$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7e363607-e7c0-4093-a95f-81ec8e33d0fd.roa File: 7e363607-e7c0-4093-a95f-81ec8e33d0fd.roa (raw, json) Hash identifier: /jWZTjaK/XiD96FZXJDZbvkR7x6y2YlBgdYY8icwh1w= Subject key identifier: 2C:36:55:24:BB:FA:39:5C:68:DA:E7:B8:43:C1:F0:48:4D:31:30:68 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5BE42EBC10B52747CE1284FE9E63BCAF6D98D28B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7e363607-e7c0-4093-a95f-81ec8e33d0fd.roa Signing time: Sat 23 Aug 2025 00:31:33 +0000 ROA not before: Sat 23 Aug 2025 00:31:33 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:8080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:e4:2e:bc:10:b5:27:47:ce:12:84:fe:9e:63:bc:af:6d:98:d2:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:31:33 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=72c0f4ac95f6d39af7534a6de4190e3ae870a02d47b5f4c4f15ca9fd86323689, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:ee:c9:97:ea:42:02:e1:b3:fe:23:f1:56:f7: 64:c1:41:1e:fa:04:b4:f5:a7:b4:8e:06:39:34:7e: 08:f8:cf:a3:04:9b:b5:76:c3:92:01:62:5d:3a:64: c9:d7:1a:45:5c:97:ff:ea:1e:dc:74:4b:66:ee:3c: d9:dd:9e:a4:f6:bd:3a:e0:a1:59:f6:d8:4c:ea:91: 30:0b:17:f8:33:46:bb:44:82:83:bf:f2:86:30:0a: e1:2f:91:1f:ca:04:e1:ce:42:ec:29:c0:d6:41:09: c3:2c:00:37:40:ca:2a:d6:2b:30:e0:ed:35:f0:b4: b0:cf:c3:02:8c:6e:a3:d2:30:f7:2b:90:23:c7:c4: cf:36:55:ba:2f:ac:bb:35:e1:b8:cb:4f:08:81:86: c7:c8:59:7c:f8:06:7d:53:9e:97:36:86:a2:ed:ee: a2:49:5b:ca:e0:39:5f:8d:53:50:a9:74:7c:5d:e5: 41:9d:8b:fd:01:64:7d:09:2e:ff:18:14:29:87:d5: 3e:e5:79:d1:94:ff:62:80:22:c7:27:c2:3c:c0:d6: 12:aa:37:66:b0:97:7f:d8:b2:b0:44:1d:83:c6:ec: 27:c2:ce:93:83:a5:49:74:7d:f9:59:be:b7:58:c9: ab:7c:f8:4f:91:0a:60:a3:3f:b5:a3:9b:c8:f2:a6: 38:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:36:55:24:BB:FA:39:5C:68:DA:E7:B8:43:C1:F0:48:4D:31:30:68 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7e363607-e7c0-4093-a95f-81ec8e33d0fd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:8080::/48 Signature Algorithm: sha256WithRSAEncryption 04:34:bf:f1:fd:4d:48:35:fe:1c:9a:ff:4c:d8:00:76:87:f4: 5f:86:7c:9d:e3:53:d5:74:6a:58:d6:4c:b9:dc:b9:92:a8:cb: 59:aa:3f:da:e3:50:53:3c:a4:d6:55:dd:e0:7b:48:06:e5:a1: fe:1f:cd:bc:85:15:3c:2f:df:51:b6:94:bb:18:c6:c2:2d:75: 9e:21:b7:35:41:5e:06:d7:0a:fa:b1:83:3b:79:71:f8:ce:7e: 17:6e:20:fc:07:74:fe:07:4e:6d:ff:d5:0e:4f:76:50:43:54: 6c:fe:01:be:a7:3f:63:79:e3:62:ff:60:27:e3:58:05:d5:10: ed:34:b2:ae:97:2c:30:82:3b:06:4e:9e:0e:c2:b5:43:ae:b3: 84:dd:9a:dc:a8:ce:9c:86:95:08:67:19:a3:dc:03:d6:fc:e1: 56:dd:f3:b7:3f:5a:bd:31:5a:e4:d4:b8:6f:5d:17:35:4f:56: f9:d2:c3:38:b9:9e:44:c0:17:58:53:f5:61:21:c3:bf:77:27: 4c:0e:e2:1f:3d:6a:5e:6f:f4:18:0a:da:43:8a:52:f2:75:63: dc:20:6a:b0:9f:3d:da:c2:6e:d0:bf:c3:82:e3:cb:7c:f8:fc: 0b:be:d0:97:e8:0d:53:e4:e2:54:ec:70:92:de:2d:51:e2:24: 5b:40:76:83 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUW+QuvBC1J0fOEoT+nmO8r22Y0oswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMzEzM1oX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNANzJjMGY0YWM5NWY2ZDM5YWY3NTM0 YTZkZTQxOTBlM2FlODcwYTAyZDQ3YjVmNGM0ZjE1Y2E5ZmQ4NjMyMzY4OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+7Jl+pCAuGz/iPxVvdkwUEe+gS0 9ae0jgY5NH4I+M+jBJu1dsOSAWJdOmTJ1xpFXJf/6h7cdEtm7jzZ3Z6k9r064KFZ 9thM6pEwCxf4M0a7RIKDv/KGMArhL5EfygThzkLsKcDWQQnDLAA3QMoq1isw4O01 8LSwz8MCjG6j0jD3K5Ajx8TPNlW6L6y7NeG4y08IgYbHyFl8+AZ9U56XNoai7e6i SVvK4DlfjVNQqXR8XeVBnYv9AWR9CS7/GBQph9U+5XnRlP9igCLHJ8I8wNYSqjdm sJd/2LKwRB2Dxuwnws6Tg6VJdH35Wb63WMmrfPhPkQpgoz+1o5vI8qY4nwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCw2VSS7+jlcaNrnuEPB8EhNMTBoMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzdlMzYzNjA3LWU3YzAtNDA5My1hOTVmLTgxZWM4ZTMzZDBmZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/4CAMA0GCSqGSIb3DQEBCwUAA4IBAQAENL/x/U1INf4cmv9M 2AB2h/Rfhnyd41PVdGpY1ky53LmSqMtZqj/a41BTPKTWVd3ge0gG5aH+H828hRU8 L99RtpS7GMbCLXWeIbc1QV4G1wr6sYM7eXH4zn4XbiD8B3T+B05t/9UOT3ZQQ1Rs /gG+pz9jeeNi/2An41gF1RDtNLKulywwgjsGTp4OwrVDrrOE3ZrcqM6chpUIZxmj 3APW/OFW3fO3P1q9MVrk1LhvXRc1T1b50sM4uZ5EwBdYU/VhIcO/dydMDuIfPWpe b/QYCtpDilLydWPcIGqwnz3awm7Qv8OC48t8+PwLvtCX6A1T5OJU7HCS3i1R4iRb QHaD -----END CERTIFICATE-----Generated at Sat Aug 23 10:10:38 2025 by rpki-client