$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3eecc85e-c9f3-489a-b550-f7a900d63926.roa File: 3eecc85e-c9f3-489a-b550-f7a900d63926.roa (raw, json) Hash identifier: MmtHDJctQSJLOCT9mdBn8F9S9/ZecwszQY5WzH01NvY= Subject key identifier: AC:41:D2:35:CE:CC:76:AA:6A:AD:84:A3:30:55:15:51:D1:61:FB:56 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7D37B86FEA7933C655E339D1B79D004F9E51FAC8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3eecc85e-c9f3-489a-b550-f7a900d63926.roa Signing time: Sat 23 Aug 2025 00:11:06 +0000 ROA not before: Sat 23 Aug 2025 00:11:06 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:6000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:37:b8:6f:ea:79:33:c6:55:e3:39:d1:b7:9d:00:4f:9e:51:fa:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:11:06 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=31584c235349d4d8adab6da55b47083fea7872882b2ce08c6b2093575eee5099, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:90:00:43:0c:4a:ea:b8:1d:40:96:3f:e3:ae: 94:df:02:0c:75:36:8b:63:6b:f8:76:48:f4:23:29: 7d:59:84:ec:c5:c3:98:6c:7b:0b:0c:51:d5:e6:2b: 4a:e9:3c:c2:2d:e9:a4:18:71:17:d1:1f:ba:62:82: 6e:d8:e9:09:f4:dc:4a:cb:4b:9a:c4:7d:31:af:bd: e5:76:44:e2:ed:27:71:53:3a:f7:23:97:54:96:47: 37:bc:d8:d2:5c:4f:b7:6d:4c:f9:e3:d4:84:fe:35: ea:78:53:06:2d:3e:be:4b:8a:37:8b:6b:36:99:bd: 2b:2b:2a:6a:4b:2a:dd:90:9e:e8:10:39:e7:74:e1: 69:7e:18:51:d0:bd:21:27:b5:79:2b:d0:5b:56:bb: 1c:d3:7c:f7:ec:b1:eb:89:ce:dd:c1:7a:2d:41:fa: e8:7a:5c:b1:b0:65:c7:30:7f:a0:48:30:c3:28:dc: a9:ef:b6:26:df:28:aa:4e:ab:6c:63:ab:c5:a5:bc: b4:44:e2:d7:9c:d8:4b:fe:cf:5e:f0:d6:2b:b0:50: a2:12:2e:a1:ac:51:5a:23:73:44:16:e1:f6:70:55: 77:ec:52:01:09:8d:43:53:bf:ed:b4:da:33:57:17: f2:de:07:87:6c:ce:aa:05:2d:62:2f:2f:86:f4:b2: 56:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:41:D2:35:CE:CC:76:AA:6A:AD:84:A3:30:55:15:51:D1:61:FB:56 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3eecc85e-c9f3-489a-b550-f7a900d63926.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:6000::/40 Signature Algorithm: sha256WithRSAEncryption 4e:56:28:2e:a7:ab:b7:71:42:81:b1:85:ad:bd:18:4c:6c:18: 26:fe:c7:02:ce:b0:59:49:52:ca:02:19:92:c9:34:82:aa:ec: 21:4b:87:e2:fd:6f:5d:78:d5:de:0f:2a:03:d1:f5:8b:99:62: 48:a9:77:19:f5:c4:62:34:a6:07:5b:b2:07:a6:d4:aa:1d:75: ec:ea:bc:16:d1:c0:9f:72:46:c6:9f:9f:e2:a2:6e:f6:b5:b2: b5:4f:b2:d8:87:ba:90:fa:50:fc:db:64:0e:83:80:14:8f:96: 79:73:46:fc:36:62:a4:74:dd:11:51:09:43:24:31:38:17:45: 24:b6:92:4d:f2:f9:84:2c:15:2a:db:79:e9:83:13:9f:12:40: 56:33:bd:e0:bb:f6:67:79:49:e9:01:f0:98:5e:bc:17:56:75: a0:c8:1f:16:b5:ae:03:25:f6:ba:ef:2f:f0:c3:0f:86:f9:05: a4:d2:27:0e:45:90:0a:0d:4c:40:6d:df:b1:49:ba:94:c4:69: 6f:c2:f0:2d:17:5f:99:55:38:fa:ed:cd:52:93:85:76:4f:56: b1:f7:ee:76:e0:83:e2:ef:7a:59:ab:33:e0:25:2c:4c:90:73: 48:ce:4b:01:e9:89:0b:9d:a2:1d:10:ad:03:18:fc:95:42:73: f6:f3:91:36 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfTe4b+p5M8ZV4znRt50AT55R+sgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMTEwNloX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAMzE1ODRjMjM1MzQ5ZDRkOGFkYWI2 ZGE1NWI0NzA4M2ZlYTc4NzI4ODJiMmNlMDhjNmIyMDkzNTc1ZWVlNTA5OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspAAQwxK6rgdQJY/466U3wIMdTaL Y2v4dkj0Iyl9WYTsxcOYbHsLDFHV5itK6TzCLemkGHEX0R+6YoJu2OkJ9NxKy0ua xH0xr73ldkTi7SdxUzr3I5dUlkc3vNjSXE+3bUz549SE/jXqeFMGLT6+S4o3i2s2 mb0rKypqSyrdkJ7oEDnndOFpfhhR0L0hJ7V5K9BbVrsc03z37LHric7dwXotQfro elyxsGXHMH+gSDDDKNyp77Ym3yiqTqtsY6vFpby0ROLXnNhL/s9e8NYrsFCiEi6h rFFaI3NEFuH2cFV37FIBCY1DU7/ttNozVxfy3geHbM6qBS1iLy+G9LJWRQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKxB0jXOzHaqaq2EozBVFVHRYftWMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNlZWNjODVlLWM5ZjMtNDg5YS1iNTUwLWY3YTkwMGQ2MzkyNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8mAwDQYJKoZIhvcNAQELBQADggEBAE5WKC6nq7dxQoGxha29 GExsGCb+xwLOsFlJUsoCGZLJNIKq7CFLh+L9b1141d4PKgPR9YuZYkipdxn1xGI0 pgdbsgem1KoddezqvBbRwJ9yRsafn+Kibva1srVPstiHupD6UPzbZA6DgBSPlnlz Rvw2YqR03RFRCUMkMTgXRSS2kk3y+YQsFSrbeemDE58SQFYzveC79md5SekB8Jhe vBdWdaDIHxa1rgMl9rrvL/DDD4b5BaTSJw5FkAoNTEBt37FJupTEaW/C8C0XX5lV OPrtzVKThXZPVrH37nbgg+LvelmrM+AlLEyQc0jOSwHpiQudoh0QrQMY/JVCc/bz kTY= -----END CERTIFICATE-----Generated at Sat Aug 23 12:09:06 2025 by rpki-client