$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32c6f2e6-113c-4d40-a541-26a09c985dde.roa File: 32c6f2e6-113c-4d40-a541-26a09c985dde.roa (raw, json) Hash identifier: G3cZe98F/arUbTInBVvXDyPun5Q/xweVs+gqcPDIXpI= Subject key identifier: AD:3B:39:A0:24:50:76:56:12:E6:33:8D:D0:09:37:15:1D:D9:79:72 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 09C7E16FEB733C97B17F36FCFF65285EE14CA468 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32c6f2e6-113c-4d40-a541-26a09c985dde.roa Signing time: Sat 23 Aug 2025 00:40:05 +0000 ROA not before: Sat 23 Aug 2025 00:40:05 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:2800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:c7:e1:6f:eb:73:3c:97:b1:7f:36:fc:ff:65:28:5e:e1:4c:a4:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:40:05 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=fd594d164e649a8b903585772fec87a62c3a725e14e9430f47cbd184dedb1aec, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:86:a7:d2:29:5b:f6:39:9c:7b:a3:9e:1b:cd:46: 17:b6:6c:95:12:0c:32:01:85:ad:11:3c:59:92:41: 5e:23:99:df:a5:c7:86:7b:b2:10:f4:15:e7:e3:2e: 7c:11:84:16:d3:57:7c:c2:26:be:76:26:38:dc:35: 9a:78:a7:bd:81:46:fb:14:97:16:2d:f0:dd:bc:89: a5:22:99:96:82:2a:2a:f6:78:c1:80:0e:c4:5d:8c: 35:03:b7:9b:dc:3c:5f:79:df:44:12:dd:bb:14:36: a1:1c:b0:78:92:15:51:ed:25:90:9b:b3:67:4c:c7: a8:f8:25:46:bc:20:38:26:85:28:1c:40:ac:30:b2: 4f:b5:2d:92:be:89:f5:3c:8e:72:d0:f4:ba:35:44: b7:b9:c3:e2:0a:b2:98:57:72:a6:22:9e:d5:7c:f0: 5b:1c:d4:ed:17:36:2a:ed:0b:91:18:e6:27:13:16: f5:82:4a:64:28:ac:f5:60:cd:87:f6:ad:e9:f2:69: bf:a8:e5:94:43:45:cf:9b:bd:69:f9:26:90:e2:35: 53:72:44:8e:cd:14:9f:6d:a9:03:2a:cf:91:d3:c6: 8e:ac:df:e9:4d:f9:34:1e:09:e1:be:30:76:c5:a5: 18:62:66:4a:e0:46:5b:ea:eb:d1:1d:f8:85:28:38: 11:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:3B:39:A0:24:50:76:56:12:E6:33:8D:D0:09:37:15:1D:D9:79:72 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32c6f2e6-113c-4d40-a541-26a09c985dde.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:2800::/40 Signature Algorithm: sha256WithRSAEncryption 82:27:eb:62:e8:09:72:82:29:6a:f5:19:3d:2e:01:3d:c9:0a: 32:3b:33:34:c5:09:ef:8d:59:51:44:6c:cf:dd:be:e6:f3:4d: 3f:7a:12:7c:af:80:9d:f6:d3:18:6b:1f:70:c5:8e:1d:2a:96: ca:65:ee:cd:f0:64:da:61:45:55:a7:43:49:bd:8d:28:d1:98: ee:af:31:82:98:6a:b0:7d:f3:b9:72:76:cd:f0:c4:fb:de:26: 29:d1:ab:6e:de:a2:ca:b7:7e:f2:2f:46:1d:a5:f5:3e:5a:a0: f9:74:37:fd:bc:e7:5e:9b:11:c4:28:05:d8:92:45:8a:c4:56: 0b:71:52:4f:cd:7c:2c:0b:90:8e:09:96:8d:ea:a3:c9:4c:f9: df:b3:0b:4b:25:73:56:a5:90:76:8e:68:4d:3f:96:89:4c:3b: 36:32:c3:b1:fe:ef:18:0b:2c:a2:a9:af:d7:35:ea:16:8f:a7: 9a:4e:d9:34:d3:1b:e4:76:c2:a2:42:0b:e6:b9:47:b5:86:2b: f6:eb:91:65:57:60:ee:fb:d7:da:ae:ad:25:5e:62:b6:2b:48: bb:2b:16:83:da:44:9a:38:c5:01:74:38:72:4d:40:7e:f0:df: 02:c7:90:03:f5:26:a7:cf:d3:90:bf:01:83:98:9a:a9:41:60: 88:b0:17:e9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCcfhb+tzPJexfzb8/2UoXuFMpGgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwNDAwNVoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAZmQ1OTRkMTY0ZTY0OWE4YjkwMzU4 NTc3MmZlYzg3YTYyYzNhNzI1ZTE0ZTk0MzBmNDdjYmQxODRkZWRiMWFlYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqfSKVv2OZx7o54bzUYXtmyVEgwy AYWtETxZkkFeI5nfpceGe7IQ9BXn4y58EYQW01d8wia+diY43DWaeKe9gUb7FJcW LfDdvImlIpmWgioq9njBgA7EXYw1A7eb3Dxfed9EEt27FDahHLB4khVR7SWQm7Nn TMeo+CVGvCA4JoUoHECsMLJPtS2Svon1PI5y0PS6NUS3ucPiCrKYV3KmIp7VfPBb HNTtFzYq7QuRGOYnExb1gkpkKKz1YM2H9q3p8mm/qOWUQ0XPm71p+SaQ4jVTckSO zRSfbakDKs+R08aOrN/pTfk0HgnhvjB2xaUYYmZK4EZb6uvRHfiFKDgRtwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFK07OaAkUHZWEuYzjdAJNxUd2XlyMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyYzZmMmU2LTExM2MtNGQ0MC1hNTQxLTI2YTA5Yzk4NWRkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/ygwDQYJKoZIhvcNAQELBQADggEBAIIn62LoCXKCKWr1GT0u AT3JCjI7MzTFCe+NWVFEbM/dvubzTT96EnyvgJ320xhrH3DFjh0qlspl7s3wZNph RVWnQ0m9jSjRmO6vMYKYarB987lyds3wxPveJinRq27eosq3fvIvRh2l9T5aoPl0 N/28516bEcQoBdiSRYrEVgtxUk/NfCwLkI4Jlo3qo8lM+d+zC0slc1alkHaOaE0/ lolMOzYyw7H+7xgLLKKpr9c16haPp5pO2TTTG+R2wqJCC+a5R7WGK/brkWVXYO77 19qurSVeYrYrSLsrFoPaRJo4xQF0OHJNQH7w3wLHkAP1JqfP05C/AYOYmqlBYIiw F+k= -----END CERTIFICATE-----Generated at Sat Aug 23 17:47:42 2025 by rpki-client