$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/116071fa-fa33-4a2f-9343-0d57551a9223.roa File: 116071fa-fa33-4a2f-9343-0d57551a9223.roa (raw, json) Hash identifier: /rA7moxQUktqWErEyguIqjo+lIV+JhLJ9KAArtm63GE= Subject key identifier: 3C:89:C3:45:23:A9:44:92:64:B4:38:B5:9B:9D:A4:42:DB:27:DE:E5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6978C97C3BBEE681EB9BD69AB53A61A5E3EC8327 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/116071fa-fa33-4a2f-9343-0d57551a9223.roa Signing time: Sat 23 Aug 2025 00:41:02 +0000 ROA not before: Sat 23 Aug 2025 00:41:02 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:6060::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:78:c9:7c:3b:be:e6:81:eb:9b:d6:9a:b5:3a:61:a5:e3:ec:83:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:41:02 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=fe70394d7fc7fa25af4d7cc8a375038e0e9ab029cfc402c7835baaabc4821e92, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:65:2c:29:62:75:31:fa:f0:aa:54:04:05:f4: 8e:34:2d:01:0f:d7:72:1b:8c:7d:3d:90:02:64:23: 9a:43:d0:26:72:14:37:f8:aa:9e:93:ef:b7:24:f2: b5:93:e8:0c:26:11:63:dd:96:65:46:2a:10:fc:ab: e4:a6:b3:36:e5:c8:17:74:2b:2b:0e:4e:35:d3:fc: ea:74:92:24:2f:ff:c2:68:08:22:eb:0e:fe:50:e8: 4d:1b:a4:4f:91:49:47:d6:2f:88:ef:2c:54:f7:c3: 86:37:2e:2e:7b:a6:52:5d:1a:53:ae:68:9e:0d:29: d6:ed:72:61:73:6f:61:db:c3:46:f2:1d:f3:be:ac: e4:d2:b0:a6:b5:fa:66:40:e3:fe:c5:49:8c:66:80: f3:ad:bd:63:a7:30:5b:86:6c:8e:df:0e:a6:47:39: 99:18:9a:4e:25:c9:0f:9e:6b:83:e3:2c:db:72:84: 84:52:ab:8d:69:e2:87:fb:71:c0:d3:ea:21:db:f6: 8f:27:3f:9b:9c:33:e3:07:29:ec:d4:64:c5:dd:17: 9a:3c:e7:e5:92:ee:e2:52:df:7b:cd:b5:e9:c3:54: df:24:07:e5:ad:e3:9e:7b:73:bc:47:43:5c:58:de: e1:e3:66:32:7e:a9:82:b9:fb:50:5e:87:6a:39:d1: 7b:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:89:C3:45:23:A9:44:92:64:B4:38:B5:9B:9D:A4:42:DB:27:DE:E5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/116071fa-fa33-4a2f-9343-0d57551a9223.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:6060::/48 Signature Algorithm: sha256WithRSAEncryption 95:1b:5a:21:b4:34:64:56:11:9f:2f:cb:90:1d:72:36:86:0b: d6:a8:63:c4:78:bf:f8:0f:e1:14:c9:00:6c:3d:54:7c:ba:87: d2:6d:fd:cd:3f:ce:63:e9:70:25:a5:27:c0:ab:d9:58:59:b0: 1e:6c:8b:01:06:cd:66:a0:45:e3:53:48:eb:fa:a2:01:2b:39: e0:c7:89:4a:b1:e5:c9:c6:26:26:73:c9:f0:72:cb:33:90:4c: 1c:c5:bc:34:6d:d4:6a:9a:1c:c0:ea:ab:eb:14:e5:54:2c:b3: 77:05:85:1f:4d:3f:49:f1:2c:3c:a7:48:38:5f:47:38:d9:88: af:9a:80:9f:27:7d:58:4a:ef:b2:72:37:5a:4e:83:9a:30:f9: ef:71:ea:55:a3:ae:c6:b4:32:68:6b:92:06:f3:8f:f2:1f:5a: d0:38:76:c7:68:b4:e0:18:04:6d:21:62:be:f4:96:ef:91:3a: 37:6d:8e:46:f5:0f:89:4b:d7:fa:4a:61:6b:2a:62:59:a2:68: b7:a5:ef:20:d8:90:0d:3b:41:4d:fd:b9:bd:77:ef:a3:dd:f5: a5:e2:f7:6e:1c:96:2d:0a:4b:72:f1:b0:9d:2e:16:db:c7:13: 15:dd:08:05:8f:6e:c2:69:20:e4:ce:07:96:d3:8e:d2:2b:d1: 4f:9c:b9:73 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUaXjJfDu+5oHrm9aatTphpePsgycwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwNDEwMloX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAZmU3MDM5NGQ3ZmM3ZmEyNWFmNGQ3 Y2M4YTM3NTAzOGUwZTlhYjAyOWNmYzQwMmM3ODM1YmFhYWJjNDgyMWU5MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymUsKWJ1MfrwqlQEBfSONC0BD9dy G4x9PZACZCOaQ9AmchQ3+Kqek++3JPK1k+gMJhFj3ZZlRioQ/KvkprM25cgXdCsr Dk410/zqdJIkL//CaAgi6w7+UOhNG6RPkUlH1i+I7yxU98OGNy4ue6ZSXRpTrmie DSnW7XJhc29h28NG8h3zvqzk0rCmtfpmQOP+xUmMZoDzrb1jpzBbhmyO3w6mRzmZ GJpOJckPnmuD4yzbcoSEUquNaeKH+3HA0+oh2/aPJz+bnDPjByns1GTF3ReaPOfl ku7iUt97zbXpw1TfJAflreOee3O8R0NcWN7h42YyfqmCuftQXodqOdF78wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDyJw0UjqUSSZLQ4tZudpELbJ97lMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzExNjA3MWZhLWZhMzMtNGEyZi05MzQzLTBkNTc1NTFhOTIyMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAGBgMA0GCSqGSIb3DQEBCwUAA4IBAQCVG1ohtDRkVhGfL8uQ HXI2hgvWqGPEeL/4D+EUyQBsPVR8uofSbf3NP85j6XAlpSfAq9lYWbAebIsBBs1m oEXjU0jr+qIBKzngx4lKseXJxiYmc8nwcsszkEwcxbw0bdRqmhzA6qvrFOVULLN3 BYUfTT9J8Sw8p0g4X0c42YivmoCfJ31YSu+ycjdaToOaMPnvcepVo67GtDJoa5IG 84/yH1rQOHbHaLTgGARtIWK+9JbvkTo3bY5G9Q+JS9f6SmFrKmJZomi3pe8g2JAN O0FN/bm9d++j3fWl4vduHJYtCkty8bCdLhbbxxMV3QgFj27CaSDkzgeW047SK9FP nLlz -----END CERTIFICATE-----Generated at Sat Aug 23 06:40:13 2025 by rpki-client