$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d8456f50-6ead-49e9-ad54-f384ac4008be.roa File: d8456f50-6ead-49e9-ad54-f384ac4008be.roa (raw, json) Hash identifier: GrrX1xt7Pg+k2mVjIGahBMlpgUE9EejEL9d50utDzdc= Subject key identifier: 32:91:32:69:4A:32:EE:89:7C:17:63:1D:88:EE:3D:43:B9:F9:50:C5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 773DB3AE0B1E29C2A2BABEF30680840A5D1A9D11 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d8456f50-6ead-49e9-ad54-f384ac4008be.roa Signing time: Sat 28 Jun 2025 00:00:59 +0000 ROA not before: Sat 28 Jun 2025 00:00:59 +0000 ROA not after: Sat 02 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 00:01:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:3d:b3:ae:0b:1e:29:c2:a2:ba:be:f3:06:80:84:0a:5d:1a:9d:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 28 00:00:59 2025 GMT Not After : Aug 2 23:59:59 2025 GMT Subject: serialNumber=1c72637fef2d159535d2a5de00f19000c3f981ede2251573b161c6cfd1b493c0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:35:24:bc:3a:4e:40:30:48:9b:be:25:14:75: 2c:22:4d:ae:fb:38:fc:7b:2e:78:1b:69:b0:e0:d6: c5:9c:be:f0:5c:b5:4b:54:29:c4:df:00:ce:91:9f: 8b:97:35:5a:0d:b8:c0:2a:3e:e9:d9:82:b3:17:5f: 05:4c:3c:61:41:31:a5:b7:c6:a4:68:76:57:b8:52: ce:45:35:9a:09:13:fd:2b:55:ac:35:3b:ea:a0:1c: f4:47:b5:19:ff:07:b2:e9:bd:1f:ea:c0:0f:b3:25: bc:fd:b8:ac:24:db:21:57:5c:7e:6c:6a:06:26:2e: ca:7b:36:63:8a:2a:b3:4a:ac:9b:f0:d4:88:02:a5: 39:f6:3a:d6:3e:4b:00:f5:87:66:49:ae:d2:67:49: d2:cf:c0:c1:0f:d3:97:f2:78:f4:6d:80:e5:86:5a: 64:3a:03:66:fb:a1:63:d1:b1:48:e5:69:dd:23:69: 76:00:5c:18:bd:ad:37:d8:64:5a:05:88:d6:9e:a9: 4b:eb:5b:f1:31:b1:11:21:f8:b6:a6:1c:65:de:85: 59:de:81:d1:f4:a6:54:af:c7:77:24:5b:d8:14:d6: 2f:57:d0:a8:5c:68:a2:cf:5a:cb:ea:1d:e0:8a:c4: f0:ee:9d:fb:d0:21:91:41:83:19:e5:ae:4f:ec:7a: 56:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:91:32:69:4A:32:EE:89:7C:17:63:1D:88:EE:3D:43:B9:F9:50:C5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d8456f50-6ead-49e9-ad54-f384ac4008be.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:7000::/40 Signature Algorithm: sha256WithRSAEncryption 69:cd:97:11:48:f0:b7:89:fa:2c:3a:4a:56:5f:e3:c1:65:f6: 1a:b2:78:95:73:4f:50:94:75:c1:fc:79:7a:b6:5f:66:c4:90: 0e:28:5a:60:03:1b:9b:f7:fe:5d:af:1d:61:61:48:c0:d8:91: d0:99:2f:28:f6:b2:09:86:36:e2:56:70:a4:6e:0f:53:f1:c3: 13:de:b5:70:9f:fc:d3:5b:65:c3:03:be:4d:78:31:ae:f7:43: 2b:3c:a9:32:74:4b:69:b1:e9:9b:ea:e8:52:bd:d9:17:44:24: af:28:88:99:89:ce:8f:48:e1:b1:e4:84:d2:78:81:ff:f7:44: 58:b6:60:c0:9f:1c:34:08:23:1d:54:39:6c:90:26:35:15:e2: 5b:5e:46:0e:36:ad:8d:8e:68:58:6e:d4:8a:36:92:06:82:68: 07:2e:51:82:03:76:d2:64:9c:2f:7d:5a:d0:e0:2f:94:60:a5: 5d:be:e2:52:f9:b2:7c:d2:90:7f:47:d1:3d:39:ee:62:3b:51: aa:36:20:0f:b8:b5:22:e2:5f:bb:0a:a3:76:4b:04:df:ce:6a: 82:30:8f:6f:0a:af:6b:37:9e:39:19:53:22:f1:dd:a0:c5:3e: 67:9c:d0:8b:49:ac:e8:09:50:ea:a6:39:ed:25:46:82:a7:d0: a7:b3:37:09 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdz2zrgseKcKiur7zBoCECl0anREwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyODAwMDA1OVoX DTI1MDgwMjIzNTk1OVowejFJMEcGA1UEBRNAMWM3MjYzN2ZlZjJkMTU5NTM1ZDJh NWRlMDBmMTkwMDBjM2Y5ODFlZGUyMjUxNTczYjE2MWM2Y2ZkMWI0OTNjMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDUkvDpOQDBIm74lFHUsIk2u+zj8 ey54G2mw4NbFnL7wXLVLVCnE3wDOkZ+LlzVaDbjAKj7p2YKzF18FTDxhQTGlt8ak aHZXuFLORTWaCRP9K1WsNTvqoBz0R7UZ/wey6b0f6sAPsyW8/bisJNshV1x+bGoG Ji7KezZjiiqzSqyb8NSIAqU59jrWPksA9YdmSa7SZ0nSz8DBD9OX8nj0bYDlhlpk OgNm+6Fj0bFI5WndI2l2AFwYva032GRaBYjWnqlL61vxMbERIfi2phxl3oVZ3oHR 9KZUr8d3JFvYFNYvV9CoXGiiz1rL6h3gisTw7p370CGRQYMZ5a5P7HpWTwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDKRMmlKMu6JfBdjHYjuPUO5+VDFMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q4NDU2ZjUwLTZlYWQtNDllOS1hZDU0LWYzODRhYzQwMDhiZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauXAwDQYJKoZIhvcNAQELBQADggEBAGnNlxFI8LeJ+iw6SlZf 48Fl9hqyeJVzT1CUdcH8eXq2X2bEkA4oWmADG5v3/l2vHWFhSMDYkdCZLyj2sgmG NuJWcKRuD1PxwxPetXCf/NNbZcMDvk14Ma73Qys8qTJ0S2mx6Zvq6FK92RdEJK8o iJmJzo9I4bHkhNJ4gf/3RFi2YMCfHDQIIx1UOWyQJjUV4lteRg42rY2OaFhu1Io2 kgaCaAcuUYIDdtJknC99WtDgL5RgpV2+4lL5snzSkH9H0T057mI7Uao2IA+4tSLi X7sKo3ZLBN/OaoIwj28Kr2s3njkZUyLx3aDFPmec0ItJrOgJUOqmOe0lRoKn0Kez Nwk= -----END CERTIFICATE-----Generated at Tue Jul 1 15:14:55 2025 by rpki-client