$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/062af51c-5367-4b3a-91ca-65f4ac95ee74.roa File: 062af51c-5367-4b3a-91ca-65f4ac95ee74.roa (raw, json) Hash identifier: qSdZ904NhhyOlUeq6W3VNtH41QD3w1nWyVCW4bL33pA= Subject key identifier: 23:2A:7A:70:AE:0D:2E:0F:A9:20:78:78:5D:4F:52:CE:B1:B8:8A:5B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5CF5A611C596AF71D2976918C97337DDFF71D71A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/062af51c-5367-4b3a-91ca-65f4ac95ee74.roa Signing time: Sat 23 Aug 2025 00:11:29 +0000 ROA not before: Sat 23 Aug 2025 00:11:29 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:2880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:f5:a6:11:c5:96:af:71:d2:97:69:18:c9:73:37:dd:ff:71:d7:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:11:29 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=c94336afc8fb139f6bbc10f0ca0c215839259e745c5bb23ea6212188c7a771cd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:27:9c:22:da:5f:d9:25:a6:bc:31:25:82:79: ae:d7:3a:40:16:42:b2:0f:d0:6b:ff:4c:27:c8:71: ab:c4:49:be:9b:79:76:f2:7e:80:62:01:9a:b9:a6: 5a:6d:ba:a2:cf:bb:e6:1f:09:25:b1:55:09:03:16: 10:88:69:50:b1:72:c7:ea:f4:aa:22:cc:33:59:aa: 97:12:0f:58:7f:81:4a:4e:c3:a9:3b:3f:19:32:66: d2:4a:86:7b:0c:c3:aa:86:6c:42:07:9e:d8:43:70: f6:08:d7:85:8f:d7:8c:45:aa:a2:0a:de:88:64:6a: e7:94:c1:a2:86:73:0d:f0:8d:84:1d:ef:b8:79:2a: 8b:20:e8:df:9c:43:3e:9b:9d:7e:54:f2:bc:ba:a4: 08:ee:59:2b:61:95:ff:6e:1a:68:f9:6e:11:6a:97: 65:c9:02:24:b9:d2:d2:9b:f5:89:a1:55:5d:db:58: 51:d0:f7:78:11:21:d8:97:73:b3:00:e1:74:ab:96: bc:bf:d9:30:34:c0:a5:ef:2e:3f:59:df:51:03:59: c0:1f:3e:8f:d7:af:3d:5c:dc:57:c4:f2:91:1f:11: 21:29:17:80:a1:f6:c7:d6:89:bb:37:81:f6:25:c6: 16:54:d3:3c:22:9f:b2:e9:af:0c:ea:cc:61:96:fd: 94:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:2A:7A:70:AE:0D:2E:0F:A9:20:78:78:5D:4F:52:CE:B1:B8:8A:5B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/062af51c-5367-4b3a-91ca-65f4ac95ee74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:2880::/48 Signature Algorithm: sha256WithRSAEncryption c9:79:12:98:db:1b:8b:0c:16:fb:47:6a:20:f7:e8:4d:d4:47: 90:e4:5e:21:74:7b:f3:62:e6:0f:95:58:2c:c8:ea:11:dc:32: 12:e8:9b:59:9e:1b:e6:b5:ce:6a:60:ec:bf:d0:3a:d0:fa:c4: cd:64:f4:59:1f:f7:f5:17:7a:9e:fa:47:28:68:3b:6f:71:9c: 0b:5a:e9:d8:41:f9:9b:3c:11:9e:e2:07:3b:05:e4:bd:73:4a: 21:63:9e:1a:17:53:04:71:c0:a5:e9:bc:b6:bb:93:84:86:c0: c1:ea:a5:c0:a2:21:75:3e:0d:d4:9a:fc:df:6b:a6:cc:a8:8f: f3:a8:23:20:52:68:da:0b:c7:83:2a:d4:f7:7a:c5:b1:a7:6b: 54:ad:5a:93:3a:6a:5c:ac:bd:86:da:59:ce:19:73:32:7b:11: ef:61:52:3d:ca:fa:f4:2f:4c:b8:a3:80:d1:25:7d:af:3b:1c: 39:7a:8b:7e:63:72:f3:1e:e8:fd:1f:0e:28:cd:85:02:0f:8d: cf:e3:06:25:86:8d:de:fe:ea:58:5d:d2:00:0e:20:31:72:d4: b3:dd:41:4f:68:81:e6:8b:94:dd:ab:01:37:72:c1:e6:5b:d2: 52:a5:52:a0:bf:d5:51:36:67:10:49:c8:dd:7c:4a:4c:94:2b: 2b:67:b5:4a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUXPWmEcWWr3HSl2kYyXM33f9x1xowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMTEyOVoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAYzk0MzM2YWZjOGZiMTM5ZjZiYmMx MGYwY2EwYzIxNTgzOTI1OWU3NDVjNWJiMjNlYTYyMTIxODhjN2E3NzFjZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyecItpf2SWmvDElgnmu1zpAFkKy D9Br/0wnyHGrxEm+m3l28n6AYgGauaZabbqiz7vmHwklsVUJAxYQiGlQsXLH6vSq IswzWaqXEg9Yf4FKTsOpOz8ZMmbSSoZ7DMOqhmxCB57YQ3D2CNeFj9eMRaqiCt6I ZGrnlMGihnMN8I2EHe+4eSqLIOjfnEM+m51+VPK8uqQI7lkrYZX/bhpo+W4Rapdl yQIkudLSm/WJoVVd21hR0Pd4ESHYl3OzAOF0q5a8v9kwNMCl7y4/Wd9RA1nAHz6P 1689XNxXxPKRHxEhKReAofbH1om7N4H2JcYWVNM8Ip+y6a8M6sxhlv2USwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCMqenCuDS4PqSB4eF1PUs6xuIpbMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA2MmFmNTFjLTUzNjctNGIzYS05MWNhLTY1ZjRhYzk1ZWU3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOCiAMA0GCSqGSIb3DQEBCwUAA4IBAQDJeRKY2xuLDBb7R2og 9+hN1EeQ5F4hdHvzYuYPlVgsyOoR3DIS6JtZnhvmtc5qYOy/0DrQ+sTNZPRZH/f1 F3qe+kcoaDtvcZwLWunYQfmbPBGe4gc7BeS9c0ohY54aF1MEccCl6by2u5OEhsDB 6qXAoiF1Pg3Umvzfa6bMqI/zqCMgUmjaC8eDKtT3esWxp2tUrVqTOmpcrL2G2lnO GXMyexHvYVI9yvr0L0y4o4DRJX2vOxw5eot+Y3LzHuj9Hw4ozYUCD43P4wYlho3e /upYXdIADiAxctSz3UFPaIHmi5TdqwE3csHmW9JSpVKgv9VRNmcQScjdfEpMlCsr Z7VK -----END CERTIFICATE-----Generated at Sat Aug 23 13:58:34 2025 by rpki-client