$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2ebdc1e9-0e4b-42ff-9a27-800b739897a5.roa File: 2ebdc1e9-0e4b-42ff-9a27-800b739897a5.roa (raw, json) Hash identifier: qbFDVRD7RV5tJN1t8ypyV7SoagDiNSna17IUFLmx0gk= Subject key identifier: 4D:7A:7C:CA:92:BE:27:EF:3B:0C:AA:FC:FA:90:81:12:2A:C0:6C:78 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6B1A5A83594B11378831A3F75B699794783119D8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2ebdc1e9-0e4b-42ff-9a27-800b739897a5.roa Signing time: Fri 22 Aug 2025 00:20:56 +0000 ROA not before: Fri 22 Aug 2025 00:20:56 +0000 ROA not after: Fri 26 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:a080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:1a:5a:83:59:4b:11:37:88:31:a3:f7:5b:69:97:94:78:31:19:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 22 00:20:56 2025 GMT Not After : Sep 26 23:59:59 2025 GMT Subject: serialNumber=a361d36605eae605a17ea038e4a90c3b44dc4e1fa3f89acb83e76d17f5714fd6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:73:06:81:53:62:d3:c6:91:1a:8d:98:3e:04: 79:25:e5:11:37:9f:14:de:ff:f3:35:5c:a7:8a:f0: d0:74:50:6a:87:bc:07:78:9d:5e:8e:55:d5:f6:b6: 0b:6e:bc:c4:33:86:47:39:55:0d:a3:e0:a9:35:50: 60:12:1b:fa:a7:29:d2:40:10:0f:6f:58:f8:f5:5f: bc:18:bd:e3:5c:b6:05:ae:f3:e8:67:0c:95:76:f2: 38:0f:7e:a4:9a:bc:6f:31:02:2a:d8:5a:be:9e:66: 88:71:e1:b2:1d:e6:f3:b0:d1:dd:84:c2:e6:3e:9c: f6:3e:a4:73:01:f4:f7:8e:f5:6b:02:6d:7a:c6:6f: 1f:10:eb:58:29:8c:8b:d6:9f:c5:33:bb:9e:e9:3a: 83:e9:7d:05:6f:cc:52:bd:d2:80:9e:9e:50:3f:8f: 45:1d:bc:15:a0:3a:c7:51:a1:98:fd:67:c5:56:01: 00:9c:9b:d9:78:4f:10:e7:3d:20:76:1f:ec:01:86: 48:b9:36:db:a6:ed:00:4f:30:bf:42:6a:8f:0a:9b: 49:71:78:8d:55:29:20:74:ca:8b:77:eb:fc:d7:2e: c2:ab:c2:04:b2:d0:1c:92:1f:a0:0f:bf:99:ec:84: 8f:a5:94:90:01:cf:7c:43:aa:cd:f2:54:41:c0:93: f9:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:7A:7C:CA:92:BE:27:EF:3B:0C:AA:FC:FA:90:81:12:2A:C0:6C:78 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2ebdc1e9-0e4b-42ff-9a27-800b739897a5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:a080::/48 Signature Algorithm: sha256WithRSAEncryption 8a:e4:f8:2b:33:52:e5:47:37:87:32:34:23:91:61:7c:89:72: 29:9d:d9:a9:45:c0:3d:e9:95:ac:e4:d0:0a:46:7c:45:fe:05: 92:12:6c:1a:0f:ba:40:2b:7f:e0:18:ed:22:0f:a0:71:a7:cb: 43:24:ab:31:f4:08:ca:c2:28:67:34:31:bd:44:b5:9a:0b:c6: cc:5a:08:ee:98:3a:64:bb:5d:bb:0b:f5:65:5a:24:e5:cd:5d: 15:96:ec:df:b6:2a:1b:56:82:39:d8:2e:b2:db:d5:79:c7:53: 09:05:db:8a:01:18:8a:0e:68:53:6e:c4:5a:3d:c5:5d:59:ee: 80:95:2f:77:cc:9e:bf:10:ef:d0:9a:d7:08:cc:c9:38:ac:0b: 41:df:61:ff:c8:75:dd:7a:ae:b9:cd:f2:f2:03:e3:48:19:83: 18:fb:f0:ec:51:9c:d0:1f:7c:1b:65:db:cf:70:e0:66:98:5a: 78:e2:91:0f:f5:14:92:fe:b7:6f:c7:ea:f9:8c:04:5c:0d:e0: f9:ee:12:4e:b9:89:72:77:4b:d3:fd:11:dd:89:58:34:20:b5: 6d:50:63:4c:04:81:df:17:bd:c2:e8:f6:43:c3:35:cc:e6:b1: 45:37:96:67:7e:30:22:36:51:2d:73:25:27:5e:a6:37:4a:2a: 2c:1f:b8:0d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUaxpag1lLETeIMaP3W2mXlHgxGdgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMjAwMjA1NloX DTI1MDkyNjIzNTk1OVowejFJMEcGA1UEBRNAYTM2MWQzNjYwNWVhZTYwNWExN2Vh MDM4ZTRhOTBjM2I0NGRjNGUxZmEzZjg5YWNiODNlNzZkMTdmNTcxNGZkNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5HMGgVNi08aRGo2YPgR5JeURN58U 3v/zNVynivDQdFBqh7wHeJ1ejlXV9rYLbrzEM4ZHOVUNo+CpNVBgEhv6pynSQBAP b1j49V+8GL3jXLYFrvPoZwyVdvI4D36kmrxvMQIq2Fq+nmaIceGyHebzsNHdhMLm Ppz2PqRzAfT3jvVrAm16xm8fEOtYKYyL1p/FM7ue6TqD6X0Fb8xSvdKAnp5QP49F HbwVoDrHUaGY/WfFVgEAnJvZeE8Q5z0gdh/sAYZIuTbbpu0ATzC/QmqPCptJcXiN VSkgdMqLd+v81y7Cq8IEstAckh+gD7+Z7ISPpZSQAc98Q6rN8lRBwJP5GwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFE16fMqSvifvOwyq/PqQgRIqwGx4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJlYmRjMWU5LTBlNGItNDJmZi05YTI3LTgwMGI3Mzk4OTdhNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAKCAMA0GCSqGSIb3DQEBCwUAA4IBAQCK5PgrM1LlRzeHMjQj kWF8iXIpndmpRcA96ZWs5NAKRnxF/gWSEmwaD7pAK3/gGO0iD6Bxp8tDJKsx9AjK wihnNDG9RLWaC8bMWgjumDpku127C/VlWiTlzV0VluzftiobVoI52C6y29V5x1MJ BduKARiKDmhTbsRaPcVdWe6AlS93zJ6/EO/QmtcIzMk4rAtB32H/yHXdeq65zfLy A+NIGYMY+/DsUZzQH3wbZdvPcOBmmFp44pEP9RSS/rdvx+r5jARcDeD57hJOuYly d0vT/RHdiVg0ILVtUGNMBIHfF73C6PZDwzXM5rFFN5ZnfjAiNlEtcyUnXqY3Sios H7gN -----END CERTIFICATE-----Generated at Sat Aug 23 06:37:16 2025 by rpki-client