$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2c5cdd49-e98b-4e3d-8a61-094f381d2fae.roa File: 2c5cdd49-e98b-4e3d-8a61-094f381d2fae.roa (raw, json) Hash identifier: SIomZM+0ENNpfknypz8o7Q9OU493DZIy0w/rB4VTNmQ= Subject key identifier: 2B:D9:ED:8C:66:5A:45:36:94:12:37:B0:71:42:5C:80:5A:2E:21:77 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 09B9083E7B56C40E9DA9736884B5460CB6F75DA5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2c5cdd49-e98b-4e3d-8a61-094f381d2fae.roa Signing time: Fri 22 Aug 2025 00:10:57 +0000 ROA not before: Fri 22 Aug 2025 00:10:57 +0000 ROA not after: Fri 26 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:9040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:b9:08:3e:7b:56:c4:0e:9d:a9:73:68:84:b5:46:0c:b6:f7:5d:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 22 00:10:57 2025 GMT Not After : Sep 26 23:59:59 2025 GMT Subject: serialNumber=626491022764d1fb30d30147fc8f3c577eeb50b431fe6ad38e9ed442d1f580f5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:f9:d8:9f:0a:7a:20:63:d5:b5:09:fc:c8:5f: ac:1b:c3:0f:7b:7e:4d:fe:d5:0a:61:94:ea:e4:ad: 0a:fe:cf:56:d1:43:75:3a:8d:bf:1e:29:21:5c:40: 2a:06:01:75:7a:25:46:e7:dc:10:52:0a:e7:31:fe: 22:d4:40:67:8b:b4:03:55:dc:4a:f4:74:8c:fd:b5: 72:6d:62:bb:34:d3:b4:61:d0:a1:e3:5f:29:ca:15: 25:3c:b2:82:ed:76:eb:be:40:f6:9d:d5:78:76:6d: f8:3f:cb:3f:ed:37:8c:70:cd:53:9e:79:0a:27:f9: d4:13:5e:e4:15:04:5b:fd:6f:b9:2b:98:d9:b7:b5: d3:f2:27:83:c6:d5:53:01:b3:e7:1b:fc:01:60:21: 88:1e:90:83:82:58:c4:f2:89:66:16:15:6b:35:08: 51:1f:e7:a7:1e:4d:bf:c3:87:ad:f8:ad:3b:0a:28: 94:0d:4d:82:58:63:66:8a:06:db:97:3a:fe:97:89: 0d:a8:87:62:c8:b8:0c:7a:7a:7c:0f:b3:cd:4c:39: c3:5e:b6:dc:ce:4a:ac:ba:89:72:87:2e:19:83:ff: e0:1a:b4:df:76:2c:92:d3:ba:b6:f3:b1:c6:52:41: 57:26:fd:e0:48:31:0d:7e:c1:b0:83:ed:3d:4a:51: 4a:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:D9:ED:8C:66:5A:45:36:94:12:37:B0:71:42:5C:80:5A:2E:21:77 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2c5cdd49-e98b-4e3d-8a61-094f381d2fae.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:9040::/48 Signature Algorithm: sha256WithRSAEncryption 7a:1b:4a:a6:da:34:bc:e7:0e:e6:99:4d:da:53:91:b0:4e:21: 72:c5:aa:3e:0c:6a:3c:bc:29:6f:6d:a1:ff:aa:3d:66:b6:19: ac:63:1f:47:c6:51:01:7b:ec:b2:63:83:05:91:81:f6:94:a1: 85:3c:5b:3e:62:3e:32:8c:f3:bd:42:4a:62:1d:c2:0b:96:49: 8b:25:84:56:33:65:01:67:63:ca:4a:4d:e2:87:6b:c7:7e:d5: 9d:40:bd:5f:e0:99:01:cf:0b:30:07:06:e0:41:1f:51:0e:cb: ad:b7:cf:9b:05:5d:a1:7c:93:57:ff:07:6d:4f:8c:6e:8c:bd: 91:04:47:60:60:3b:e3:77:3b:e5:19:4a:2a:20:81:6f:8d:64: 68:af:91:5a:81:a2:fd:ae:07:02:64:8d:df:71:b9:14:e0:33: 4b:19:23:36:bb:46:36:42:8c:c4:c2:b1:38:dd:a7:29:2f:c4: 4d:f1:bd:a6:f6:61:a5:98:25:34:b9:23:bd:87:a7:4a:cf:70: ac:51:ae:96:63:6d:3d:e5:d8:8f:11:57:e6:60:0b:fb:77:48: 01:03:43:64:cb:d0:29:ce:f0:1e:ca:99:51:d4:c0:ea:14:6b: 1c:89:ba:05:8e:51:7d:7c:fa:df:49:c6:65:0d:e2:21:80:3c: d8:0b:1d:a1 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUCbkIPntWxA6dqXNohLVGDLb3XaUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMjAwMTA1N1oX DTI1MDkyNjIzNTk1OVowejFJMEcGA1UEBRNANjI2NDkxMDIyNzY0ZDFmYjMwZDMw MTQ3ZmM4ZjNjNTc3ZWViNTBiNDMxZmU2YWQzOGU5ZWQ0NDJkMWY1ODBmNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfnYnwp6IGPVtQn8yF+sG8MPe35N /tUKYZTq5K0K/s9W0UN1Oo2/HikhXEAqBgF1eiVG59wQUgrnMf4i1EBni7QDVdxK 9HSM/bVybWK7NNO0YdCh418pyhUlPLKC7XbrvkD2ndV4dm34P8s/7TeMcM1TnnkK J/nUE17kFQRb/W+5K5jZt7XT8ieDxtVTAbPnG/wBYCGIHpCDgljE8olmFhVrNQhR H+enHk2/w4et+K07CiiUDU2CWGNmigbblzr+l4kNqIdiyLgMenp8D7PNTDnDXrbc zkqsuolyhy4Zg//gGrTfdiyS07q287HGUkFXJv3gSDENfsGwg+09SlFKvwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCvZ7YxmWkU2lBI3sHFCXIBaLiF3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJjNWNkZDQ5LWU5OGItNGUzZC04YTYxLTA5NGYzODFkMmZhZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAJBAMA0GCSqGSIb3DQEBCwUAA4IBAQB6G0qm2jS85w7mmU3a U5GwTiFyxao+DGo8vClvbaH/qj1mthmsYx9HxlEBe+yyY4MFkYH2lKGFPFs+Yj4y jPO9QkpiHcILlkmLJYRWM2UBZ2PKSk3ih2vHftWdQL1f4JkBzwswBwbgQR9RDsut t8+bBV2hfJNX/wdtT4xujL2RBEdgYDvjdzvlGUoqIIFvjWRor5FagaL9rgcCZI3f cbkU4DNLGSM2u0Y2QozEwrE43acpL8RN8b2m9mGlmCU0uSO9h6dKz3CsUa6WY209 5diPEVfmYAv7d0gBA0Nky9ApzvAeyplR1MDqFGsciboFjlF9fPrfScZlDeIhgDzY Cx2h -----END CERTIFICATE-----Generated at Sat Aug 23 08:11:48 2025 by rpki-client