$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f872164c-416d-44ed-81ce-172f02efdfbf.roa File: f872164c-416d-44ed-81ce-172f02efdfbf.roa (raw, json) Hash identifier: Jn4H18oqzuJmw69n4oVJByehVUhmIQTuOjOEVYreqsw= Subject key identifier: B1:3C:EB:EC:6F:4D:A0:AB:2C:57:BB:F1:6A:79:82:4F:86:6A:9D:21 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 37A410A18C9B6CD256E4DCA4C85AFDB13C44260F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f872164c-416d-44ed-81ce-172f02efdfbf.roa Signing time: Tue 22 Jul 2025 00:00:39 +0000 ROA not before: Tue 22 Jul 2025 00:00:39 +0000 ROA not after: Tue 26 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da26::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:a4:10:a1:8c:9b:6c:d2:56:e4:dc:a4:c8:5a:fd:b1:3c:44:26:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 22 00:00:39 2025 GMT Not After : Aug 26 23:59:59 2025 GMT Subject: serialNumber=c52657d2ea4d5629dd3ae13a980fce34af24c9c6d537f6a69ac61861818ee2ca, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:5d:8b:1a:11:66:71:a8:4c:50:bf:49:3b:f9: ce:fb:08:4a:83:db:b4:6a:cf:cc:10:02:67:e8:81: 07:87:61:21:78:fb:ff:e0:47:02:ab:26:49:df:c6: de:b3:0d:97:15:1f:7c:6e:72:4f:9d:4b:fa:88:3e: 86:34:95:c5:2d:fb:32:96:a0:c6:c7:26:0d:b1:55: a6:e2:c3:47:8f:f2:b5:31:b4:8a:7f:c0:1a:ce:99: 67:b1:ac:04:d9:44:a6:7b:ff:e0:ad:60:5b:38:b5: 39:ac:19:91:f4:80:e2:71:17:c7:b0:99:f5:a1:ae: 13:69:90:3f:1e:e8:8f:5c:e9:74:b8:1e:35:34:0a: 8a:97:2f:8c:1e:9a:ba:10:7d:dd:a2:1b:22:19:16: a3:4e:47:d5:72:15:95:57:e9:45:12:31:58:8d:f5: d4:6c:cd:0e:32:a1:68:73:c4:f8:27:0b:97:2d:ab: dc:1a:62:0b:36:31:08:11:82:d1:8c:40:d0:64:47: d9:36:05:0e:6f:df:5a:ca:b3:8f:3a:28:d7:4c:07: c0:a4:4e:e4:c2:6d:80:5c:64:5b:4b:87:db:61:87: f1:b2:a7:71:93:5f:99:be:09:35:b6:d2:71:87:f0: 7e:f2:7a:cd:cb:6d:a9:54:08:5c:58:90:7d:c1:51: 68:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:3C:EB:EC:6F:4D:A0:AB:2C:57:BB:F1:6A:79:82:4F:86:6A:9D:21 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f872164c-416d-44ed-81ce-172f02efdfbf.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da26::/36 Signature Algorithm: sha256WithRSAEncryption c2:eb:4b:f6:e5:c2:ca:ec:48:30:13:fa:97:c8:d1:ca:ce:85: 21:92:4e:d4:bc:12:71:56:72:6d:70:99:04:09:f8:37:72:df: c8:b7:49:62:cb:16:bf:0d:df:90:65:1d:4b:2f:4a:8d:4a:c1: 63:e8:ab:6a:eb:35:df:fc:99:20:c0:1c:77:d6:b7:89:8a:64: 58:bd:8b:15:d0:a6:fc:73:94:eb:a6:33:5a:34:6f:a8:66:52: d6:63:39:35:51:30:f2:a2:45:f2:91:1b:b9:b4:04:fb:74:a7: 9b:d3:2f:4a:9a:c1:c4:11:cf:01:4b:67:78:66:8a:06:42:87: 8c:b9:88:8f:77:85:0d:f9:5f:ce:64:88:89:d7:e4:84:1b:5e: d9:e8:2c:11:ec:99:ed:1a:ce:26:a2:d6:b3:06:bb:0a:79:73: fd:db:c8:3c:98:54:b8:10:c9:da:08:db:c3:f4:3e:f3:77:97: c3:07:ab:48:ff:ee:f9:a7:e9:53:d2:7f:00:cd:88:75:5c:a3: 50:ee:df:e9:6e:52:f6:64:a0:8e:c1:44:0f:81:ad:4f:21:1d: bb:97:95:b7:f9:e8:2b:e0:73:fc:0d:44:5d:2e:8e:91:ab:67: bc:6f:ac:2a:30:a5:db:04:03:a5:6d:61:c2:16:3c:57:0e:9f: 42:62:89:e9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUN6QQoYybbNJW5NykyFr9sTxEJg8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMjAwMDAzOVoX DTI1MDgyNjIzNTk1OVowejFJMEcGA1UEBRNAYzUyNjU3ZDJlYTRkNTYyOWRkM2Fl MTNhOTgwZmNlMzRhZjI0YzljNmQ1MzdmNmE2OWFjNjE4NjE4MThlZTJjYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwV2LGhFmcahMUL9JO/nO+whKg9u0 as/MEAJn6IEHh2EhePv/4EcCqyZJ38besw2XFR98bnJPnUv6iD6GNJXFLfsylqDG xyYNsVWm4sNHj/K1MbSKf8AazplnsawE2USme//grWBbOLU5rBmR9IDicRfHsJn1 oa4TaZA/HuiPXOl0uB41NAqKly+MHpq6EH3dohsiGRajTkfVchWVV+lFEjFYjfXU bM0OMqFoc8T4JwuXLavcGmILNjEIEYLRjEDQZEfZNgUOb99ayrOPOijXTAfApE7k wm2AXGRbS4fbYYfxsqdxk1+Zvgk1ttJxh/B+8nrNy22pVAhcWJB9wVFoxwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLE86+xvTaCrLFe78Wp5gk+Gap0hMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y4NzIxNjRjLTQxNmQtNDRlZC04MWNlLTE3MmYwMmVmZGZiZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaJgAwDQYJKoZIhvcNAQELBQADggEBAMLrS/blwsrsSDAT+pfI 0crOhSGSTtS8EnFWcm1wmQQJ+Ddy38i3SWLLFr8N35BlHUsvSo1KwWPoq2rrNd/8 mSDAHHfWt4mKZFi9ixXQpvxzlOumM1o0b6hmUtZjOTVRMPKiRfKRG7m0BPt0p5vT L0qawcQRzwFLZ3hmigZCh4y5iI93hQ35X85kiInX5IQbXtnoLBHsme0aziai1rMG uwp5c/3byDyYVLgQydoI28P0PvN3l8MHq0j/7vmn6VPSfwDNiHVco1Du3+luUvZk oI7BRA+BrU8hHbuXlbf56Cvgc/wNRF0ujpGrZ7xvrCowpdsEA6VtYcIWPFcOn0Ji iek= -----END CERTIFICATE-----Generated at Thu Jul 31 01:02:32 2025 by rpki-client