$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f308446-71c0-4da7-9488-837b94b0ca9c.roa File: 0f308446-71c0-4da7-9488-837b94b0ca9c.roa (raw, json) Hash identifier: 3EBn18Q9Is7+qoxSEsb8nfprO8X6C4QbgJxwLKEHMc4= Subject key identifier: 09:8D:81:AC:C7:56:BA:4D:D0:DA:3D:A2:4C:69:FA:2E:47:6F:53:C8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 61B4A24A4E8230C24AC174E2EF458025D46CDA5C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f308446-71c0-4da7-9488-837b94b0ca9c.roa Signing time: Sat 23 Aug 2025 00:41:00 +0000 ROA not before: Sat 23 Aug 2025 00:41:00 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:4080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:b4:a2:4a:4e:82:30:c2:4a:c1:74:e2:ef:45:80:25:d4:6c:da:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:41:00 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=ee0332f3b3e5fcd09283029ac292a437942b55e4f91956fccd97e2dbe4a870e0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:fa:1e:1e:e6:70:f5:2b:e6:f1:03:a5:9d:21: 5d:be:51:34:2e:2e:1e:04:51:a1:f9:b9:62:6c:6c: f8:2e:ad:cc:56:5d:19:de:32:2e:69:36:27:58:ba: 1c:2d:21:76:ed:a7:5c:78:9c:79:ae:b8:01:a0:b9: 3b:b8:de:1c:31:ce:7a:99:b4:c3:af:a2:e8:f3:25: f7:a7:01:2b:4e:9b:3d:82:16:89:76:af:79:66:01: 9f:2c:59:37:46:ef:61:86:0c:9e:ff:80:62:30:48: 0b:3e:1d:eb:cd:31:1c:58:c1:c1:36:a7:4a:b9:e0: d4:51:58:71:b5:bc:a8:1b:7e:25:b3:1c:b2:a3:4e: cb:30:7e:44:ed:1b:78:0d:85:35:aa:cf:52:39:35: 84:cc:df:b3:73:30:ea:f5:8a:20:37:2a:8b:2c:87: 4b:98:06:b8:48:26:25:89:ce:40:69:70:10:d5:6e: a8:5a:53:91:2c:e0:c4:48:5f:b7:b9:8c:a6:a0:b5: 71:0c:ea:c1:b9:be:07:03:06:1b:22:a5:3a:c4:f7: 6a:39:0c:5e:f6:85:19:88:a3:ba:e4:cd:45:3c:75: 90:4f:35:6c:8c:97:6d:f9:32:d7:3f:82:8b:ca:36: 94:39:89:8d:de:0e:4d:6c:a8:52:ba:f8:33:0c:3f: 35:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:8D:81:AC:C7:56:BA:4D:D0:DA:3D:A2:4C:69:FA:2E:47:6F:53:C8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f308446-71c0-4da7-9488-837b94b0ca9c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:4080::/48 Signature Algorithm: sha256WithRSAEncryption 2c:69:c0:cf:72:4c:1b:f5:1f:92:4b:74:ac:f3:11:89:12:ad: 36:a3:e4:e9:9f:e0:4f:40:a6:fe:36:60:6e:fd:df:03:f9:11: a7:6a:7d:59:02:4c:c1:29:22:1e:c3:9a:63:f3:29:d3:cd:fb: 6b:f3:10:b6:57:86:de:82:db:c5:60:a3:12:69:8e:19:58:c9: 5f:0b:1f:f3:86:2d:74:ed:8e:1e:9a:5e:1d:69:b3:1f:9c:74: 12:65:d8:ab:3f:ed:7c:1e:36:d9:d8:20:92:3a:96:c9:e9:aa: 53:37:09:df:d7:af:ca:22:b4:3e:9f:6b:fe:0c:04:0d:2b:b1: a8:e3:e7:bb:7e:00:06:26:56:94:96:71:03:f7:15:e1:d2:9f: 8e:85:40:2f:ed:17:60:0e:2a:d9:65:4a:37:de:4d:e5:97:67: a3:7f:92:9f:1e:e0:8c:61:ba:96:92:3a:5d:84:89:cb:06:64: e1:9c:b8:3a:29:cf:4c:0c:65:b4:3a:72:ec:a4:d3:ed:e6:2b: b2:35:5f:17:87:22:eb:9b:e6:ee:d8:5a:89:4c:9d:f1:93:03: 8e:aa:f8:91:57:6d:e4:d7:ed:25:b0:1f:89:90:f6:e6:26:b7: ab:ac:0e:df:97:a6:57:59:fe:d0:9e:ff:0c:36:f4:52:b9:28: 27:10:08:0a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYbSiSk6CMMJKwXTi70WAJdRs2lwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwNDEwMFoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAZWUwMzMyZjNiM2U1ZmNkMDkyODMw MjlhYzI5MmE0Mzc5NDJiNTVlNGY5MTk1NmZjY2Q5N2UyZGJlNGE4NzBlMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvoeHuZw9Svm8QOlnSFdvlE0Li4e BFGh+blibGz4Lq3MVl0Z3jIuaTYnWLocLSF27adceJx5rrgBoLk7uN4cMc56mbTD r6Lo8yX3pwErTps9ghaJdq95ZgGfLFk3Ru9hhgye/4BiMEgLPh3rzTEcWMHBNqdK ueDUUVhxtbyoG34lsxyyo07LMH5E7Rt4DYU1qs9SOTWEzN+zczDq9YogNyqLLIdL mAa4SCYlic5AaXAQ1W6oWlORLODESF+3uYymoLVxDOrBub4HAwYbIqU6xPdqOQxe 9oUZiKO65M1FPHWQTzVsjJdt+TLXP4KLyjaUOYmN3g5NbKhSuvgzDD81SQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAmNgazHVrpN0No9okxp+i5Hb1PIMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBmMzA4NDQ2LTcxYzAtNGRhNy05NDg4LTgzN2I5NGIwY2E5Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8kCAMA0GCSqGSIb3DQEBCwUAA4IBAQAsacDPckwb9R+SS3Ss 8xGJEq02o+Tpn+BPQKb+NmBu/d8D+RGnan1ZAkzBKSIew5pj8ynTzftr8xC2V4be gtvFYKMSaY4ZWMlfCx/zhi107Y4eml4dabMfnHQSZdirP+18HjbZ2CCSOpbJ6apT Nwnf16/KIrQ+n2v+DAQNK7Go4+e7fgAGJlaUlnED9xXh0p+OhUAv7RdgDirZZUo3 3k3ll2ejf5KfHuCMYbqWkjpdhInLBmThnLg6Kc9MDGW0OnLspNPt5iuyNV8XhyLr m+bu2FqJTJ3xkwOOqviRV23k1+0lsB+JkPbmJrerrA7fl6ZXWf7Qnv8MNvRSuSgn EAgK -----END CERTIFICATE-----Generated at Sat Aug 23 10:14:08 2025 by rpki-client