$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/14ac5884-e669-47d5-bcbf-8694e4dc20a6.roa File: 14ac5884-e669-47d5-bcbf-8694e4dc20a6.roa (raw, json) Hash identifier: +uy76M2nVCej+58jhKrg/OrnFQIlY83pZo9nm36hZmw= Subject key identifier: A0:93:27:CC:9D:EA:07:91:0B:E7:4D:3F:6A:40:7A:7E:F2:7D:D6:A3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 74872409A765D5844FA497ACC50DC1886C8A07E7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/14ac5884-e669-47d5-bcbf-8694e4dc20a6.roa Signing time: Sat 23 Aug 2025 00:20:03 +0000 ROA not before: Sat 23 Aug 2025 00:20:03 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:a040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:87:24:09:a7:65:d5:84:4f:a4:97:ac:c5:0d:c1:88:6c:8a:07:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:20:03 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=0929cada0fbe775ad275894d3b090dbd1ac05ef48a78b8f82bd369b20bfc9d03, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:33:30:c6:0a:01:70:3a:29:4d:a3:57:30:6a: 1d:47:af:76:d5:29:ab:28:3b:82:4c:7e:54:aa:2a: a4:ec:3f:51:e0:62:48:06:65:53:13:8f:16:02:d3: 51:1c:f0:6e:4f:98:43:51:3e:d4:19:fe:46:45:33: 55:5b:d4:3f:39:c6:0f:fc:af:37:18:ef:a3:9c:06: 46:33:2b:f4:4f:cf:b1:9b:4c:76:42:59:9e:94:16: 28:d6:55:aa:3a:9a:a1:68:c2:5b:9f:ab:f1:04:0f: 45:84:f8:37:1d:3a:1b:44:d0:92:56:5b:21:c1:02: 90:ad:ab:45:96:fd:8c:27:94:55:59:b5:04:5a:34: 76:c2:f0:6e:bf:e9:ed:c9:1e:c2:9c:87:1c:bd:ee: 1a:49:95:06:b9:92:78:fe:6b:06:f2:04:68:f9:87: 8c:9f:15:57:e8:34:69:ec:94:d2:a8:fa:96:bd:da: 2c:fa:5f:0e:d0:d7:91:65:2a:af:8f:16:4f:65:a1: 97:15:2b:a3:3a:af:aa:6c:21:b2:55:96:b5:d3:e3: 01:8b:a8:15:d2:2b:dc:f1:0d:b0:34:8f:40:2e:30: d5:ed:9e:24:37:77:05:49:2d:30:92:50:ca:eb:1b: 90:35:51:c7:06:35:bb:d3:67:c4:db:e6:cf:eb:40: 8d:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:93:27:CC:9D:EA:07:91:0B:E7:4D:3F:6A:40:7A:7E:F2:7D:D6:A3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/14ac5884-e669-47d5-bcbf-8694e4dc20a6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:a040::/48 Signature Algorithm: sha256WithRSAEncryption 49:87:3f:1a:36:b7:9b:3d:9d:63:87:3b:b4:7d:50:1a:dc:f5: 69:30:21:ea:b2:54:2c:e5:cf:13:21:d9:a8:61:3e:8a:e1:6e: 1e:9d:2e:3e:de:6b:91:c5:cd:cf:1f:78:ba:c0:79:43:18:7b: 33:61:90:47:f7:45:bf:e2:32:e2:6c:a8:96:df:89:e2:a2:2f: 9e:cd:e0:d5:c3:5c:33:c0:bf:bd:82:c7:7b:e3:4e:f1:05:31: f5:0e:46:a2:db:b0:fe:cb:d3:f0:d0:1e:47:a0:54:f8:e9:0b: ab:b3:6d:b2:90:01:dd:d4:e6:10:c6:50:18:50:60:e9:6a:17: db:26:33:db:dc:cd:ec:3d:c2:a7:5b:59:41:a8:37:b5:d6:d2: 98:04:6c:ee:8f:a4:33:c0:fb:9a:ed:32:00:55:9b:31:33:1a: 51:2c:22:a9:69:73:81:b0:c8:2b:1f:d0:40:06:dd:f5:3d:be: 56:d3:db:10:c1:3b:05:4a:20:1a:18:27:58:f5:35:e5:04:d4: f5:3a:0c:66:05:9d:83:62:77:81:5a:d1:99:26:8b:e9:30:60: ee:65:20:d9:6f:bc:aa:72:55:60:e2:50:35:63:ef:2e:49:09: 80:32:44:f2:71:dc:19:a7:e6:a5:8f:9e:46:e9:a3:e5:10:4d: 32:f8:2d:90 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUdIckCadl1YRPpJesxQ3BiGyKB+cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMjAwM1oX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAMDkyOWNhZGEwZmJlNzc1YWQyNzU4 OTRkM2IwOTBkYmQxYWMwNWVmNDhhNzhiOGY4MmJkMzY5YjIwYmZjOWQwMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizMwxgoBcDopTaNXMGodR6921Smr KDuCTH5Uqiqk7D9R4GJIBmVTE48WAtNRHPBuT5hDUT7UGf5GRTNVW9Q/OcYP/K83 GO+jnAZGMyv0T8+xm0x2QlmelBYo1lWqOpqhaMJbn6vxBA9FhPg3HTobRNCSVlsh wQKQratFlv2MJ5RVWbUEWjR2wvBuv+ntyR7CnIccve4aSZUGuZJ4/msG8gRo+YeM nxVX6DRp7JTSqPqWvdos+l8O0NeRZSqvjxZPZaGXFSujOq+qbCGyVZa10+MBi6gV 0ivc8Q2wNI9ALjDV7Z4kN3cFSS0wklDK6xuQNVHHBjW702fE2+bP60CN7QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKCTJ8yd6geRC+dNP2pAen7yfdajMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE0YWM1ODg0LWU2NjktNDdkNS1iY2JmLTg2OTRlNGRjMjBhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYaBAMA0GCSqGSIb3DQEBCwUAA4IBAQBJhz8aNrebPZ1jhzu0 fVAa3PVpMCHqslQs5c8TIdmoYT6K4W4enS4+3muRxc3PH3i6wHlDGHszYZBH90W/ 4jLibKiW34nioi+ezeDVw1wzwL+9gsd7407xBTH1Dkai27D+y9Pw0B5HoFT46Qur s22ykAHd1OYQxlAYUGDpahfbJjPb3M3sPcKnW1lBqDe11tKYBGzuj6QzwPua7TIA VZsxMxpRLCKpaXOBsMgrH9BABt31Pb5W09sQwTsFSiAaGCdY9TXlBNT1OgxmBZ2D YneBWtGZJovpMGDuZSDZb7yqclVg4lA1Y+8uSQmAMkTycdwZp+alj55G6aPlEE0y +C2Q -----END CERTIFICATE-----Generated at Sat Aug 23 08:10:42 2025 by rpki-client