$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fbed307e-fbcc-427b-978f-d6f6d64a91c6.roa File: fbed307e-fbcc-427b-978f-d6f6d64a91c6.roa (raw, json) Hash identifier: lHqhZuBnw0zRfm7t0no98pfRhnjoJ8cwmlpd2KEk1L4= Subject key identifier: 05:83:0A:3F:D2:E8:3A:0E:47:5E:D2:E3:82:20:FD:96:4C:33:08:45 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4AEED394D77B72EF63B69E451252AE699D41DBF1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fbed307e-fbcc-427b-978f-d6f6d64a91c6.roa Signing time: Mon 07 Jul 2025 15:01:02 +0000 ROA not before: Mon 07 Jul 2025 15:01:02 +0000 ROA not after: Mon 11 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:ee:d3:94:d7:7b:72:ef:63:b6:9e:45:12:52:ae:69:9d:41:db:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 7 15:01:02 2025 GMT Not After : Aug 11 23:59:59 2025 GMT Subject: serialNumber=fc88cc27e9a9c5b00660add4e7b457f2a1fb29955c4a0c06f05cc6a4397b8301, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:3b:5c:32:b1:ac:ab:df:ec:44:53:00:32:11: 85:15:9f:07:3f:8e:a1:a2:3f:0c:37:49:5c:68:37: 22:03:72:cf:32:9a:10:e0:68:01:03:44:23:9e:fc: 5e:0c:93:20:86:dc:4d:5f:96:90:1b:76:ac:11:da: 45:bb:75:33:c0:30:9c:60:59:df:e0:c1:49:0c:9d: f0:e9:e8:e1:ac:c2:50:bf:aa:1a:7c:19:08:1d:5c: 78:76:ee:93:0a:41:7c:25:2f:cd:2d:58:b1:ea:04: 30:27:0c:3f:d1:d4:45:ae:35:71:3e:da:e4:9f:06: 6b:78:fb:ac:73:23:cb:04:61:19:d1:8e:0c:8b:9d: 5c:b5:54:ea:02:0e:14:2f:5d:af:34:58:f2:d1:fa: 9f:d7:f9:a8:4f:ad:80:49:97:51:21:dd:97:37:5c: 0b:47:83:99:6b:46:bb:12:b6:c0:01:16:a6:55:19: c7:22:dd:c4:e0:46:34:d6:dd:01:4d:a4:8f:5f:58: d5:ab:9f:c1:70:2f:02:58:71:34:15:7c:b0:dc:85: 20:30:78:b7:93:6b:08:b7:c4:7d:31:99:5d:97:5f: 8c:4f:e5:1f:2d:69:e1:0e:04:d8:e8:d8:05:a3:ab: 4a:29:9b:9d:30:87:fb:bf:be:46:cf:74:4f:9d:5f: 99:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:83:0A:3F:D2:E8:3A:0E:47:5E:D2:E3:82:20:FD:96:4C:33:08:45 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fbed307e-fbcc-427b-978f-d6f6d64a91c6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:a000::/40 Signature Algorithm: sha256WithRSAEncryption 76:d4:97:07:49:d8:36:2f:aa:96:07:d3:b3:18:11:71:bc:47: 08:a7:2c:0a:25:f8:5e:ae:82:ed:95:61:04:d7:dc:5d:cc:e1: b7:0e:97:25:a2:f3:d7:d4:c3:bf:66:14:d6:b9:8c:5b:81:08: 59:93:9c:d6:b8:b8:75:1f:f7:ed:cb:09:b9:75:f0:92:ce:87: 70:0f:7f:9d:84:22:e8:b2:63:e7:9c:fb:ad:a2:27:39:77:71: 75:50:71:99:66:84:f9:91:7a:04:15:84:bf:85:0e:68:e0:d3: 25:95:79:a1:5b:99:fa:6b:77:2e:b2:9e:97:ec:9b:78:5b:d1: 96:55:1d:a5:52:34:11:ed:6c:be:d3:66:43:d2:12:d8:18:e2: 8e:7f:f1:ee:d6:88:bf:2f:6b:b6:bf:b9:f4:9a:40:4b:91:cb: fb:b6:27:61:25:83:0a:86:46:e2:8a:b8:89:68:97:eb:d3:66: 24:75:64:f8:60:3f:e4:9c:3e:e8:ef:82:12:5d:35:a2:f1:2b: 7c:e9:01:ef:ee:9e:46:1a:37:38:46:7f:92:c3:24:5f:11:56: e6:2d:9e:5a:a7:42:d8:1a:11:a3:6e:60:65:20:34:6e:cd:16: 1d:b8:c8:bd:c9:8d:46:05:d8:ae:8b:1c:5e:d3:7d:19:a4:61: bf:d6:a6:aa -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSu7TlNd7cu9jtp5FElKuaZ1B2/EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE1MDEwMloX DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAZmM4OGNjMjdlOWE5YzViMDA2NjBh ZGQ0ZTdiNDU3ZjJhMWZiMjk5NTVjNGEwYzA2ZjA1Y2M2YTQzOTdiODMwMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDtcMrGsq9/sRFMAMhGFFZ8HP46h oj8MN0lcaDciA3LPMpoQ4GgBA0QjnvxeDJMghtxNX5aQG3asEdpFu3UzwDCcYFnf 4MFJDJ3w6ejhrMJQv6oafBkIHVx4du6TCkF8JS/NLVix6gQwJww/0dRFrjVxPtrk nwZrePuscyPLBGEZ0Y4Mi51ctVTqAg4UL12vNFjy0fqf1/moT62ASZdRId2XN1wL R4OZa0a7ErbAARamVRnHIt3E4EY01t0BTaSPX1jVq5/BcC8CWHE0FXyw3IUgMHi3 k2sIt8R9MZldl1+MT+UfLWnhDgTY6NgFo6tKKZudMIf7v75Gz3RPnV+ZIwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAWDCj/S6DoOR17S44Ig/ZZMMwhFMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZiZWQzMDdlLWZiY2MtNDI3Yi05NzhmLWQ2ZjZkNjRhOTFjNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacKAwDQYJKoZIhvcNAQELBQADggEBAHbUlwdJ2DYvqpYH07MY EXG8RwinLAol+F6ugu2VYQTX3F3M4bcOlyWi89fUw79mFNa5jFuBCFmTnNa4uHUf 9+3LCbl18JLOh3APf52EIuiyY+ec+62iJzl3cXVQcZlmhPmRegQVhL+FDmjg0yWV eaFbmfprdy6ynpfsm3hb0ZZVHaVSNBHtbL7TZkPSEtgY4o5/8e7WiL8va7a/ufSa QEuRy/u2J2ElgwqGRuKKuIlol+vTZiR1ZPhgP+ScPujvghJdNaLxK3zpAe/unkYa NzhGf5LDJF8RVuYtnlqnQtgaEaNuYGUgNG7NFh24yL3JjUYF2K6LHF7TfRmkYb/W pqo= -----END CERTIFICATE-----Generated at Thu Jul 31 00:58:51 2025 by rpki-client