$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/349778ec-dd5c-4e52-8440-4155573588c4.roa File: 349778ec-dd5c-4e52-8440-4155573588c4.roa (raw, json) Hash identifier: oB+bMHl2YeMxiDH/GlM725tm4Q9x7iDnw97nqdWtI0I= Subject key identifier: C8:32:FC:AB:E7:B3:26:2C:43:0B:87:4C:6A:2E:7C:D4:35:3C:98:F4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 393D84E04F66336F8FAAFD65B0BEE95065703B54 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/349778ec-dd5c-4e52-8440-4155573588c4.roa Signing time: Sat 23 Aug 2025 00:11:27 +0000 ROA not before: Sat 23 Aug 2025 00:11:27 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:e0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:3d:84:e0:4f:66:33:6f:8f:aa:fd:65:b0:be:e9:50:65:70:3b:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:11:27 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=3d28a58a5d5103e80072c8e9028758ec4a56ed200e572b57ad0695c2666f4f0c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:31:7d:90:86:e9:97:48:45:59:33:4f:52:6a: a7:e0:51:37:d7:bd:23:7a:95:6f:df:1b:87:07:f9: 95:9c:bc:c1:4a:5a:7b:91:2e:cd:a5:86:28:ea:cc: 0c:59:e9:e4:7e:69:96:e5:19:15:43:e6:41:20:43: 7f:5b:3c:32:e9:ad:29:ae:ac:09:40:d1:ea:d0:3d: 20:f3:1d:5c:df:7e:cf:ac:cc:84:8f:dc:be:e7:6b: df:57:4e:43:ed:62:8b:f8:ef:f5:eb:15:d0:79:a9: 50:b4:0e:2c:07:98:02:47:d3:4d:89:37:c3:47:d7: e1:26:19:b8:c2:96:51:df:2d:1a:f0:e4:c1:57:b9: c9:e1:4e:01:4e:e0:ab:9c:b0:82:12:16:0b:bf:12: 9e:3c:bf:d1:64:b8:08:c4:e6:2b:9c:e6:16:50:f2: 6e:a9:f1:0b:74:15:ec:5a:cb:61:44:51:77:f2:3e: 45:33:fe:3d:54:8f:8b:69:b7:f8:5b:9d:87:56:38: 40:87:a7:c4:5e:a2:ae:0c:05:ef:8c:27:58:cf:ec: 22:3e:fa:46:46:3d:93:f9:40:60:92:59:be:9a:20: af:9b:eb:b2:28:1e:37:f4:fd:5c:d8:46:50:31:e6: d5:1f:71:91:72:08:f5:4e:9a:0b:c9:fc:09:fd:51: ff:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:32:FC:AB:E7:B3:26:2C:43:0B:87:4C:6A:2E:7C:D4:35:3C:98:F4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/349778ec-dd5c-4e52-8440-4155573588c4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:e0c0::/48 Signature Algorithm: sha256WithRSAEncryption c9:f2:e4:16:06:b1:43:bf:e5:cd:56:fd:db:50:70:22:96:af: bc:40:57:57:28:71:13:df:ee:2f:94:5f:a2:ec:97:60:62:f8: d0:1d:75:41:92:92:5e:2e:e3:29:d4:88:5b:09:e7:e2:df:4d: 71:62:4a:46:a1:b8:f7:0a:f0:f7:69:28:e7:15:a7:93:55:a2: cf:83:80:40:43:ac:00:e7:d8:94:92:92:43:1b:89:54:5b:05: c3:4b:0e:6f:2c:22:5d:91:9b:c2:55:11:6a:d1:32:57:31:a6: 7f:cd:59:dd:1e:f0:95:17:ab:6f:b5:01:6b:ee:b7:df:c7:15: d8:2d:f2:b4:95:de:0e:e7:8d:d5:da:46:9d:6b:d4:93:bc:2b: 7c:21:2f:0b:f6:73:22:af:96:32:60:3e:1f:1a:85:63:08:ce: 7f:61:23:3e:8f:91:cb:ad:44:dd:48:4a:41:08:8c:0e:9b:12: d4:45:b0:b2:d3:fc:80:1b:3b:c2:04:20:79:0b:90:f2:0e:d8: 24:dd:62:fd:ae:d4:6b:48:a4:2d:7c:22:ff:0f:88:78:21:06: 0b:e8:d2:66:50:12:b9:1d:50:26:f7:51:6c:52:52:49:ce:bf: 88:27:2e:0d:94:08:5e:e9:bc:9a:c5:7d:8e:94:f5:43:a5:74: 96:99:7e:91 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUOT2E4E9mM2+Pqv1lsL7pUGVwO1QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMTEyN1oX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAM2QyOGE1OGE1ZDUxMDNlODAwNzJj OGU5MDI4NzU4ZWM0YTU2ZWQyMDBlNTcyYjU3YWQwNjk1YzI2NjZmNGYwYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDF9kIbpl0hFWTNPUmqn4FE3170j epVv3xuHB/mVnLzBSlp7kS7NpYYo6swMWenkfmmW5RkVQ+ZBIEN/Wzwy6a0prqwJ QNHq0D0g8x1c337PrMyEj9y+52vfV05D7WKL+O/16xXQealQtA4sB5gCR9NNiTfD R9fhJhm4wpZR3y0a8OTBV7nJ4U4BTuCrnLCCEhYLvxKePL/RZLgIxOYrnOYWUPJu qfELdBXsWsthRFF38j5FM/49VI+Labf4W52HVjhAh6fEXqKuDAXvjCdYz+wiPvpG Rj2T+UBgklm+miCvm+uyKB439P1c2EZQMebVH3GRcgj1TpoLyfwJ/VH/HwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMgy/KvnsyYsQwuHTGoufNQ1PJj0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM0OTc3OGVjLWRkNWMtNGU1Mi04NDQwLTQxNTU1NzM1ODhjNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/+DAMA0GCSqGSIb3DQEBCwUAA4IBAQDJ8uQWBrFDv+XNVv3b UHAilq+8QFdXKHET3+4vlF+i7JdgYvjQHXVBkpJeLuMp1IhbCefi301xYkpGobj3 CvD3aSjnFaeTVaLPg4BAQ6wA59iUkpJDG4lUWwXDSw5vLCJdkZvCVRFq0TJXMaZ/ zVndHvCVF6tvtQFr7rffxxXYLfK0ld4O543V2kada9STvCt8IS8L9nMir5YyYD4f GoVjCM5/YSM+j5HLrUTdSEpBCIwOmxLURbCy0/yAGzvCBCB5C5DyDtgk3WL9rtRr SKQtfCL/D4h4IQYL6NJmUBK5HVAm91FsUlJJzr+IJy4NlAhe6byaxX2OlPVDpXSW mX6R -----END CERTIFICATE-----Generated at Sat Aug 23 08:30:08 2025 by rpki-client