$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa File: c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa (raw, json) Hash identifier: MAYARSfiFK2ROpHg8A/oTHzpkncdPHWwbEZTbidf9Gs= Subject key identifier: 57:33:D8:81:AD:AE:AC:51:27:E3:CF:9E:AD:41:3C:2E:20:5F:0D:15 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 075EB47C2FD47621EE3FB8B813E49AFC1469AD7A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa Signing time: Fri 22 Aug 2025 00:10:02 +0000 ROA not before: Fri 22 Aug 2025 00:10:02 +0000 ROA not after: Fri 26 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:a040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:5e:b4:7c:2f:d4:76:21:ee:3f:b8:b8:13:e4:9a:fc:14:69:ad:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 22 00:10:02 2025 GMT Not After : Sep 26 23:59:59 2025 GMT Subject: serialNumber=cec33eb210edb29dee2e1621ba5cd867ea21bcde4cb396c95c067ba669e38853, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:ec:9e:7a:bd:72:e2:92:9b:be:3e:1a:c7:75: d9:27:4d:f8:d5:4b:d4:27:e2:44:02:3e:7a:e4:18: cc:32:a4:91:b7:8c:df:d2:2a:2e:e3:80:7a:8b:64: 86:99:0c:b9:51:db:d0:5f:2c:cf:47:09:38:08:6b: 92:ad:79:e0:79:15:f0:7e:01:d4:12:43:e6:3a:ef: 56:a6:cb:ae:e6:00:35:ba:76:c1:cb:31:80:9d:5f: 46:b4:54:24:27:62:f4:6c:31:7b:5d:8e:9e:c8:e1: 52:f1:5f:f1:b2:82:fb:e9:00:91:b5:96:d8:2a:48: 08:46:b1:e5:f7:79:99:88:43:b5:58:e4:b9:1a:61: 0f:1d:eb:cd:42:14:d2:0b:40:b9:45:e1:3e:2f:81: ff:99:3a:5f:5d:04:4c:cf:e7:fd:bf:29:c7:0d:03: 2f:bf:47:0b:c1:e6:96:68:09:ad:e8:82:c7:f9:67: 90:74:ca:5e:29:bd:13:c2:93:27:a5:f1:ea:dd:ee: 71:2d:2e:3d:60:6e:36:f8:f9:b7:ec:9e:0e:81:02: 10:38:10:b9:7d:fd:fc:f1:42:ea:cf:ac:52:73:6c: 83:2b:93:39:8f:94:07:a4:d1:ae:f4:e3:57:05:34: 46:5f:e8:10:f9:77:a1:f1:0b:9e:ba:8a:46:89:25: 18:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:33:D8:81:AD:AE:AC:51:27:E3:CF:9E:AD:41:3C:2E:20:5F:0D:15 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:a040::/48 Signature Algorithm: sha256WithRSAEncryption bb:e7:22:c3:a8:f4:d7:6b:b0:3e:4d:46:38:87:22:8b:8e:e4: 35:00:6e:80:ab:eb:f6:bd:4e:5e:89:59:a4:3b:52:67:e6:da: af:fa:fd:53:2d:6d:0c:2c:32:ed:22:e3:8d:e1:80:22:44:99: 5e:ff:e2:4d:d9:6c:e1:2c:d8:61:ba:35:f0:67:ad:47:23:eb: 79:5f:49:95:8f:2a:9c:99:3c:e0:97:40:8d:dd:29:51:16:e2: cc:8e:b0:1b:7a:26:93:5a:7c:8e:3b:8f:52:c0:1d:09:eb:48: 60:70:53:70:b1:c5:4b:9e:21:99:1a:7a:a3:2b:7a:55:d7:9e: d0:db:9d:56:96:9b:b9:db:c3:4e:9a:a7:ca:be:8e:8c:80:8f: c1:cb:46:e7:a3:92:8e:d3:30:06:e9:67:13:5a:b5:0b:1b:45: 35:2e:6f:3a:9c:0f:ca:76:4e:41:ae:a1:62:84:ac:8c:86:3c: 52:00:7d:28:05:54:0c:1f:3d:6e:8f:de:a3:ac:08:6a:bb:60: 17:fe:44:d8:d4:ec:03:d4:11:b2:f7:2a:23:9f:c6:51:d6:1a: 67:d0:82:74:be:63:2e:fc:8b:19:af:6d:61:7e:c8:8c:c3:41: c9:14:49:21:8e:d5:cd:10:76:57:03:f1:8e:0c:d4:77:7a:e0: e0:b6:85:5c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUB160fC/UdiHuP7i4E+Sa/BRprXowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMjAwMTAwMloX DTI1MDkyNjIzNTk1OVowejFJMEcGA1UEBRNAY2VjMzNlYjIxMGVkYjI5ZGVlMmUx NjIxYmE1Y2Q4NjdlYTIxYmNkZTRjYjM5NmM5NWMwNjdiYTY2OWUzODg1MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweyeer1y4pKbvj4ax3XZJ0341UvU J+JEAj565BjMMqSRt4zf0iou44B6i2SGmQy5UdvQXyzPRwk4CGuSrXngeRXwfgHU EkPmOu9Wpsuu5gA1unbByzGAnV9GtFQkJ2L0bDF7XY6eyOFS8V/xsoL76QCRtZbY KkgIRrHl93mZiEO1WOS5GmEPHevNQhTSC0C5ReE+L4H/mTpfXQRMz+f9vynHDQMv v0cLweaWaAmt6ILH+WeQdMpeKb0TwpMnpfHq3e5xLS49YG42+Pm37J4OgQIQOBC5 ff388ULqz6xSc2yDK5M5j5QHpNGu9ONXBTRGX+gQ+Xeh8QueuopGiSUYMwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFcz2IGtrqxRJ+PPnq1BPC4gXw0VMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M3YTFhM2ViLTQ2ZmItNDM0OS1iZWI0LWRiYWRlZjkwN2UyYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAKBAMA0GCSqGSIb3DQEBCwUAA4IBAQC75yLDqPTXa7A+TUY4 hyKLjuQ1AG6Aq+v2vU5eiVmkO1Jn5tqv+v1TLW0MLDLtIuON4YAiRJle/+JN2Wzh LNhhujXwZ61HI+t5X0mVjyqcmTzgl0CN3SlRFuLMjrAbeiaTWnyOO49SwB0J60hg cFNwscVLniGZGnqjK3pV157Q251Wlpu528NOmqfKvo6MgI/By0bno5KO0zAG6WcT WrULG0U1Lm86nA/Kdk5BrqFihKyMhjxSAH0oBVQMHz1uj96jrAhqu2AX/kTY1OwD 1BGy9yojn8ZR1hpn0IJ0vmMu/IsZr21hfsiMw0HJFEkhjtXNEHZXA/GODNR3euDg toVc -----END CERTIFICATE-----Generated at Sat Aug 23 12:00:08 2025 by rpki-client