$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f695f86c-1862-4357-8961-1e5b809c4811.roa File: f695f86c-1862-4357-8961-1e5b809c4811.roa (raw, json) Hash identifier: h163InN2gQmYc3ADvCaEyVTkQq1hadfAjc0UGk2AzTw= Subject key identifier: 37:F2:4D:79:8D:C4:8A:F8:00:61:D4:C3:EC:D8:BE:99:A0:A9:96:67 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4AACEFFDDD162F9E18D64ADB61AD9FB6B0114325 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f695f86c-1862-4357-8961-1e5b809c4811.roa Signing time: Sat 28 Jun 2025 00:00:46 +0000 ROA not before: Sat 28 Jun 2025 00:00:46 +0000 ROA not after: Sat 02 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 00:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:ac:ef:fd:dd:16:2f:9e:18:d6:4a:db:61:ad:9f:b6:b0:11:43:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 28 00:00:46 2025 GMT Not After : Aug 2 23:59:59 2025 GMT Subject: serialNumber=8948781b6d9e64a09108cb84337dd46c3f8dafdfc104902c7a4b6554347c77bf, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:d6:80:cb:0b:42:61:00:96:b0:bd:02:70:d1: 52:bf:cb:9f:00:d0:87:d1:b1:2e:11:64:bc:cc:23: 60:08:4f:e5:5d:22:d6:56:f1:7c:04:dc:7a:62:c1: 9c:ea:c6:1a:12:2e:f4:03:27:94:c1:28:22:32:08: 2c:5e:a4:8f:ae:dd:06:71:f9:8d:4a:3d:62:28:d7: 22:a8:2b:38:40:9b:58:ba:21:d0:1c:b4:c3:2b:ba: a1:5c:41:db:37:16:6e:3e:75:4c:5a:32:a5:d0:2c: aa:a5:e9:1a:11:d4:56:5e:7f:9c:56:42:8a:49:0a: 9d:21:e0:96:3d:81:3d:9f:09:e7:72:c6:0b:0f:bf: 91:4b:4c:96:ad:36:ef:38:76:a5:80:66:cb:a7:c9: 0a:34:95:06:01:fb:9d:ba:82:54:f9:2b:aa:1a:f8: 4e:ab:fe:6f:7a:50:46:db:04:d5:e5:2d:8c:cc:c0: 7e:4e:bc:a7:e5:bf:f1:7b:97:a0:89:d8:b0:fd:c8: 1b:14:4a:17:d6:5f:a0:08:98:a5:90:23:8d:23:87: cb:c5:05:b3:c6:9f:59:f7:c5:84:03:16:a2:2e:5b: db:f5:bf:44:d3:11:1d:45:f5:39:83:b6:85:76:32: 1c:89:34:34:26:19:7e:46:ab:be:7f:5d:80:54:a4: d2:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:F2:4D:79:8D:C4:8A:F8:00:61:D4:C3:EC:D8:BE:99:A0:A9:96:67 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f695f86c-1862-4357-8961-1e5b809c4811.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:a000::/40 Signature Algorithm: sha256WithRSAEncryption 8d:03:7c:93:0d:cd:70:f6:db:b4:b7:7e:87:db:9c:5d:d7:df: 58:00:1a:18:1a:43:b9:45:7d:c7:ce:71:f0:60:af:3d:57:27: cb:08:1d:52:79:55:11:4e:bd:f3:1f:59:98:f5:00:5c:5c:5b: 32:e7:d2:43:12:f3:08:e7:2a:51:ee:4c:66:7f:2c:02:a9:04: f0:43:0c:a7:0f:57:44:ce:8a:0a:b3:c6:f8:27:84:08:85:b4: 53:e6:2c:38:2a:56:5c:aa:ef:9a:d5:42:f4:fc:76:74:65:11: ff:f2:a7:da:0d:b6:b0:37:90:b5:a8:9b:df:cd:dd:d3:88:68: 98:33:6d:44:66:a2:5f:df:6e:5e:a5:ea:79:68:89:9f:aa:f0: c8:7a:e9:9f:55:e3:fa:0a:a4:32:a0:eb:4e:20:df:cb:cc:8e: f8:a7:a2:5a:43:cc:49:d0:d5:e4:14:9f:3c:8a:95:ba:5e:e9: cc:16:0c:37:58:7d:5b:e0:fe:b2:f6:3c:fd:c7:09:d5:e9:f5: 03:9a:ed:f7:2a:27:3d:0e:1c:ec:49:3d:80:f9:1f:2d:c4:52: ef:87:a8:31:eb:e9:11:a1:d5:ae:47:de:a6:59:2f:32:45:af: 1d:c5:60:2d:e5:ba:85:4e:49:d0:e4:ee:52:84:36:ce:48:f8: 16:68:a6:36 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSqzv/d0WL54Y1krbYa2ftrARQyUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYyODAwMDA0NloX DTI1MDgwMjIzNTk1OVowejFJMEcGA1UEBRNAODk0ODc4MWI2ZDllNjRhMDkxMDhj Yjg0MzM3ZGQ0NmMzZjhkYWZkZmMxMDQ5MDJjN2E0YjY1NTQzNDdjNzdiZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdaAywtCYQCWsL0CcNFSv8ufANCH 0bEuEWS8zCNgCE/lXSLWVvF8BNx6YsGc6sYaEi70AyeUwSgiMggsXqSPrt0GcfmN Sj1iKNciqCs4QJtYuiHQHLTDK7qhXEHbNxZuPnVMWjKl0CyqpekaEdRWXn+cVkKK SQqdIeCWPYE9nwnncsYLD7+RS0yWrTbvOHalgGbLp8kKNJUGAfuduoJU+SuqGvhO q/5velBG2wTV5S2MzMB+Tryn5b/xe5egidiw/cgbFEoX1l+gCJilkCONI4fLxQWz xp9Z98WEAxaiLlvb9b9E0xEdRfU5g7aFdjIciTQ0Jhl+Rqu+f12AVKTSowIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDfyTXmNxIr4AGHUw+zYvpmgqZZnMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y2OTVmODZjLTE4NjItNDM1Ny04OTYxLTFlNWI4MDljNDgxMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAKAwDQYJKoZIhvcNAQELBQADggEBAI0DfJMNzXD227S3fofb nF3X31gAGhgaQ7lFfcfOcfBgrz1XJ8sIHVJ5VRFOvfMfWZj1AFxcWzLn0kMS8wjn KlHuTGZ/LAKpBPBDDKcPV0TOigqzxvgnhAiFtFPmLDgqVlyq75rVQvT8dnRlEf/y p9oNtrA3kLWom9/N3dOIaJgzbURmol/fbl6l6nloiZ+q8Mh66Z9V4/oKpDKg604g 38vMjvinolpDzEnQ1eQUnzyKlbpe6cwWDDdYfVvg/rL2PP3HCdXp9QOa7fcqJz0O HOxJPYD5Hy3EUu+HqDHr6RGh1a5H3qZZLzJFrx3FYC3luoVOSdDk7lKENs5I+BZo pjY= -----END CERTIFICATE-----Generated at Sun Jun 29 04:27:38 2025 by rpki-client