$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7003e8a9-a5a4-4137-b172-46c06da76822.roa File: 7003e8a9-a5a4-4137-b172-46c06da76822.roa (raw, json) Hash identifier: aDbOLo/DKw3vzrLocoT4gYzSbgJ/8XATGNarr9Yn6bk= Subject key identifier: 11:6C:E3:7C:7A:F2:94:45:D3:B2:BE:4E:95:09:62:93:D3:8D:EA:28 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0C308846DBF94A893F12ED063AD3571C416A4D58 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7003e8a9-a5a4-4137-b172-46c06da76822.roa Signing time: Sat 28 Jun 2025 00:00:46 +0000 ROA not before: Sat 28 Jun 2025 00:00:46 +0000 ROA not after: Sat 02 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:30:88:46:db:f9:4a:89:3f:12:ed:06:3a:d3:57:1c:41:6a:4d:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 28 00:00:46 2025 GMT Not After : Aug 2 23:59:59 2025 GMT Subject: serialNumber=ab96aca78562d2ffe18e8278e5e48734c2b549cd604b33d808d82164fde768ca, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:5f:96:6e:50:7d:8e:62:0e:ec:bd:1e:1e:4a: d0:a0:ec:d7:6b:43:5a:cd:94:8e:7b:3f:ae:fc:b3: 8b:d2:bf:29:20:39:cd:f4:ad:64:b3:c0:4f:24:32: ad:2b:33:5e:33:94:e4:70:92:98:3c:0c:55:67:ec: 32:24:a4:42:c5:3a:e0:5b:86:ae:04:fc:62:19:96: dc:aa:ef:50:f3:ab:32:ef:8b:48:00:bf:7e:f6:52: 98:f6:f3:ae:43:6f:2e:a2:56:de:2b:d5:e1:ae:f8: 9d:5c:aa:0d:80:2c:6f:fe:5b:7e:65:7c:c2:83:4c: ce:57:45:4e:02:e8:bf:09:c8:81:42:56:de:3d:31: df:90:6e:ef:97:8e:9c:7b:a5:43:ff:68:b8:a5:18: 34:72:a7:85:95:f5:22:9d:1a:6e:c8:87:8f:f7:09: 88:d7:4f:97:1d:5a:0f:c9:f3:12:03:22:c0:91:b7: 61:10:76:ed:93:90:af:db:ae:70:b9:85:79:b3:57: aa:96:c1:bb:da:04:84:83:9d:dd:dc:1d:fa:9d:07: a1:db:5a:03:58:9d:56:02:20:d3:29:83:c8:bc:cd: 16:55:71:ea:89:91:66:a2:70:29:b8:26:c1:a4:32: a7:af:50:3b:bd:ae:c0:1d:b6:47:38:90:cc:ac:22: b3:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:6C:E3:7C:7A:F2:94:45:D3:B2:BE:4E:95:09:62:93:D3:8D:EA:28 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7003e8a9-a5a4-4137-b172-46c06da76822.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:8800::/40 Signature Algorithm: sha256WithRSAEncryption a4:b6:ba:5a:3e:61:cd:38:30:61:b2:11:ce:e7:64:da:4b:11: 64:50:20:f2:34:eb:8d:24:b5:0a:39:36:ac:3a:ed:45:01:cb: 5c:e9:d7:b7:4c:12:2b:98:12:f1:a0:f9:b1:8e:99:56:b9:98: ae:31:16:5b:03:ae:57:01:06:19:16:92:ed:11:8a:4c:e6:9a: 78:bb:ca:eb:37:96:f4:8c:3c:2a:76:34:70:25:d4:1e:b7:22: b4:a3:35:e7:09:34:cb:df:44:ef:e0:9f:5e:7a:50:32:e5:75: 0a:c8:1e:58:15:ea:c5:f2:81:c2:9d:b2:c9:90:0a:4b:d1:7f: 6b:61:61:52:ff:0c:54:58:b3:d5:13:6d:cd:e6:0c:97:7c:51: 25:15:76:90:be:ee:ce:5f:ce:9e:ba:6b:ad:70:8b:d3:fb:6a: bb:a4:af:39:bf:06:f0:eb:14:be:3b:69:51:af:af:15:24:e8: 71:20:38:e0:85:3c:2c:22:37:23:ad:ea:d5:99:70:23:16:06: e9:7c:18:41:a1:8d:c1:be:e3:96:48:a1:cf:fe:f4:89:ee:db: 7c:d2:c6:af:fb:60:5a:49:97:39:a2:13:3a:3f:28:cc:e7:74: e4:99:a2:4a:76:16:20:68:54:b2:d2:dd:86:8b:a6:49:64:44: d8:21:41:42 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDDCIRtv5Sok/Eu0GOtNXHEFqTVgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyODAwMDA0NloX DTI1MDgwMjIzNTk1OVowejFJMEcGA1UEBRNAYWI5NmFjYTc4NTYyZDJmZmUxOGU4 Mjc4ZTVlNDg3MzRjMmI1NDljZDYwNGIzM2Q4MDhkODIxNjRmZGU3NjhjYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwV+WblB9jmIO7L0eHkrQoOzXa0Na zZSOez+u/LOL0r8pIDnN9K1ks8BPJDKtKzNeM5TkcJKYPAxVZ+wyJKRCxTrgW4au BPxiGZbcqu9Q86sy74tIAL9+9lKY9vOuQ28uolbeK9XhrvidXKoNgCxv/lt+ZXzC g0zOV0VOAui/CciBQlbePTHfkG7vl46ce6VD/2i4pRg0cqeFlfUinRpuyIeP9wmI 10+XHVoPyfMSAyLAkbdhEHbtk5Cv265wuYV5s1eqlsG72gSEg53d3B36nQeh21oD WJ1WAiDTKYPIvM0WVXHqiZFmonApuCbBpDKnr1A7va7AHbZHOJDMrCKzqQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBFs43x68pRF07K+TpUJYpPTjeooMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcwMDNlOGE5LWE1YTQtNDEzNy1iMTcyLTQ2YzA2ZGE3NjgyMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauYgwDQYJKoZIhvcNAQELBQADggEBAKS2ulo+Yc04MGGyEc7n ZNpLEWRQIPI0640ktQo5Nqw67UUBy1zp17dMEiuYEvGg+bGOmVa5mK4xFlsDrlcB BhkWku0Rikzmmni7yus3lvSMPCp2NHAl1B63IrSjNecJNMvfRO/gn156UDLldQrI HlgV6sXygcKdssmQCkvRf2thYVL/DFRYs9UTbc3mDJd8USUVdpC+7s5fzp66a61w i9P7arukrzm/BvDrFL47aVGvrxUk6HEgOOCFPCwiNyOt6tWZcCMWBul8GEGhjcG+ 45ZIoc/+9Inu23zSxq/7YFpJlzmiEzo/KMzndOSZokp2FiBoVLLS3YaLpklkRNgh QUI= -----END CERTIFICATE-----Generated at Sun Jun 29 09:25:12 2025 by rpki-client