$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b5da987-69f3-4f12-aa3b-0d6f9ae4c06c.roa File: 1b5da987-69f3-4f12-aa3b-0d6f9ae4c06c.roa (raw, json) Hash identifier: tqKSLapGCUlNCkrDJXuy+9pjQZDJsGQ6b5nP4ZxdpP8= Subject key identifier: 38:C7:43:BD:D3:F0:6F:EF:E9:75:2A:AD:4C:65:7B:41:25:41:79:53 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7528292AA75E760B4D21135434614D7D9D957698 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b5da987-69f3-4f12-aa3b-0d6f9ae4c06c.roa Signing time: Sat 23 Aug 2025 00:01:16 +0000 ROA not before: Sat 23 Aug 2025 00:01:16 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:4020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:28:29:2a:a7:5e:76:0b:4d:21:13:54:34:61:4d:7d:9d:95:76:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:01:16 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=08e0d8192aefda153ad2cb555251161d46ee25d4d9646f4747559bdb2e047d30, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:a9:e1:5f:48:d4:7b:49:fc:b7:10:95:55:a7: 5b:ea:f5:35:8d:ec:99:37:18:55:8b:93:69:fd:10: 75:b2:70:95:c8:3f:f0:1e:b7:40:5b:2b:02:dd:b3: f0:d3:51:31:f6:2e:e4:53:d6:fd:8c:ec:54:70:d0: a7:27:da:65:21:ba:f5:84:e7:a5:46:01:0a:69:43: 73:0a:a4:12:af:93:f6:f3:9a:7f:f0:bc:bf:01:c1: f3:a7:01:77:f0:6e:bb:14:37:ad:d9:d9:cb:d0:a1: 7a:d2:f7:1a:46:3d:66:d3:ef:db:de:a2:d3:8b:80: 95:86:71:30:76:16:a4:3a:d0:58:ee:b9:e5:6c:64: 97:6e:23:84:ab:0e:a4:49:8e:86:1a:27:80:24:5f: 35:ff:e2:a7:22:69:fd:37:ae:15:f5:a0:a2:52:f8: 03:07:4b:c6:65:e2:44:20:5e:42:88:41:a9:d4:e6: b0:0a:ee:b5:6f:f4:bf:d4:3c:6f:26:e9:91:98:78: 6c:17:81:19:27:17:51:a2:37:40:69:81:70:f1:8d: 22:fe:75:c6:c5:0b:76:b0:a4:4a:36:56:cc:56:d2: 4e:95:df:28:2e:cd:fe:5f:2e:44:3b:97:a4:96:f0: 22:02:50:79:b0:82:ce:38:8b:84:b7:98:59:13:be: bc:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:C7:43:BD:D3:F0:6F:EF:E9:75:2A:AD:4C:65:7B:41:25:41:79:53 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b5da987-69f3-4f12-aa3b-0d6f9ae4c06c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:4020::/48 Signature Algorithm: sha256WithRSAEncryption 0e:7e:0c:6d:e0:ec:39:91:45:b5:7a:b4:d7:73:36:19:b6:44: 25:d3:99:c0:75:6a:5f:f9:47:ff:5b:90:df:45:71:ec:43:aa: b6:6c:c6:1b:08:96:c6:4b:59:64:e9:a6:87:ef:22:0c:c2:24: 23:7f:21:7d:c8:47:29:91:7b:7d:ce:6e:42:8a:10:1d:a9:c7: 72:e4:0f:5d:ac:6a:1a:88:09:43:b4:2e:7d:51:76:da:ea:94: 57:24:02:24:77:a1:ed:64:4a:4e:38:37:fa:c6:40:c3:51:5a: c0:6d:d7:d0:34:ee:8f:aa:16:39:b6:59:49:2c:45:d5:2c:62: 36:c8:8a:cb:6e:2c:57:26:d4:db:56:c2:b5:be:09:6e:7b:39: 95:4a:9b:35:34:4f:1a:1f:c6:91:e2:64:2d:59:9c:88:fc:74: 03:85:86:15:2a:d7:cd:b7:c4:33:9a:de:5d:b5:f3:de:bc:f8: c0:8d:1c:de:d8:53:f0:ce:63:4e:e9:69:2a:02:fa:33:9b:be: ce:59:87:fa:fa:26:09:0f:20:00:75:17:e3:72:2c:31:f8:09: 0d:34:e8:3e:26:b3:91:2d:cc:e9:cb:c4:58:ea:2d:72:e1:a3: 45:b7:6b:44:ad:7c:e0:f1:36:45:c6:2e:eb:17:c4:80:fa:eb: 0d:7f:99:2d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUdSgpKqdedgtNIRNUNGFNfZ2VdpgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMDExNloX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAMDhlMGQ4MTkyYWVmZGExNTNhZDJj YjU1NTI1MTE2MWQ0NmVlMjVkNGQ5NjQ2ZjQ3NDc1NTliZGIyZTA0N2QzMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6nhX0jUe0n8txCVVadb6vU1jeyZ NxhVi5Np/RB1snCVyD/wHrdAWysC3bPw01Ex9i7kU9b9jOxUcNCnJ9plIbr1hOel RgEKaUNzCqQSr5P285p/8Ly/AcHzpwF38G67FDet2dnL0KF60vcaRj1m0+/b3qLT i4CVhnEwdhakOtBY7rnlbGSXbiOEqw6kSY6GGieAJF81/+KnImn9N64V9aCiUvgD B0vGZeJEIF5CiEGp1OawCu61b/S/1DxvJumRmHhsF4EZJxdRojdAaYFw8Y0i/nXG xQt2sKRKNlbMVtJOld8oLs3+Xy5EO5eklvAiAlB5sILOOIuEt5hZE768DQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDjHQ73T8G/v6XUqrUxle0ElQXlTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFiNWRhOTg3LTY5ZjMtNGYxMi1hYTNiLTBkNmY5YWU0YzA2Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAEAgMA0GCSqGSIb3DQEBCwUAA4IBAQAOfgxt4Ow5kUW1erTX czYZtkQl05nAdWpf+Uf/W5DfRXHsQ6q2bMYbCJbGS1lk6aaH7yIMwiQjfyF9yEcp kXt9zm5CihAdqcdy5A9drGoaiAlDtC59UXba6pRXJAIkd6HtZEpOODf6xkDDUVrA bdfQNO6PqhY5tllJLEXVLGI2yIrLbixXJtTbVsK1vgluezmVSps1NE8aH8aR4mQt WZyI/HQDhYYVKtfNt8Qzmt5dtfPevPjAjRze2FPwzmNO6WkqAvozm77OWYf6+iYJ DyAAdRfjciwx+AkNNOg+JrORLczpy8RY6i1y4aNFt2tErXzg8TZFxi7rF8SA+usN f5kt -----END CERTIFICATE-----Generated at Sat Aug 23 06:45:24 2025 by rpki-client