul 2025 15:20:07 +0000 ROA not before: Mon 28 Jul 2025 15:20:07 +0000 ROA not after: Mon 01 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:4020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:08:a9:c4:1c:4c:af:2b:18:70:f8:99:44:a3:0e:90:84:c8:26:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 28 15:20:07 2025 GMT Not After : Sep 1 23:59:59 2025 GMT Subject: serialNumber=467e6540ab4e58d4bd2f91bfe3649dbfc29e1159089bb254b801a344b31ee1c8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:56:52:93:07:d1:78:db:14:6e:44:a0:2d:ae: af:c6:46:7d:7e:bf:a4:d5:91:25:a6:c1:7a:4a:67: 82:a9:1d:6a:61:46:89:2f:b8:84:64:f2:4e:d0:f9: f6:50:f9:59:b4:08:43:27:58:83:d0:95:32:72:b9: 13:92:e8:89:79:9e:77:67:0b:22:be:6c:ee:56:c0: 12:20:a4:b7:61:0b:1f:c1:3e:a4:07:ff:26:2e:72: 4f:38:83:40:39:37:be:9d:23:d9:21:0a:29:f9:05: cd:cc:83:95:71:29:d9:2e:ff:55:82:a1:12:23:3f: 58:4f:4a:a3:a1:d4:37:a1:1e:71:45:88:9c:d7:5b: ad:53:d8:17:40:e0:58:5e:77:a8:7c:68:0c:a6:e3: e1:5b:7b:77:81:25:57:58:9a:d8:8a:42:90:b1:d7: 3c:7f:20:f8:19:34:9d:75:8b:98:03:ec:a9:b6:c6: 70:ca:73:c2:89:7d:c4:d4:de:33:a2:3c:aa:09:71: e2:3c:b6:59:cc:8d:5b:33:f1:4d:ab:91:60:68:45: 53:5a:c9:db:10:e4:a1:22:58:45:09:cd:e2:26:da: 49:7b:74:d0:54:cf:55:0e:3b:b4:31:c1:4f:fc:17: 3c:f6:d7:d8:f8:e7:e9:ef:d3:32:0b:03:4b:97:e6: fb:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:42:41:AE:14:15:FA:89:25:FE:D8:C8:8D:45:73:7B:3B:0B:BE:23 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f7ec8552-7ddb-4978-bb8c-fc97d0625b4c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:4020::/48 Signature Algorithm: sha256WithRSAEncryption 78:78:c8:e6:75:c0:e5:10:f0:e4:79:d2:93:b5:b0:4c:05:58: 83:6b:2c:a9:61:41:d9:97:a9:d4:ea:a1:87:d2:ce:4f:c2:93: 67:8b:90:ae:9a:e2:11:5b:80:48:13:b9:b2:06:ec:67:df:42: 2c:21:55:20:e5:84:c7:35:51:9e:50:29:b0:18:ec:a7:b3:4b: cb:83:af:a2:e0:28:30:bb:44:fc:b5:aa:cb:db:95:25:8a:41: 1c:aa:8d:fe:af:74:70:6e:46:2b:30:2c:da:f6:01:09:82:97: 82:72:89:e5:f8:25:13:3c:cc:26:f5:15:72:ce:dc:54:b5:8d: cb:66:8e:f5:de:ee:45:64:0b:20:1e:5a:4b:55:10:16:15:8c: 2f:e1:f5:66:26:fc:50:01:e1:2d:24:9f:f4:ed:10:47:92:ad: 7c:88:bf:0c:60:87:af:7c:9c:f9:e0:2e:14:1e:21:1c:a3:33: 6b:52:66:46:97:0c:55:9c:88:b4:f4:af:6f:0b:e6:52:a0:aa: 47:70:71:23:5a:07:7a:40:f9:f4:12:4c:30:f5:ec:96:a1:4a: bf:9f:43:30:c0:49:5d:10:b7:da:98:d8:c7:37:d6:bb:b1:99: 68:c2:0c:50:c2:fb:98:a7:90:83:be:43:f5:1e:99:6a:f8:e7: f1:17:11:f0 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWQipxBxMrysYcPiZRKMOkITIJk4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyODE1MjAwN1oX DTI1MDkwMTIzNTk1OVowejFJMEcGA1UEBRNANDY3ZTY1NDBhYjRlNThkNGJkMmY5 MWJmZTM2NDlkYmZjMjllMTE1OTA4OWJiMjU0YjgwMWEzNDRiMzFlZTFjODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFZSkwfReNsUbkSgLa6vxkZ9fr+k 1ZElpsF6SmeCqR1qYUaJL7iEZPJO0Pn2UPlZtAhDJ1iD0JUycrkTkuiJeZ53Zwsi vmzuVsASIKS3YQsfwT6kB/8mLnJPOINAOTe+nSPZIQop+QXNzIOVcSnZLv9VgqES Iz9YT0qjodQ3oR5xRYic11utU9gXQOBYXneofGgMpuPhW3t3gSVXWJrYikKQsdc8 fyD4GTSddYuYA+yptsZwynPCiX3E1N4zojyqCXHiPLZZzI1bM/FNq5FgaEVTWsnb EOShIlhFCc3iJtpJe3TQVM9VDju0McFP/Bc89tfY+Ofp79MyCwNLl+b7ywIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAVCQa4UFfqJJf7YyI1Fc3s7C74jMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y3ZWM4NTUyLTdkZGItNDk3OC1iYjhjLWZjOTdkMDYyNWI0Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOEAgMA0GCSqGSIb3DQEBCwUAA4IBAQB4eMjmdcDlEPDkedKT tbBMBViDayypYUHZl6nU6qGH0s5PwpNni5CumuIRW4BIE7myBuxn30IsIVUg5YTH NVGeUCmwGOyns0vLg6+i4Cgwu0T8tarL25UlikEcqo3+r3RwbkYrMCza9gEJgpeC conl+CUTPMwm9RVyztxUtY3LZo713u5FZAsgHlpLVRAWFYwv4fVmJvxQAeEtJJ/0 7RBHkq18iL8MYIevfJz54C4UHiEcozNrUmZGlwxVnIi09K9vC+ZSoKpHcHEjWgd6 QPn0Ekww9eyWoUq/n0MwwEldELfamNjHN9a7sZlowgxQwvuYp5CDvkP1Hplq+Ofx FxHw -----END CERTIFICATE-----Generated at Thu Jul 31 01:00:17 2025 by rpki-client