$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2f5f7c96-cbf6-4cd7-a2da-6c86ff029673.roa File: 2f5f7c96-cbf6-4cd7-a2da-6c86ff029673.roa (raw, json) Hash identifier: bm36xd+q8xF3LPlnUVniQ1ILqLAjs7EZjB6kIQ1Xvtw= Subject key identifier: 2E:D5:92:D3:D3:B2:90:4C:1B:0A:37:C6:D4:08:21:67:CF:09:97:42 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 19D82E142F87313B1874ED5F25ACCDFF555C42A0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2f5f7c96-cbf6-4cd7-a2da-6c86ff029673.roa Signing time: Sat 23 Aug 2025 00:20:22 +0000 ROA not before: Sat 23 Aug 2025 00:20:22 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:c840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:d8:2e:14:2f:87:31:3b:18:74:ed:5f:25:ac:cd:ff:55:5c:42:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:20:22 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=c0636a30fd78d0a7777a476950f305a0533328ff2622d38a7735c9bd05e67d83, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:0d:d1:27:9b:46:f1:72:23:20:b4:c4:f1:a3: e0:6c:89:04:b3:b5:6b:34:18:3d:ef:2b:1d:21:b3: 29:65:9c:e3:84:d0:58:83:14:eb:c3:53:3d:f7:03: c8:71:64:36:ba:c7:a9:d5:37:5e:61:a6:f4:ca:3d: be:29:0e:41:ca:1a:a2:f8:60:9e:92:2a:b7:24:cb: b6:f6:ab:10:5a:5e:22:92:b2:30:70:75:19:42:af: 29:93:38:25:a7:75:d9:ba:e9:a5:f4:0d:e7:2f:37: 09:bd:c8:de:46:c9:62:b9:1c:a0:66:fb:cd:b8:74: cc:cf:c9:3a:7f:88:91:84:61:b2:ec:74:a9:2a:22: ed:5a:df:f7:04:45:68:9b:31:9f:39:bb:50:b4:1b: fa:79:65:81:a1:7f:cf:b1:24:9b:c0:fe:18:2d:20: bf:1f:1d:0c:72:61:a8:91:b0:86:3e:4f:66:a5:8f: dd:3f:8b:1e:cc:23:41:db:a8:55:4c:cb:1d:12:66: 88:59:d9:0b:97:45:78:7f:be:d4:2b:f9:05:f9:eb: f2:f4:c8:36:a8:ac:cf:5a:8f:41:d2:5d:b9:12:cd: ee:2a:08:8a:9e:74:d5:61:bc:ed:cd:d2:94:bd:6b: de:c0:d7:0a:d5:18:af:64:ed:15:fc:fb:8a:de:d6: c6:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:D5:92:D3:D3:B2:90:4C:1B:0A:37:C6:D4:08:21:67:CF:09:97:42 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2f5f7c96-cbf6-4cd7-a2da-6c86ff029673.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:c840::/48 Signature Algorithm: sha256WithRSAEncryption 68:bf:d2:79:f4:62:d1:fd:a9:55:26:6f:73:51:17:37:62:6d: 1a:ba:69:d7:af:a6:79:45:9b:e1:88:17:d0:fc:32:3a:de:41: 5a:1b:bc:ef:6f:fc:ff:44:64:46:e9:71:63:26:aa:7e:91:80: 37:6b:5e:db:e7:ad:f6:82:14:a5:f7:0a:75:27:0f:5e:09:a1: 17:d5:59:6d:97:ed:c7:7a:ea:ae:bb:cd:18:54:5e:1b:a9:57: 12:01:ac:44:07:e2:e8:e4:2d:1a:79:34:1c:40:e7:7c:45:3f: e8:e4:b8:1c:3a:49:e5:cf:47:ab:dd:74:29:48:ee:c5:bd:3c: d2:8c:54:5a:0f:23:9c:75:dc:d8:3f:3a:aa:16:53:ee:2e:4b: 0b:26:14:7b:83:a0:8e:62:f6:32:63:07:ec:7b:0c:4e:53:d5: 48:25:81:c4:f9:8f:d4:2d:dd:53:06:af:bd:eb:a7:3e:56:6b: 69:b2:31:8c:77:7c:5d:e3:8f:fe:d1:4d:81:47:5c:03:a5:e9: 97:73:5e:7d:2e:d0:c4:33:75:62:d9:f3:d8:27:5c:f6:b1:7a: 8f:6a:46:90:e9:0d:ca:9e:94:e7:4c:55:60:2a:e4:05:34:6b: 42:65:ca:f2:b2:45:30:06:b5:b4:0a:e0:e9:c2:6e:b4:5f:4d: 94:cd:96:67 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGdguFC+HMTsYdO1fJazN/1VcQqAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMjAyMloX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAYzA2MzZhMzBmZDc4ZDBhNzc3N2E0 NzY5NTBmMzA1YTA1MzMzMjhmZjI2MjJkMzhhNzczNWM5YmQwNWU2N2Q4MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqw3RJ5tG8XIjILTE8aPgbIkEs7Vr NBg97ysdIbMpZZzjhNBYgxTrw1M99wPIcWQ2usep1TdeYab0yj2+KQ5Byhqi+GCe kiq3JMu29qsQWl4ikrIwcHUZQq8pkzglp3XZuuml9A3nLzcJvcjeRsliuRygZvvN uHTMz8k6f4iRhGGy7HSpKiLtWt/3BEVomzGfObtQtBv6eWWBoX/PsSSbwP4YLSC/ Hx0McmGokbCGPk9mpY/dP4sezCNB26hVTMsdEmaIWdkLl0V4f77UK/kF+evy9Mg2 qKzPWo9B0l25Es3uKgiKnnTVYbztzdKUvWvewNcK1RivZO0V/PuK3tbGkQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFC7VktPTspBMGwo3xtQIIWfPCZdCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJmNWY3Yzk2LWNiZjYtNGNkNy1hMmRhLTZjODZmZjAyOTY3My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/8hAMA0GCSqGSIb3DQEBCwUAA4IBAQBov9J59GLR/alVJm9z URc3Ym0aumnXr6Z5RZvhiBfQ/DI63kFaG7zvb/z/RGRG6XFjJqp+kYA3a17b5632 ghSl9wp1Jw9eCaEX1Vltl+3Heuquu80YVF4bqVcSAaxEB+Lo5C0aeTQcQOd8RT/o 5LgcOknlz0er3XQpSO7FvTzSjFRaDyOcddzYPzqqFlPuLksLJhR7g6COYvYyYwfs ewxOU9VIJYHE+Y/ULd1TBq+966c+VmtpsjGMd3xd44/+0U2BR1wDpemXc159LtDE M3Vi2fPYJ1z2sXqPakaQ6Q3KnpTnTFVgKuQFNGtCZcryskUwBrW0CuDpwm60X02U zZZn -----END CERTIFICATE-----Generated at Sat Aug 23 12:01:34 2025 by rpki-client