$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/18c0c353-8021-483e-a98b-44dbaff4b805.roa File: 18c0c353-8021-483e-a98b-44dbaff4b805.roa (raw, json) Hash identifier: JD1fdKfbI5LCbKuz5ufL8kpQ7/gDHEjGosQ/HV877Ws= Subject key identifier: 85:8E:78:4D:A6:0C:EC:97:43:52:05:8B:AC:90:77:15:8A:32:4A:F0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 614F180E82323A2B561CD3B16CC15E9E04C07A01 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/18c0c353-8021-483e-a98b-44dbaff4b805.roa Signing time: Sat 23 Aug 2025 00:11:05 +0000 ROA not before: Sat 23 Aug 2025 00:11:05 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:6080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:4f:18:0e:82:32:3a:2b:56:1c:d3:b1:6c:c1:5e:9e:04:c0:7a:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:11:05 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=a16f133fb8eb3bde108be91fe97a3a6f0960946a9a7e8c90160311a625f87666, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:78:73:78:98:99:1b:18:11:44:57:b7:00:42: 5c:22:29:5b:f9:75:89:8f:e7:59:40:7c:2f:1e:27: b6:36:65:05:83:19:4b:a1:09:1c:50:86:78:88:79: f4:36:ac:3e:dd:99:be:b3:c3:4b:41:6a:d2:d5:14: d3:8b:3e:69:29:65:26:26:be:73:dc:ed:ec:5b:34: ab:a3:b0:34:e9:7a:e0:b7:5e:7c:cf:69:d5:61:6a: c8:50:f1:2f:a7:d3:39:f8:9d:f9:36:78:01:82:40: 70:23:25:9e:49:ac:65:d1:54:e8:b3:78:2a:44:ce: 70:d6:f4:3a:68:69:34:f8:1d:95:63:17:48:17:22: bb:5e:92:7f:44:bc:03:d9:10:bb:0c:e3:39:4f:65: 57:ea:81:a4:1a:11:bd:fd:19:bf:6e:94:49:99:e2: 5f:4b:c5:ed:02:0b:fa:39:1e:b7:0a:c8:3a:2a:4f: 01:e2:1b:06:ee:dc:29:57:47:69:cb:33:c1:9c:0b: a9:98:14:2b:04:e1:b0:35:e7:68:b1:74:db:8f:61: 3e:71:7a:cd:7c:cb:99:fa:c5:ed:9b:75:85:ff:57: a2:b4:31:13:48:7b:67:70:39:64:f1:75:1c:47:91: 01:f1:68:75:ec:51:4c:bf:57:a5:8d:e3:db:70:05: ae:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:8E:78:4D:A6:0C:EC:97:43:52:05:8B:AC:90:77:15:8A:32:4A:F0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/18c0c353-8021-483e-a98b-44dbaff4b805.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:6080::/48 Signature Algorithm: sha256WithRSAEncryption 61:80:47:a4:18:d3:2f:96:23:e2:2b:b2:88:e2:b7:37:c3:8d: 0c:97:de:fc:63:1e:bb:99:12:71:ba:25:d6:3e:04:b5:47:89: 5c:9a:70:7d:8d:d4:29:60:9b:13:18:55:9a:e4:fd:1d:ef:9a: 4e:aa:9c:45:da:e1:2b:84:44:0f:d3:05:fe:ff:cf:3d:52:86: 87:37:27:61:84:31:09:54:99:5e:6b:4b:95:fc:27:89:17:2e: 75:5d:87:8d:60:45:a0:95:7d:38:ef:47:c2:60:3c:0d:73:a7: 1d:ff:b7:d9:62:45:3b:9c:04:f6:19:f0:31:00:3d:f7:ba:0a: cd:37:2e:e9:e6:5b:cc:84:1b:24:21:20:c3:36:24:93:f7:d2: c9:4e:76:ae:b6:7a:96:48:c0:51:dc:58:77:8e:e7:64:40:f4: a7:2f:56:11:c3:06:4e:85:f3:5f:bd:c3:2b:56:7d:3f:e3:39: 2e:ef:97:ee:40:ad:d5:4c:05:bc:29:84:90:30:24:bc:ca:44: ec:7a:9e:84:4f:76:db:ff:13:e4:22:3b:e2:32:04:f9:b1:63: 66:5d:88:bb:f9:9c:60:8e:63:9d:d5:7c:bc:f5:9a:aa:36:6b: 64:12:fa:20:ce:ab:e7:b0:1a:a2:74:6a:3c:0e:22:d4:7e:33: 50:a9:73:bf -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYU8YDoIyOitWHNOxbMFengTAegEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMTEwNVoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAYTE2ZjEzM2ZiOGViM2JkZTEwOGJl OTFmZTk3YTNhNmYwOTYwOTQ2YTlhN2U4YzkwMTYwMzExYTYyNWY4NzY2NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nhzeJiZGxgRRFe3AEJcIilb+XWJ j+dZQHwvHie2NmUFgxlLoQkcUIZ4iHn0Nqw+3Zm+s8NLQWrS1RTTiz5pKWUmJr5z 3O3sWzSro7A06Xrgt158z2nVYWrIUPEvp9M5+J35NngBgkBwIyWeSaxl0VTos3gq RM5w1vQ6aGk0+B2VYxdIFyK7XpJ/RLwD2RC7DOM5T2VX6oGkGhG9/Rm/bpRJmeJf S8XtAgv6OR63Csg6Kk8B4hsG7twpV0dpyzPBnAupmBQrBOGwNedosXTbj2E+cXrN fMuZ+sXtm3WF/1eitDETSHtncDlk8XUcR5EB8Wh17FFMv1eljePbcAWuDQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIWOeE2mDOyXQ1IFi6yQdxWKMkrwMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE4YzBjMzUzLTgwMjEtNDgzZS1hOThiLTQ0ZGJhZmY0YjgwNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8mCAMA0GCSqGSIb3DQEBCwUAA4IBAQBhgEekGNMvliPiK7KI 4rc3w40Ml978Yx67mRJxuiXWPgS1R4lcmnB9jdQpYJsTGFWa5P0d75pOqpxF2uEr hEQP0wX+/889UoaHNydhhDEJVJlea0uV/CeJFy51XYeNYEWglX0470fCYDwNc6cd /7fZYkU7nAT2GfAxAD33ugrNNy7p5lvMhBskISDDNiST99LJTnautnqWSMBR3Fh3 judkQPSnL1YRwwZOhfNfvcMrVn0/4zku75fuQK3VTAW8KYSQMCS8ykTsep6ET3bb /xPkIjviMgT5sWNmXYi7+ZxgjmOd1Xy89ZqqNmtkEvogzqvnsBqidGo8DiLUfjNQ qXO/ -----END CERTIFICATE-----Generated at Sat Aug 23 08:08:49 2025 by rpki-client