$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2bdabc97-6399-477a-86ce-84cce7a29944.roa File: 2bdabc97-6399-477a-86ce-84cce7a29944.roa (raw, json) Hash identifier: zXY8VFfoPY8jZYsKLRXQ/YQZD40MQdX1iIADmhCyu6w= Subject key identifier: 9C:C0:8B:8C:D2:6D:2A:80:52:AD:A5:AB:1B:42:B8:AC:C9:68:E0:1A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 643A96A0BB1064C2D83EA3199C05B2ECCF883CA1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2bdabc97-6399-477a-86ce-84cce7a29944.roa Signing time: Sat 23 Aug 2025 00:10:20 +0000 ROA not before: Sat 23 Aug 2025 00:10:20 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:60c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:3a:96:a0:bb:10:64:c2:d8:3e:a3:19:9c:05:b2:ec:cf:88:3c:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:10:20 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=6cced328edc631182b4e18a4ba7c1c78aa6931fe20cf28979ab3b4246fe015ae, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:d2:4a:77:08:1c:d3:3b:30:44:67:c1:60:c8: 0e:7e:2e:c0:c0:10:dd:a7:66:12:03:24:61:48:f9: 20:c3:2d:08:3e:66:21:79:1d:fd:27:27:58:a8:aa: 44:a5:2f:70:7a:3a:39:21:bb:c8:a9:35:7b:54:63: f1:7f:7a:3d:23:ee:c5:76:3c:e4:7f:3f:1f:2d:3a: a6:9d:89:b7:e2:89:59:f9:bf:23:3a:42:71:ee:f4: 43:eb:f2:ba:ae:ad:d0:0f:0a:e7:10:eb:85:cf:e0: 1c:1a:57:bf:08:fd:c5:02:2f:bc:32:28:be:77:a7: 4a:4e:8e:c5:7a:c4:1b:97:2a:ef:b1:a2:b5:19:b7: 4d:63:07:c0:c4:84:19:01:1e:26:0f:32:68:00:5e: a2:46:a7:d3:fe:64:08:66:67:4e:9c:74:ed:56:d3: f1:7a:eb:5b:d4:74:86:ae:2d:9e:d2:e8:f9:47:e7: 3d:7f:b9:9e:ae:88:53:34:b4:e6:b7:8a:0e:53:9e: 67:cd:9b:a6:55:7f:b9:68:fb:88:d8:46:61:60:35: cf:90:e0:b5:2f:bf:be:2a:86:f6:ce:61:90:86:90: d7:f4:66:49:5a:e7:3e:0e:cc:9d:60:a2:c0:89:13: 09:2b:70:cb:de:69:4f:9e:ef:21:f2:c4:ea:87:51: f6:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:C0:8B:8C:D2:6D:2A:80:52:AD:A5:AB:1B:42:B8:AC:C9:68:E0:1A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2bdabc97-6399-477a-86ce-84cce7a29944.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:60c0::/48 Signature Algorithm: sha256WithRSAEncryption 01:3e:a7:2c:68:66:9b:2d:6d:9f:54:bc:3e:2f:06:57:6d:d5: d2:43:27:8e:40:ef:bd:da:a5:e2:a2:56:b1:c9:15:24:6e:42: 91:ed:e0:86:d4:21:3e:1e:23:b9:6d:9b:13:cd:eb:a5:46:d4: 6f:6c:99:0d:a9:64:b1:2f:a8:8b:8a:b1:af:d3:d1:90:9b:8c: 99:6b:e4:60:db:ac:84:07:43:37:7f:68:b0:9f:fb:3b:c2:a8: e2:a4:cf:5b:0d:5c:99:ce:ec:28:37:5c:96:b7:78:9b:99:c4: 5b:e9:18:da:92:10:ca:ac:c2:60:f1:a0:86:41:9e:05:36:74: 58:d5:06:49:71:12:ef:14:13:1a:33:e9:e8:87:5e:e8:fe:de: 02:d2:1a:97:dd:40:24:c4:0d:53:b8:c3:d1:90:0c:45:5f:2d: e4:73:56:5a:0d:de:69:54:f5:93:04:e3:7c:aa:78:44:4e:8b: 64:90:67:89:7b:5b:c7:18:5d:8f:4f:9b:ed:b5:25:9a:f9:85: cf:86:98:98:70:4a:25:6a:ec:af:92:02:6c:63:1f:cc:09:d2: f7:4a:94:d3:c7:21:14:4e:ce:e7:6a:c8:1d:05:b3:f8:de:7a: 62:7a:9e:a2:25:b6:66:c4:73:2a:43:dd:49:b1:db:19:b4:54: 6b:d3:99:76 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZDqWoLsQZMLYPqMZnAWy7M+IPKEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMTAyMFoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNANmNjZWQzMjhlZGM2MzExODJiNGUx OGE0YmE3YzFjNzhhYTY5MzFmZTIwY2YyODk3OWFiM2I0MjQ2ZmUwMTVhZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6dJKdwgc0zswRGfBYMgOfi7AwBDd p2YSAyRhSPkgwy0IPmYheR39JydYqKpEpS9wejo5IbvIqTV7VGPxf3o9I+7Fdjzk fz8fLTqmnYm34olZ+b8jOkJx7vRD6/K6rq3QDwrnEOuFz+AcGle/CP3FAi+8Mii+ d6dKTo7FesQblyrvsaK1GbdNYwfAxIQZAR4mDzJoAF6iRqfT/mQIZmdOnHTtVtPx eutb1HSGri2e0uj5R+c9f7merohTNLTmt4oOU55nzZumVX+5aPuI2EZhYDXPkOC1 L7++Kob2zmGQhpDX9GZJWuc+DsydYKLAiRMJK3DL3mlPnu8h8sTqh1H2QwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJzAi4zSbSqAUq2lqxtCuKzJaOAaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJiZGFiYzk3LTYzOTktNDc3YS04NmNlLTg0Y2NlN2EyOTk0NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/2DAMA0GCSqGSIb3DQEBCwUAA4IBAQABPqcsaGabLW2fVLw+ LwZXbdXSQyeOQO+92qXiolaxyRUkbkKR7eCG1CE+HiO5bZsTzeulRtRvbJkNqWSx L6iLirGv09GQm4yZa+Rg26yEB0M3f2iwn/s7wqjipM9bDVyZzuwoN1yWt3ibmcRb 6RjakhDKrMJg8aCGQZ4FNnRY1QZJcRLvFBMaM+noh17o/t4C0hqX3UAkxA1TuMPR kAxFXy3kc1ZaDd5pVPWTBON8qnhETotkkGeJe1vHGF2PT5vttSWa+YXPhpiYcEol auyvkgJsYx/MCdL3SpTTxyEUTs7nasgdBbP43npiep6iJbZmxHMqQ91JsdsZtFRr 05l2 -----END CERTIFICATE-----Generated at Sat Aug 23 08:20:37 2025 by rpki-client