$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fd0ac6ba-e775-4f86-853e-f467879f4e6c.roa File: fd0ac6ba-e775-4f86-853e-f467879f4e6c.roa (raw, json) Hash identifier: hEVFDDraimmvE7CeM7utJ6B3ss4t0nCQGEm5NUIov5I= Subject key identifier: 02:EF:6A:09:11:EF:FE:16:50:98:D6:11:D4:3A:61:D1:CC:89:49:5C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7FB43A4F600398AFE548FB06F43374DE70157AB4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fd0ac6ba-e775-4f86-853e-f467879f4e6c.roa Signing time: Mon 21 Jul 2025 15:20:15 +0000 ROA not before: Mon 21 Jul 2025 15:20:15 +0000 ROA not after: Mon 25 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:b4:3a:4f:60:03:98:af:e5:48:fb:06:f4:33:74:de:70:15:7a:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 21 15:20:15 2025 GMT Not After : Aug 25 23:59:59 2025 GMT Subject: serialNumber=eb1c4795db322b52f1794be51073c8ad16fbb8af9ebedee5b49092c4df5cbb31, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:9a:7b:19:3c:4a:26:43:03:e4:c3:63:09:b4: 86:23:52:99:c4:ff:b7:ec:21:26:da:15:6e:9f:0a: aa:a7:81:65:da:a1:47:58:f4:66:4c:5d:1b:54:1b: de:41:81:89:89:46:41:fe:e6:11:47:9f:7e:63:2d: a8:1c:5e:e2:13:92:88:30:23:d5:1d:7f:a3:a4:74: f4:12:3a:cc:d4:2d:0e:9f:04:34:a7:0c:c1:71:4e: 32:aa:d3:f4:10:0e:8b:e6:19:de:53:5b:bb:6d:00: 67:fb:61:55:d1:4a:70:63:3a:02:41:52:bf:6b:c5: d1:a9:b2:a9:64:80:cb:93:68:15:3d:44:cb:49:b9: df:3e:5b:32:9c:bc:ce:97:29:dc:8e:a4:66:d2:51: 0d:34:48:14:24:5c:98:34:46:19:3f:4f:32:27:49: 1f:b4:21:56:9e:20:16:a4:ac:82:17:54:87:70:7b: 3c:c7:62:fb:8c:68:cb:45:30:8b:e5:fb:d1:62:1f: a2:43:8b:93:e2:db:87:78:6f:48:23:1b:33:b7:ca: 8a:39:d2:1f:a1:ae:4e:f8:6e:08:55:44:9a:ef:f5: 6b:74:53:75:56:72:97:a6:28:39:d9:d6:19:bc:00: 0e:2f:1e:de:0d:97:5e:15:54:11:10:a1:eb:19:69: 62:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:EF:6A:09:11:EF:FE:16:50:98:D6:11:D4:3A:61:D1:CC:89:49:5C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fd0ac6ba-e775-4f86-853e-f467879f4e6c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:9000::/40 Signature Algorithm: sha256WithRSAEncryption 9a:5d:dd:0e:83:43:14:48:a3:6b:ac:53:ba:ea:17:3c:fb:52: 09:5c:51:6c:f9:1e:88:f1:d2:62:50:73:cc:e5:72:eb:95:8d: f0:e9:97:23:b8:d5:14:13:b5:01:06:99:bc:bf:05:ed:7e:bb: 3e:0d:30:a0:69:99:02:fc:d1:fa:dc:10:4f:31:33:1c:bd:b2: 25:64:25:fd:2f:47:a3:2f:f8:1b:2d:d7:eb:e4:da:7f:a6:93: e4:11:51:07:da:b5:05:15:a7:dc:d3:f9:8a:6b:21:c3:4c:4d: f5:5e:ca:7f:b9:94:70:f7:f1:41:8f:79:b4:a8:73:fb:66:d0: 13:eb:aa:2a:6f:e7:67:b8:fa:30:eb:93:1c:e8:49:70:2e:92: ee:66:05:16:3e:63:e8:73:5d:c7:a9:95:39:8f:d6:30:a0:34: 42:8c:9b:b4:de:80:81:d6:28:2f:1f:f1:9e:50:c5:be:c3:e6: 25:58:18:02:ea:0d:8b:e6:1e:1c:9d:03:60:c1:79:3b:a8:fb: 1b:f8:cf:97:b1:c4:cc:f3:ef:c6:46:46:d7:bf:84:32:2b:2b: c1:d4:6b:d5:e9:fd:c3:d1:01:da:05:af:f2:2c:3a:12:4f:7e: 60:a2:fc:cc:fd:cc:67:65:cc:fe:f8:97:fb:25:89:1f:53:39: df:13:e1:c5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUf7Q6T2ADmK/lSPsG9DN03nAVerQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMTE1MjAxNVoX DTI1MDgyNTIzNTk1OVowejFJMEcGA1UEBRNAZWIxYzQ3OTVkYjMyMmI1MmYxNzk0 YmU1MTA3M2M4YWQxNmZiYjhhZjllYmVkZWU1YjQ5MDkyYzRkZjVjYmIzMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppp7GTxKJkMD5MNjCbSGI1KZxP+3 7CEm2hVunwqqp4Fl2qFHWPRmTF0bVBveQYGJiUZB/uYRR59+Yy2oHF7iE5KIMCPV HX+jpHT0EjrM1C0OnwQ0pwzBcU4yqtP0EA6L5hneU1u7bQBn+2FV0UpwYzoCQVK/ a8XRqbKpZIDLk2gVPUTLSbnfPlsynLzOlyncjqRm0lENNEgUJFyYNEYZP08yJ0kf tCFWniAWpKyCF1SHcHs8x2L7jGjLRTCL5fvRYh+iQ4uT4tuHeG9IIxszt8qKOdIf oa5O+G4IVUSa7/VrdFN1VnKXpig52dYZvAAOLx7eDZdeFVQREKHrGWliBQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFALvagkR7/4WUJjWEdQ6YdHMiUlcMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZkMGFjNmJhLWU3NzUtNGY4Ni04NTNlLWY0Njc4NzlmNGU2Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauJAwDQYJKoZIhvcNAQELBQADggEBAJpd3Q6DQxRIo2usU7rq Fzz7UglcUWz5Hojx0mJQc8zlcuuVjfDplyO41RQTtQEGmby/Be1+uz4NMKBpmQL8 0frcEE8xMxy9siVkJf0vR6Mv+Bst1+vk2n+mk+QRUQfatQUVp9zT+YprIcNMTfVe yn+5lHD38UGPebSoc/tm0BPrqipv52e4+jDrkxzoSXAuku5mBRY+Y+hzXceplTmP 1jCgNEKMm7TegIHWKC8f8Z5Qxb7D5iVYGALqDYvmHhydA2DBeTuo+xv4z5exxMzz 78ZGRte/hDIrK8HUa9Xp/cPRAdoFr/IsOhJPfmCi/Mz9zGdlzP74l/sliR9TOd8T 4cU= -----END CERTIFICATE-----Generated at Thu Jul 31 00:58:22 2025 by rpki-client