$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19c2d4e6-f756-4329-8ef7-563420636cfb.roa File: 19c2d4e6-f756-4329-8ef7-563420636cfb.roa (raw, json) Hash identifier: kx6ZSt3J/636aPPKdzcVKW6UEIURNTlcVsuhvif44ms= Subject key identifier: E9:76:9C:2B:88:55:CE:2B:67:DD:31:E6:65:BB:6B:8D:F8:72:A9:23 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 63F274EB426C21B50075CA180F52C13BDD942FD1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19c2d4e6-f756-4329-8ef7-563420636cfb.roa Signing time: Wed 20 Aug 2025 00:01:09 +0000 ROA not before: Wed 20 Aug 2025 00:01:09 +0000 ROA not after: Wed 24 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:4000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:f2:74:eb:42:6c:21:b5:00:75:ca:18:0f:52:c1:3b:dd:94:2f:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 20 00:01:09 2025 GMT Not After : Sep 24 23:59:59 2025 GMT Subject: serialNumber=98fe8ec265d16eb40557895c1b157d5c7420a0a0753b9ac760c9475d331cbd32, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fb:3a:17:c5:98:bd:3f:77:23:54:ad:bd:90:8c: 1e:f6:4a:5c:14:8b:53:74:37:8c:09:cf:16:ef:1f: c6:97:46:37:e0:1c:5f:be:46:33:e0:4c:8a:5c:07: aa:b7:19:6d:92:f3:fe:35:ed:13:da:94:92:34:bf: 17:ed:d5:03:8c:a4:12:6d:a1:46:dd:98:03:d8:44: 0a:da:a8:77:62:e2:b8:68:da:ed:92:6a:c0:bf:11: 94:9a:e9:92:cb:a7:93:47:db:6a:c1:a7:b0:d1:ee: e8:5c:82:b8:6d:88:c6:2d:1d:73:53:e4:d4:e6:ca: 2e:fc:13:9f:32:9b:ba:3c:a0:c3:d1:27:a4:9c:2e: 63:66:72:c0:44:30:de:28:3e:49:f3:73:5e:8a:ed: cf:42:fa:95:bb:49:79:71:01:e6:16:18:26:f9:b6: 5f:5d:02:11:05:83:ef:87:3a:d5:8a:94:3e:2e:bb: cb:6d:b8:e9:c1:6b:5e:73:3a:07:11:61:41:3e:e0: f7:3b:7e:c9:97:96:4d:c3:47:82:d1:81:ab:83:61: 40:2a:63:10:fc:cd:05:55:d9:88:12:57:14:6c:b6: 07:41:61:ce:f8:30:98:f9:55:9c:ea:95:60:40:5a: 11:96:45:ef:9c:65:ae:1b:74:7c:59:0b:0d:38:a5: b3:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:76:9C:2B:88:55:CE:2B:67:DD:31:E6:65:BB:6B:8D:F8:72:A9:23 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19c2d4e6-f756-4329-8ef7-563420636cfb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:4000::/48 Signature Algorithm: sha256WithRSAEncryption 31:ae:21:ad:6a:e2:80:6e:41:15:6b:5e:d7:5b:5a:05:87:e7: e7:6b:ab:86:00:66:7e:78:45:51:17:bd:23:73:0b:49:97:5a: 76:12:ec:5c:88:f1:e1:ce:12:25:ba:bf:0c:f7:ed:3c:8f:db: 94:61:64:81:f9:fe:71:a6:2b:bf:55:61:fc:e7:c9:59:04:13: 47:86:2d:b1:87:fc:86:97:4d:37:5d:a8:bd:53:d4:a9:de:3a: ff:9f:82:89:1c:c9:9b:9b:0b:25:fc:b5:75:92:bf:c7:a9:be: 49:42:90:74:5e:ad:07:d6:a4:5d:92:f7:ab:cd:7c:86:a5:64: dd:9a:f0:7a:93:60:a0:02:4d:e4:c8:25:e0:38:44:b2:14:0c: b5:7e:47:f5:b8:71:13:0b:a9:75:22:c4:73:72:03:fc:d7:01: 49:21:a3:d4:f4:51:6e:be:51:4e:a1:c4:bb:45:25:9c:2b:b5: 3c:0a:91:b5:c6:61:bb:ab:2a:06:3a:45:19:b5:bc:a1:2e:dc: f0:00:a2:98:dd:9b:58:36:3f:2c:91:4e:f7:18:20:83:da:6d: 19:40:9b:49:d3:98:87:37:27:ca:5a:19:de:f5:af:ba:09:93: ef:92:1d:c0:b6:ee:59:f8:c9:44:1c:fb:de:e0:33:e2:d9:e1: ee:11:fe:1b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUY/J060JsIbUAdcoYD1LBO92UL9EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMDAwMDEwOVoX DTI1MDkyNDIzNTk1OVowejFJMEcGA1UEBRNAOThmZThlYzI2NWQxNmViNDA1NTc4 OTVjMWIxNTdkNWM3NDIwYTBhMDc1M2I5YWM3NjBjOTQ3NWQzMzFjYmQzMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+zoXxZi9P3cjVK29kIwe9kpcFItT dDeMCc8W7x/Gl0Y34BxfvkYz4EyKXAeqtxltkvP+Ne0T2pSSNL8X7dUDjKQSbaFG 3ZgD2EQK2qh3YuK4aNrtkmrAvxGUmumSy6eTR9tqwaew0e7oXIK4bYjGLR1zU+TU 5sou/BOfMpu6PKDD0SeknC5jZnLARDDeKD5J83Neiu3PQvqVu0l5cQHmFhgm+bZf XQIRBYPvhzrVipQ+LrvLbbjpwWteczoHEWFBPuD3O37Jl5ZNw0eC0YGrg2FAKmMQ /M0FVdmIElcUbLYHQWHO+DCY+VWc6pVgQFoRlkXvnGWuG3R8WQsNOKWz5wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOl2nCuIVc4rZ90x5mW7a434cqkjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE5YzJkNGU2LWY3NTYtNDMyOS04ZWY3LTU2MzQyMDYzNmNmYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9kAAMA0GCSqGSIb3DQEBCwUAA4IBAQAxriGtauKAbkEVa17X W1oFh+fna6uGAGZ+eEVRF70jcwtJl1p2EuxciPHhzhIlur8M9+08j9uUYWSB+f5x piu/VWH858lZBBNHhi2xh/yGl003Xai9U9Sp3jr/n4KJHMmbmwsl/LV1kr/Hqb5J QpB0Xq0H1qRdkverzXyGpWTdmvB6k2CgAk3kyCXgOESyFAy1fkf1uHETC6l1IsRz cgP81wFJIaPU9FFuvlFOocS7RSWcK7U8CpG1xmG7qyoGOkUZtbyhLtzwAKKY3ZtY Nj8skU73GCCD2m0ZQJtJ05iHNyfKWhne9a+6CZPvkh3Atu5Z+MlEHPve4DPi2eHu Ef4b -----END CERTIFICATE-----Generated at Sat Aug 23 06:50:26 2025 by rpki-client