$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/064f91be-d8d2-4bb1-a959-5f99de2bf511.roa File: 064f91be-d8d2-4bb1-a959-5f99de2bf511.roa (raw, json) Hash identifier: BDOvksUah4DnVvmBqkLFckyzwSGlGkliQ1pfzGHALfI= Subject key identifier: 91:31:0B:AB:13:4D:96:41:34:50:03:10:77:84:63:95:DD:41:8E:7F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7AC176E1285D53528798BA8CE266DE5A4A4A2B09 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/064f91be-d8d2-4bb1-a959-5f99de2bf511.roa Signing time: Tue 19 Aug 2025 00:00:29 +0000 ROA not before: Tue 19 Aug 2025 00:00:29 +0000 ROA not after: Tue 23 Sep 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da60:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:c1:76:e1:28:5d:53:52:87:98:ba:8c:e2:66:de:5a:4a:4a:2b:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 19 00:00:29 2025 GMT Not After : Sep 23 23:59:59 2025 GMT Subject: serialNumber=09e3931222f9428482f22dabd9cf5f0c4cf04d58e6c4db086b802e1a2cdc479c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:af:1f:36:28:a2:d8:b4:cb:89:ca:bc:27:75: 4c:d5:7c:0e:3f:73:2f:7f:52:98:2d:5a:33:c3:14: cf:56:0a:f8:44:b5:ef:bd:08:ac:b3:41:d0:e8:a3: 7b:68:3d:f1:a3:b4:d5:ed:b6:c5:d1:5a:70:38:b0: e9:cf:b8:fa:26:cb:9f:b8:fa:ef:ea:0e:95:1b:e8: 55:72:c4:91:34:b0:c9:19:95:2e:4e:7f:7a:bb:2b: 88:ab:6e:7e:29:35:a9:f0:ce:3d:2f:7a:3c:58:13: 40:4c:7b:f5:b6:29:91:26:12:3e:d9:23:25:b1:ac: 3f:1c:3f:2b:13:2c:fd:a0:1a:6d:c3:94:c1:63:cb: 0b:4e:d4:d6:da:59:cc:78:eb:10:10:56:ec:83:c5: 19:30:a2:ff:02:ea:f6:99:17:1f:12:75:cb:48:f4: 40:a8:fa:68:67:49:46:a3:e7:9c:44:0c:fb:59:72: 05:06:89:b9:99:20:c8:0f:c4:ca:32:28:b2:2f:c3: f0:b9:b1:cb:99:2b:3a:93:50:eb:3e:bf:d8:ed:d4: 83:d0:9d:a6:fa:9c:f8:5c:8a:58:38:ce:9e:3e:4e: 64:52:1e:9c:8a:61:35:18:23:89:45:ba:68:6c:18: 77:cf:6f:e7:9d:da:a9:52:e3:a6:d4:d4:bf:cb:c0: dd:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:31:0B:AB:13:4D:96:41:34:50:03:10:77:84:63:95:DD:41:8E:7F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/064f91be-d8d2-4bb1-a959-5f99de2bf511.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:4000::/40 Signature Algorithm: sha256WithRSAEncryption a7:41:3b:2b:6c:5f:ea:23:7e:a7:18:2c:1b:cf:86:f8:15:81: e8:0e:c7:b6:84:49:53:c5:bb:46:1d:67:59:4d:23:a3:cc:00: e0:ac:84:3f:90:9c:cc:39:e8:fe:56:f1:b3:d2:c5:d5:02:c9: f4:15:a8:a9:26:16:da:06:69:1e:28:bf:2b:b3:b2:6e:56:26: ea:a9:1b:51:50:77:9e:f1:13:1f:a4:f8:3b:44:3b:c5:4e:84: 03:6e:9b:9c:91:ea:cf:82:c9:28:aa:86:82:c7:13:c6:4f:00: b3:e3:ce:4e:5c:dc:ee:d6:a8:ef:49:ce:9e:f5:d4:1b:e2:a3: 0a:ba:6f:ae:a1:ac:a6:dd:0f:c9:a1:e3:bd:2e:26:0f:1c:23: eb:c7:21:80:3f:69:1c:36:78:e4:d8:d3:75:93:28:15:b0:e8: cb:b4:f2:86:9a:86:fe:47:8f:58:dc:80:a8:e3:5c:5d:b9:bf: de:49:d2:7f:14:5c:a7:ad:46:e9:68:d2:aa:5a:a1:b5:e9:18: 50:6c:68:8d:49:85:23:89:0c:14:59:62:d6:d6:67:52:1e:0d: 48:31:41:ae:21:fc:b8:55:2c:91:32:ff:55:96:c4:e7:59:75: 66:df:75:c5:c7:24:68:3d:9e:0a:9c:c7:3d:73:4a:48:64:30: 50:90:78:10 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUesF24ShdU1KHmLqM4mbeWkpKKwkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxOTAwMDAyOVoX DTI1MDkyMzIzNTk1OVowejFJMEcGA1UEBRNAMDllMzkzMTIyMmY5NDI4NDgyZjIy ZGFiZDljZjVmMGM0Y2YwNGQ1OGU2YzRkYjA4NmI4MDJlMWEyY2RjNDc5YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta8fNiii2LTLicq8J3VM1XwOP3Mv f1KYLVozwxTPVgr4RLXvvQiss0HQ6KN7aD3xo7TV7bbF0VpwOLDpz7j6JsufuPrv 6g6VG+hVcsSRNLDJGZUuTn96uyuIq25+KTWp8M49L3o8WBNATHv1timRJhI+2SMl saw/HD8rEyz9oBptw5TBY8sLTtTW2lnMeOsQEFbsg8UZMKL/Aur2mRcfEnXLSPRA qPpoZ0lGo+ecRAz7WXIFBom5mSDID8TKMiiyL8PwubHLmSs6k1DrPr/Y7dSD0J2m +pz4XIpYOM6ePk5kUh6cimE1GCOJRbpobBh3z2/nndqpUuOm1NS/y8DdSQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJExC6sTTZZBNFADEHeEY5XdQY5/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA2NGY5MWJlLWQ4ZDItNGJiMS1hOTU5LTVmOTlkZTJiZjUxMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYEAwDQYJKoZIhvcNAQELBQADggEBAKdBOytsX+ojfqcYLBvP hvgVgegOx7aESVPFu0YdZ1lNI6PMAOCshD+QnMw56P5W8bPSxdUCyfQVqKkmFtoG aR4ovyuzsm5WJuqpG1FQd57xEx+k+DtEO8VOhANum5yR6s+CySiqhoLHE8ZPALPj zk5c3O7WqO9Jzp711Bviowq6b66hrKbdD8mh470uJg8cI+vHIYA/aRw2eOTY03WT KBWw6Mu08oaahv5Hj1jcgKjjXF25v95J0n8UXKetRulo0qpaobXpGFBsaI1JhSOJ DBRZYtbWZ1IeDUgxQa4h/LhVLJEy/1WWxOdZdWbfdcXHJGg9ngqcxz1zSkhkMFCQ eBA= -----END CERTIFICATE-----Generated at Sat Aug 23 08:03:51 2025 by rpki-client