$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa File: 2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa (raw, json) Hash identifier: 68H45/nA5494z4qkj5eVELpPVF9IowRx39VO7V5UCFw= Subject key identifier: 23:35:2E:90:02:47:92:6D:D7:FB:5F:45:DF:BE:15:06:63:41:8B:A1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 56A682E44AA1EB6FF24F75C5832A1BE8BD4E671C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa Signing time: Mon 18 Aug 2025 15:00:45 +0000 ROA not before: Mon 18 Aug 2025 15:00:45 +0000 ROA not after: Mon 22 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf9::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:a6:82:e4:4a:a1:eb:6f:f2:4f:75:c5:83:2a:1b:e8:bd:4e:67:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 18 15:00:45 2025 GMT Not After : Sep 22 23:59:59 2025 GMT Subject: serialNumber=a5c6dc165ce6cbf4514eb4fb31a08d1dc4bb9e9c919abccb62ed0938042d4077, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:d5:ca:f6:96:ab:6c:52:41:aa:02:95:f7:ed: cd:e0:01:df:1d:a3:e4:90:a3:fd:52:14:38:90:d1: ed:f8:c7:8a:09:54:f3:da:b3:24:b1:80:47:b5:58: 93:c3:4e:12:ac:4e:78:1d:b3:cb:dd:2c:95:f6:1d: c4:c9:80:82:9c:6c:03:8d:3e:00:5c:c2:5b:ff:4c: 9d:6e:df:b1:79:1a:78:59:62:d6:4c:67:a3:63:46: 6a:cb:ee:47:bd:ae:ce:c1:3c:5c:ab:b0:81:3c:e6: ef:0c:fa:a4:06:87:46:2b:56:3e:9d:bd:e1:d1:95: b9:dd:62:97:01:4e:9d:a4:2d:ff:58:80:b0:96:05: 74:7e:37:30:2d:0b:ec:65:e3:55:dd:57:7a:3a:d8: 6f:93:d5:b6:c0:d3:ee:77:d5:dd:35:ad:a9:08:c7: fe:9f:ce:74:2c:c1:01:08:53:5f:83:29:f6:ac:bc: ac:2b:79:07:43:7f:b5:b0:39:14:ef:2c:6f:b3:b7: 6d:06:bc:c7:9c:34:9b:56:01:bc:4e:01:23:96:b0: 8f:4b:cf:01:94:6c:62:9e:54:fb:b0:0f:59:b5:83: 09:1d:31:c6:94:b3:5c:98:0b:64:64:cf:f1:0b:9c: 29:ef:fd:dc:64:7e:19:b3:2b:bf:ce:fb:c0:94:5d: 13:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:35:2E:90:02:47:92:6D:D7:FB:5F:45:DF:BE:15:06:63:41:8B:A1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf9::/32 Signature Algorithm: sha256WithRSAEncryption c8:5a:0a:cf:96:b7:ba:a2:60:66:60:3f:0c:90:e4:fb:08:a9: 2a:18:fd:5e:39:2a:ca:cc:7a:59:18:30:34:b3:d6:1c:d9:f9: 3a:b5:fc:c0:a3:32:66:8d:31:03:c0:f2:42:e6:f6:06:ef:6d: 8c:86:80:e8:e4:27:e5:b7:b8:da:d8:bc:31:5f:0b:46:41:08: 18:c5:7d:c7:c8:0f:d4:93:55:82:c7:9f:f0:a1:ab:64:01:a1: 09:0c:6e:f1:ce:d6:16:5f:b0:fe:71:f8:1c:22:41:c8:a0:8c: e2:68:c7:c1:fa:22:61:78:d7:5b:8d:80:08:ff:4e:07:f8:62: 71:7c:fb:84:77:ef:6b:4c:c0:24:39:d3:90:cf:34:eb:23:a1: 35:23:90:1a:83:37:32:87:f1:f0:1a:58:ab:6a:88:50:d7:ff: 58:38:39:f7:3e:a8:86:a3:2f:08:4b:64:ec:a9:23:b5:2d:3f: 47:f4:cd:68:eb:66:ef:c7:b5:55:ef:b5:f5:38:a8:1f:d6:f2: 6d:4d:38:41:5d:ee:39:9f:35:7c:06:a4:69:07:2b:73:d0:22: c3:06:a6:ed:ed:aa:98:1d:89:cd:e8:cb:23:7b:7a:43:e2:66: 2f:41:f4:97:49:ae:52:90:40:b6:10:36:3a:f0:47:2f:2c:c9: 23:5e:ae:e9 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUVqaC5Eqh62/yT3XFgyob6L1OZxwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxODE1MDA0NVoX DTI1MDkyMjIzNTk1OVowejFJMEcGA1UEBRNAYTVjNmRjMTY1Y2U2Y2JmNDUxNGVi NGZiMzFhMDhkMWRjNGJiOWU5YzkxOWFiY2NiNjJlZDA5MzgwNDJkNDA3NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNXK9parbFJBqgKV9+3N4AHfHaPk kKP9UhQ4kNHt+MeKCVTz2rMksYBHtViTw04SrE54HbPL3SyV9h3EyYCCnGwDjT4A XMJb/0ydbt+xeRp4WWLWTGejY0Zqy+5Hva7OwTxcq7CBPObvDPqkBodGK1Y+nb3h 0ZW53WKXAU6dpC3/WICwlgV0fjcwLQvsZeNV3Vd6Othvk9W2wNPud9XdNa2pCMf+ n850LMEBCFNfgyn2rLysK3kHQ3+1sDkU7yxvs7dtBrzHnDSbVgG8TgEjlrCPS88B lGxinlT7sA9ZtYMJHTHGlLNcmAtkZM/xC5wp7/3cZH4Zsyu/zvvAlF0TuQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFCM1LpACR5Jt1/tfRd++FQZjQYuhMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJkODJkNjhjLWI2NjAtNDAxOC05ZmIxLWE5NmM5ZmRkNzc5My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAba+TANBgkqhkiG9w0BAQsFAAOCAQEAyFoKz5a3uqJgZmA/DJDk +wipKhj9Xjkqysx6WRgwNLPWHNn5OrX8wKMyZo0xA8DyQub2Bu9tjIaA6OQn5be4 2ti8MV8LRkEIGMV9x8gP1JNVgsef8KGrZAGhCQxu8c7WFl+w/nH4HCJByKCM4mjH wfoiYXjXW42ACP9OB/hicXz7hHfva0zAJDnTkM806yOhNSOQGoM3Mofx8BpYq2qI UNf/WDg59z6ohqMvCEtk7KkjtS0/R/TNaOtm78e1Ve+19TioH9bybU04QV3uOZ81 fAakaQcrc9Aiwwam7e2qmB2JzejLI3t6Q+JmL0H0l0muUpBAthA2OvBHLyzJI16u 6Q== -----END CERTIFICATE-----Generated at Sat Aug 23 06:45:01 2025 by rpki-client