$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/982d87a7-4e0b-42ab-a73f-f497b43a2a36.roa File: 982d87a7-4e0b-42ab-a73f-f497b43a2a36.roa (raw, json) Hash identifier: 4UXJcrywzASoxcXWORSsYP9DhUWzUMY3Z5yCOu8e5ls= Subject key identifier: 0B:CD:9F:31:C0:CB:E1:08:42:37:06:AD:A8:DC:48:9D:3D:36:3A:59 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 23272D13A681D207AA717CB4CFED087F9B70FEB8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/982d87a7-4e0b-42ab-a73f-f497b43a2a36.roa Signing time: Sat 28 Jun 2025 00:00:52 +0000 ROA not before: Sat 28 Jun 2025 00:00:52 +0000 ROA not after: Sat 02 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:27:2d:13:a6:81:d2:07:aa:71:7c:b4:cf:ed:08:7f:9b:70:fe:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 28 00:00:52 2025 GMT Not After : Aug 2 23:59:59 2025 GMT Subject: serialNumber=b362e9a06cd7a7702b15e32157db37d7c9e1bec6e21efa6c24511b10d4b46f05, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:0d:61:27:79:26:1f:ef:a3:dd:79:4a:3b:f4: 9a:5c:8e:a0:99:f3:3b:42:38:fa:5f:56:a7:b7:c3: 74:4b:98:1c:d8:d6:ac:ea:70:26:7b:e2:ef:05:29: 38:00:14:e3:04:3d:04:3d:0a:7f:9b:d8:ef:aa:31: 27:e1:2d:f2:d1:f4:6c:c5:e0:e8:e6:79:46:cb:0a: 1f:0e:85:66:80:4f:cb:d4:d2:07:c4:f1:98:cf:c7: 30:33:c4:e7:79:93:1b:9c:ab:74:34:4c:56:80:e4: 75:d3:20:65:fa:67:26:aa:99:b2:a6:52:46:70:fa: e4:4e:cc:fa:42:28:f9:51:80:7e:16:f9:ad:2d:ef: 4d:87:ac:c6:b5:1c:35:66:b2:12:ee:bd:c0:e3:f1: a1:b2:98:26:d6:56:c8:ec:77:11:9a:66:6b:ed:ad: 99:43:48:03:48:61:a2:95:df:49:aa:fb:c4:42:73: 2d:ad:45:23:5b:c5:d1:7a:37:71:e3:70:9e:a5:d7: 48:b0:aa:7b:47:48:89:9e:7b:be:3c:a0:99:77:7d: 66:ba:a3:73:74:f3:a3:c1:96:b6:e0:98:bd:b1:0e: e9:b0:d5:67:91:bd:43:78:c9:60:f7:94:d0:c1:6a: 44:58:fb:37:a6:57:1a:d6:c1:6d:e3:a1:f1:a1:be: ab:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:CD:9F:31:C0:CB:E1:08:42:37:06:AD:A8:DC:48:9D:3D:36:3A:59 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/982d87a7-4e0b-42ab-a73f-f497b43a2a36.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:800::/40 Signature Algorithm: sha256WithRSAEncryption 97:c6:1d:19:21:f6:b2:e6:95:e3:c3:3f:da:fe:35:c3:f3:48: 38:01:1b:81:92:e3:40:d3:2f:29:fa:4b:0b:44:82:c1:c4:2d: b5:55:c7:7b:6f:d3:1e:f3:5f:f8:55:33:33:7a:f6:6b:de:d7: 3d:c4:16:2e:56:dc:06:63:9f:45:ee:08:84:fa:31:f3:da:5c: f8:69:9a:40:2c:c3:e4:97:96:ac:c4:98:bf:8c:6a:ef:e0:c8: a9:70:4a:66:0c:d9:e3:17:1c:02:f3:e9:bf:29:7d:dc:cc:73: 96:2a:00:56:18:2a:e9:b0:14:94:37:c9:56:fa:de:f8:01:eb: f1:e5:f8:f0:04:59:ee:0f:ee:dc:fc:aa:44:fb:17:e0:04:6f: 13:b0:d1:34:2a:ea:5d:31:03:62:d3:c3:3d:94:c9:b9:41:34: f6:03:ff:62:81:79:e5:7f:15:89:72:87:a5:ae:6a:55:a3:9b: 56:d2:89:69:6c:1e:53:f4:df:50:56:4c:50:e8:67:b2:9d:17: 5b:11:0d:1a:72:a1:e1:09:f1:a1:f5:b1:96:27:c0:f8:98:21: ab:b5:3d:9e:85:03:c5:8d:60:1c:d4:00:c9:55:2d:80:cc:6f: 41:c8:6b:79:97:8d:5c:3a:9f:a7:cd:34:e8:d9:80:b7:70:75: f5:2b:e9:01 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIyctE6aB0geqcXy0z+0If5tw/rgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyODAwMDA1MloX DTI1MDgwMjIzNTk1OVowejFJMEcGA1UEBRNAYjM2MmU5YTA2Y2Q3YTc3MDJiMTVl MzIxNTdkYjM3ZDdjOWUxYmVjNmUyMWVmYTZjMjQ1MTFiMTBkNGI0NmYwNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8g1hJ3kmH++j3XlKO/SaXI6gmfM7 Qjj6X1ant8N0S5gc2Nas6nAme+LvBSk4ABTjBD0EPQp/m9jvqjEn4S3y0fRsxeDo 5nlGywofDoVmgE/L1NIHxPGYz8cwM8TneZMbnKt0NExWgOR10yBl+mcmqpmyplJG cPrkTsz6Qij5UYB+FvmtLe9Nh6zGtRw1ZrIS7r3A4/Ghspgm1lbI7HcRmmZr7a2Z Q0gDSGGild9JqvvEQnMtrUUjW8XRejdx43CepddIsKp7R0iJnnu+PKCZd31muqNz dPOjwZa24Ji9sQ7psNVnkb1DeMlg95TQwWpEWPs3plca1sFt46Hxob6rBwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAvNnzHAy+EIQjcGrajcSJ09NjpZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk4MmQ4N2E3LTRlMGItNDJhYi1hNzNmLWY0OTdiNDNhMmEzNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauQgwDQYJKoZIhvcNAQELBQADggEBAJfGHRkh9rLmlePDP9r+ NcPzSDgBG4GS40DTLyn6SwtEgsHELbVVx3tv0x7zX/hVMzN69mve1z3EFi5W3AZj n0XuCIT6MfPaXPhpmkAsw+SXlqzEmL+Mau/gyKlwSmYM2eMXHALz6b8pfdzMc5Yq AFYYKumwFJQ3yVb63vgB6/Hl+PAEWe4P7tz8qkT7F+AEbxOw0TQq6l0xA2LTwz2U yblBNPYD/2KBeeV/FYlyh6WualWjm1bSiWlsHlP031BWTFDoZ7KdF1sRDRpyoeEJ 8aH1sZYnwPiYIau1PZ6FA8WNYBzUAMlVLYDMb0HIa3mXjVw6n6fNNOjZgLdwdfUr 6QE= -----END CERTIFICATE-----Generated at Sun Jun 29 07:46:16 2025 by rpki-client