$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7cd5b76a-f059-475f-8d7b-4f8745f355e3.roa File: 7cd5b76a-f059-475f-8d7b-4f8745f355e3.roa (raw, json) Hash identifier: aWG4ysVjsZHVvU5GaegspDWRa++Ocyn1l1gwfn++TM0= Subject key identifier: EC:37:1F:3F:51:CF:0E:22:C1:45:75:DE:A3:D3:54:AA:D0:7C:A7:77 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 13E8C125A9AA5EC42406266C79252A6819F2BC2E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7cd5b76a-f059-475f-8d7b-4f8745f355e3.roa Signing time: Sat 28 Jun 2025 00:00:08 +0000 ROA not before: Sat 28 Jun 2025 00:00:08 +0000 ROA not after: Sat 02 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:e8:c1:25:a9:aa:5e:c4:24:06:26:6c:79:25:2a:68:19:f2:bc:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 28 00:00:08 2025 GMT Not After : Aug 2 23:59:59 2025 GMT Subject: serialNumber=f907095628996c814bddba218ffdf089917cdaec1510ac06418ec394df85d5ed, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:c7:95:6c:e3:49:9f:83:56:d7:8c:af:5b:00: d1:b4:90:b6:9c:1c:d0:71:a2:1f:3a:a3:4d:1d:52: b9:c1:bd:7e:82:93:59:90:7b:d9:87:2c:c5:97:f6: 2d:33:63:4c:bc:80:eb:b6:ce:1c:ec:32:69:cc:97: f9:c7:ac:3d:97:1f:dc:bc:39:8b:27:94:c6:d8:a2: 97:36:c8:b2:a8:fa:06:db:38:28:35:cb:31:0c:d1: a9:1c:db:6c:7b:16:62:e8:f3:f7:6c:e4:61:33:28: 81:2d:4a:16:89:23:8f:69:b3:8f:9c:ec:d5:f4:21: ee:de:2c:70:25:23:9d:42:4d:8b:52:52:83:76:1c: 88:16:da:4b:69:87:d9:d2:b1:d4:a2:bf:64:ec:a8: 49:40:d7:a1:46:0c:ef:d3:95:e4:07:4f:2c:54:1f: 83:56:2a:15:35:3f:9b:48:f0:0b:dc:bd:c4:02:73: a7:55:5b:d6:3d:0e:50:5a:e8:89:79:60:af:d7:a8: 2e:c9:66:84:2e:0f:37:1b:71:d0:ba:33:ab:58:af: 11:5b:c5:be:de:f1:5f:3a:ac:44:6d:74:90:e6:1b: a1:8f:97:25:cc:58:47:ba:ec:1b:ee:00:ff:98:9c: b8:c4:bc:5b:3a:29:c4:a2:4b:e5:c2:fa:4f:37:db: 1e:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:37:1F:3F:51:CF:0E:22:C1:45:75:DE:A3:D3:54:AA:D0:7C:A7:77 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7cd5b76a-f059-475f-8d7b-4f8745f355e3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:7000::/40 Signature Algorithm: sha256WithRSAEncryption 6c:2f:95:09:92:ce:a0:83:b3:c8:fc:9a:30:9d:c7:f4:a4:b6: ff:6b:50:3d:14:f0:13:a0:49:aa:eb:71:b5:f0:c0:f1:72:86: 10:a8:1c:aa:40:13:c2:32:ad:ac:ac:95:38:67:45:20:a8:d3: da:a3:d6:f9:6a:5b:38:af:a1:d6:49:3e:92:61:43:35:03:f9: 31:e1:7b:dd:60:c3:9f:32:cd:12:b4:2c:1b:2c:01:75:00:5e: 79:df:4b:02:aa:61:7d:c9:0e:bf:c9:63:5d:2d:b2:f7:e8:df: 5b:42:c4:2a:c3:0e:5b:19:95:6a:35:cb:53:29:28:03:2c:49: 34:0e:71:9c:b9:8a:91:89:8b:03:01:59:76:2c:ab:c8:b5:92: 19:60:8f:56:d5:96:04:76:61:78:b0:d5:25:aa:2b:29:e9:8d: 65:d8:ae:0c:f4:fa:31:f6:ff:be:39:20:c0:20:60:2a:10:c3: 53:b6:07:d7:ab:8b:ff:a9:a2:ec:6f:e8:99:2e:f8:f8:45:0a: 2e:0f:4a:b4:7c:c3:79:f0:9a:67:5d:7c:c3:f0:e9:45:e3:f8: d6:dd:49:fe:3b:18:f7:00:0e:0d:25:77:93:fb:f3:2d:f4:e1: 91:9b:d9:a8:dd:81:0f:ee:99:82:3c:31:81:95:fe:03:7f:26: 0e:04:ac:32 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUE+jBJamqXsQkBiZseSUqaBnyvC4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyODAwMDAwOFoX DTI1MDgwMjIzNTk1OVowejFJMEcGA1UEBRNAZjkwNzA5NTYyODk5NmM4MTRiZGRi YTIxOGZmZGYwODk5MTdjZGFlYzE1MTBhYzA2NDE4ZWMzOTRkZjg1ZDVlZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoceVbONJn4NW14yvWwDRtJC2nBzQ caIfOqNNHVK5wb1+gpNZkHvZhyzFl/YtM2NMvIDrts4c7DJpzJf5x6w9lx/cvDmL J5TG2KKXNsiyqPoG2zgoNcsxDNGpHNtsexZi6PP3bORhMyiBLUoWiSOPabOPnOzV 9CHu3ixwJSOdQk2LUlKDdhyIFtpLaYfZ0rHUor9k7KhJQNehRgzv05XkB08sVB+D VioVNT+bSPAL3L3EAnOnVVvWPQ5QWuiJeWCv16guyWaELg83G3HQujOrWK8RW8W+ 3vFfOqxEbXSQ5huhj5clzFhHuuwb7gD/mJy4xLxbOinEokvlwvpPN9seQQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOw3Hz9Rzw4iwUV13qPTVKrQfKd3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzdjZDViNzZhLWYwNTktNDc1Zi04ZDdiLTRmODc0NWYzNTVlMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9HAwDQYJKoZIhvcNAQELBQADggEBAGwvlQmSzqCDs8j8mjCd x/Sktv9rUD0U8BOgSarrcbXwwPFyhhCoHKpAE8IyrayslThnRSCo09qj1vlqWziv odZJPpJhQzUD+THhe91gw58yzRK0LBssAXUAXnnfSwKqYX3JDr/JY10tsvfo31tC xCrDDlsZlWo1y1MpKAMsSTQOcZy5ipGJiwMBWXYsq8i1khlgj1bVlgR2YXiw1SWq KynpjWXYrgz0+jH2/745IMAgYCoQw1O2B9eri/+pouxv6Jku+PhFCi4PSrR8w3nw mmddfMPw6UXj+NbdSf47GPcADg0ld5P78y304ZGb2ajdgQ/umYI8MYGV/gN/Jg4E rDI= -----END CERTIFICATE-----Generated at Sun Jun 29 07:43:33 2025 by rpki-client