$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/28ff52d2-0135-4def-a017-40424079b2a7.roa File: 28ff52d2-0135-4def-a017-40424079b2a7.roa (raw, json) Hash identifier: b9/gU2rN8PKg+WJ65OuDR7jS/WDIm0O1iEAoDOXbluY= Subject key identifier: 4C:F3:56:0D:22:BF:39:76:96:13:33:EC:15:FB:18:F6:6B:96:94:6E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 08B22DB5FDFFED3B639DC4427A185EB96FF87C49 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/28ff52d2-0135-4def-a017-40424079b2a7.roa Signing time: Sat 23 Aug 2025 00:01:10 +0000 ROA not before: Sat 23 Aug 2025 00:01:10 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:b2:2d:b5:fd:ff:ed:3b:63:9d:c4:42:7a:18:5e:b9:6f:f8:7c:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:01:10 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=5d230967786c96b418856143472cbc9f07712b22dafce18c1999327bf1a9b348, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:ee:49:07:3d:1d:50:75:10:9b:2e:9d:4b:88: ba:bc:0c:34:87:9f:79:0b:95:82:f3:1f:3e:1b:48: aa:07:dd:c6:95:4f:d6:df:90:b9:23:21:fe:61:e1: e6:73:ae:7d:5f:93:98:e1:87:f3:63:ba:6f:bb:de: 36:cf:3f:b1:78:25:c4:8e:3e:c6:6a:96:d3:3e:fc: 88:6f:78:7a:71:c3:5d:1d:d8:f8:b4:bf:68:c8:7a: 37:19:ea:3b:07:2e:86:76:ee:f9:a9:d8:6f:83:cc: 80:5a:43:b1:cf:81:62:ab:c0:50:cd:c1:9e:1e:d7: b3:19:90:ea:4c:3b:16:46:68:ac:31:50:f6:f3:38: 8b:9c:bc:3c:02:29:04:22:fd:c2:5b:54:af:b3:86: 23:f7:12:ea:e7:23:95:ab:03:6e:f3:28:63:50:aa: b9:34:f0:63:bf:75:d2:cc:91:91:36:bb:36:78:13: 86:d7:90:4b:b8:38:06:68:b8:72:d5:19:a6:1b:7e: b5:34:d6:be:ba:d4:2f:ac:21:de:71:71:61:a9:e3: ad:27:ce:3a:32:f3:f5:73:68:df:78:ca:0f:3a:4d: 6e:25:fc:34:6d:57:9c:27:ca:a6:86:a2:0b:b5:4d: 54:fd:3c:b2:85:4e:e1:f3:8b:85:41:8e:c0:33:c0: f0:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:F3:56:0D:22:BF:39:76:96:13:33:EC:15:FB:18:F6:6B:96:94:6E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/28ff52d2-0135-4def-a017-40424079b2a7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:880::/48 Signature Algorithm: sha256WithRSAEncryption b5:39:29:33:9b:d0:9f:fb:bc:8f:80:cc:de:05:0a:f0:ad:ce: 95:0f:36:7d:1f:e7:18:ec:eb:48:7b:65:52:31:28:30:75:7f: b7:e8:fb:ec:29:45:9f:b1:e3:2b:f2:32:ea:f8:c2:b5:8f:dc: 6c:4f:8a:47:5b:5d:29:55:21:81:26:c4:d3:d3:93:3c:2b:76: 56:f8:bf:43:74:cd:a5:5e:4a:14:07:68:24:d5:dd:b1:df:9e: 33:7c:5f:48:ef:c8:d8:0d:73:e9:a4:f8:9c:46:da:4a:fe:e5: 4e:16:64:cf:16:c8:12:5f:e3:fe:a6:80:08:e9:e7:df:48:b6: 7d:ba:54:a7:48:88:f6:4a:c3:d3:c7:f1:55:b8:60:2d:e4:0f: 36:47:20:d4:07:15:63:7c:10:37:89:7e:7e:36:07:5e:22:ba: 97:4b:fd:fa:6f:81:90:f7:39:65:e8:67:14:c6:6a:a4:5b:94: 47:9e:65:18:a9:a0:41:45:78:af:8c:58:ce:38:14:8e:27:2a: e3:1e:50:11:2f:dc:7a:1a:da:c5:4e:4d:c2:92:e3:83:76:75: 5d:8c:af:4a:04:23:a4:b0:25:ec:0d:17:dd:b3:0c:27:ed:f9: 02:b6:d4:6a:26:a3:27:65:cc:e1:ee:1e:7f:a1:02:92:fe:1d: 27:bc:aa:de -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUCLIttf3/7TtjncRCehheuW/4fEkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMDExMFoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNANWQyMzA5Njc3ODZjOTZiNDE4ODU2 MTQzNDcyY2JjOWYwNzcxMmIyMmRhZmNlMThjMTk5OTMyN2JmMWE5YjM0ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+5JBz0dUHUQmy6dS4i6vAw0h595 C5WC8x8+G0iqB93GlU/W35C5IyH+YeHmc659X5OY4YfzY7pvu942zz+xeCXEjj7G apbTPvyIb3h6ccNdHdj4tL9oyHo3Geo7By6Gdu75qdhvg8yAWkOxz4Fiq8BQzcGe HtezGZDqTDsWRmisMVD28ziLnLw8AikEIv3CW1Svs4Yj9xLq5yOVqwNu8yhjUKq5 NPBjv3XSzJGRNrs2eBOG15BLuDgGaLhy1RmmG361NNa+utQvrCHecXFhqeOtJ846 MvP1c2jfeMoPOk1uJfw0bVecJ8qmhqILtU1U/TyyhU7h84uFQY7AM8DwvwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEzzVg0ivzl2lhMz7BX7GPZrlpRuMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI4ZmY1MmQyLTAxMzUtNGRlZi1hMDE3LTQwNDI0MDc5YjJhNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/wiAMA0GCSqGSIb3DQEBCwUAA4IBAQC1OSkzm9Cf+7yPgMze BQrwrc6VDzZ9H+cY7OtIe2VSMSgwdX+36PvsKUWfseMr8jLq+MK1j9xsT4pHW10p VSGBJsTT05M8K3ZW+L9DdM2lXkoUB2gk1d2x354zfF9I78jYDXPppPicRtpK/uVO FmTPFsgSX+P+poAI6effSLZ9ulSnSIj2SsPTx/FVuGAt5A82RyDUBxVjfBA3iX5+ NgdeIrqXS/36b4GQ9zll6GcUxmqkW5RHnmUYqaBBRXivjFjOOBSOJyrjHlARL9x6 GtrFTk3CkuODdnVdjK9KBCOksCXsDRfdswwn7fkCttRqJqMnZczh7h5/oQKS/h0n vKre -----END CERTIFICATE-----Generated at Sat Aug 23 12:01:35 2025 by rpki-client