$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24e2e024-4bd3-4f6b-874c-0ef7a4cbebc1.roa File: 24e2e024-4bd3-4f6b-874c-0ef7a4cbebc1.roa (raw, json) Hash identifier: +X43tsjVeSl2I8J4U5kD96w6VGr4e1Vt6lH4dxcThmU= Subject key identifier: 67:3A:90:85:17:9F:53:05:28:63:CD:38:4B:16:7F:13:52:17:17:74 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5AE6587B07A7A64F774FF07C75344A03191A64DD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24e2e024-4bd3-4f6b-874c-0ef7a4cbebc1.roa Signing time: Wed 20 Aug 2025 00:01:17 +0000 ROA not before: Wed 20 Aug 2025 00:01:17 +0000 ROA not after: Wed 24 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:e000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:e6:58:7b:07:a7:a6:4f:77:4f:f0:7c:75:34:4a:03:19:1a:64:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 20 00:01:17 2025 GMT Not After : Sep 24 23:59:59 2025 GMT Subject: serialNumber=928be05b5d6ae3333af683a0f20526d1bd354588378526d51c980572077baa1e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:a0:28:cb:f2:01:6c:08:81:b2:86:35:d2:50: 84:ec:00:70:b3:4a:9d:67:49:4f:8d:bb:1f:f2:4a: 93:79:de:65:f6:b1:e3:f8:24:07:03:16:66:f7:f8: 30:01:1f:38:13:31:9a:c2:b4:c3:d2:e7:4e:49:bc: 78:40:95:74:e7:a7:a9:24:7d:11:ca:d5:47:8d:34: 88:5d:30:c5:04:e7:38:e1:f2:dc:70:c4:ad:8c:cb: 25:fb:a6:2c:c6:7c:7b:87:5e:51:65:4d:2d:15:64: 17:e4:ab:38:6c:36:b1:94:d5:60:0d:33:33:95:a9: ac:a7:f4:45:d1:ab:5a:73:a0:8b:96:a0:7d:6b:e7: 45:6d:4c:60:51:41:6b:20:31:da:b9:b6:9c:58:a3: 6f:d9:07:23:6b:9d:f2:16:e8:80:7e:d8:4d:81:2f: 1b:f4:82:ed:a9:8b:12:64:55:54:cd:d6:19:74:4d: 6c:5d:23:c5:47:51:9e:7e:67:2f:66:e2:3d:c2:db: c0:1a:08:18:e9:71:50:3a:04:8d:e1:e8:db:c0:31: 00:00:16:29:89:72:35:d8:91:b7:b9:e3:eb:55:e8: 78:76:cc:99:15:b4:eb:f2:05:49:ff:dc:e3:81:7a: e7:f5:75:3d:f3:ec:d7:23:78:24:f9:b9:39:99:e3: 2e:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:3A:90:85:17:9F:53:05:28:63:CD:38:4B:16:7F:13:52:17:17:74 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24e2e024-4bd3-4f6b-874c-0ef7a4cbebc1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:e000::/48 Signature Algorithm: sha256WithRSAEncryption 1c:a8:20:72:aa:b3:b0:17:42:ab:04:65:54:e9:e3:b3:7d:64: 03:ad:b6:e4:98:29:c5:40:da:39:52:71:af:a0:8c:40:ed:36: 99:3f:34:8a:40:d0:ea:93:d4:97:a1:7b:18:00:81:fd:66:ec: f5:6d:f9:69:cf:39:53:17:78:8e:3a:fb:84:75:54:a2:46:60: 46:3b:a0:03:31:77:75:4a:a6:da:86:88:0e:3e:b0:89:7f:2a: 2e:83:11:30:96:4a:e6:59:4e:16:a7:0b:7c:33:45:ed:df:e6: 6c:88:f4:e1:93:d3:0c:c0:57:c6:81:4c:48:5d:4d:11:23:66: ec:b6:ea:c3:47:ea:40:38:c6:5c:98:86:c2:4c:1b:00:f4:f1: 3a:89:8e:5b:d8:44:f6:f2:53:6b:f6:4f:da:32:ee:49:5a:c8: 9e:f5:84:81:b1:7d:cf:16:41:f1:cf:34:5c:fa:7b:c1:71:c5: 30:f7:e4:96:9b:e3:60:20:43:0c:9e:66:e9:b1:c5:69:0b:26: ca:b6:43:70:71:1f:f4:b2:2e:ca:7d:a5:04:a7:74:4a:f9:23: 8d:ea:7c:9e:ab:5d:98:83:c8:32:cf:98:ba:1a:f6:c0:99:b7: 37:e2:fd:04:b0:d3:07:8e:91:2c:65:51:96:a3:57:a8:e8:10: d3:25:f3:e9 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWuZYewenpk93T/B8dTRKAxkaZN0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMDAwMDExN1oX DTI1MDkyNDIzNTk1OVowejFJMEcGA1UEBRNAOTI4YmUwNWI1ZDZhZTMzMzNhZjY4 M2EwZjIwNTI2ZDFiZDM1NDU4ODM3ODUyNmQ1MWM5ODA1NzIwNzdiYWExZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaAoy/IBbAiBsoY10lCE7ABws0qd Z0lPjbsf8kqTed5l9rHj+CQHAxZm9/gwAR84EzGawrTD0udOSbx4QJV056epJH0R ytVHjTSIXTDFBOc44fLccMStjMsl+6Ysxnx7h15RZU0tFWQX5Ks4bDaxlNVgDTMz lamsp/RF0atac6CLlqB9a+dFbUxgUUFrIDHaubacWKNv2Qcja53yFuiAfthNgS8b 9ILtqYsSZFVUzdYZdE1sXSPFR1GefmcvZuI9wtvAGggY6XFQOgSN4ejbwDEAABYp iXI12JG3uePrVeh4dsyZFbTr8gVJ/9zjgXrn9XU98+zXI3gk+bk5meMuFQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGc6kIUXn1MFKGPNOEsWfxNSFxd0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI0ZTJlMDI0LTRiZDMtNGY2Yi04NzRjLTBlZjdhNGNiZWJjMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9uAAMA0GCSqGSIb3DQEBCwUAA4IBAQAcqCByqrOwF0KrBGVU 6eOzfWQDrbbkmCnFQNo5UnGvoIxA7TaZPzSKQNDqk9SXoXsYAIH9Zuz1bflpzzlT F3iOOvuEdVSiRmBGO6ADMXd1SqbahogOPrCJfyougxEwlkrmWU4Wpwt8M0Xt3+Zs iPThk9MMwFfGgUxIXU0RI2bsturDR+pAOMZcmIbCTBsA9PE6iY5b2ET28lNr9k/a Mu5JWsie9YSBsX3PFkHxzzRc+nvBccUw9+SWm+NgIEMMnmbpscVpCybKtkNwcR/0 si7KfaUEp3RK+SON6nyeq12Yg8gyz5i6GvbAmbc34v0EsNMHjpEsZVGWo1eo6BDT JfPp -----END CERTIFICATE-----Generated at Sat Aug 23 08:07:28 2025 by rpki-client