$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35c40aab-f83d-41b2-947a-e29a7ed6818f.roa File: 35c40aab-f83d-41b2-947a-e29a7ed6818f.roa (raw, json) Hash identifier: Yae8UvBdXvNZJkEyIib+MDJW50NJESNp8xZXDbiPL60= Subject key identifier: 08:1D:5D:C8:F4:83:95:52:D8:8A:F4:95:22:DD:33:65:D5:71:B8:82 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1E4A9550C5BED9434FA709C0480640CC9DF14204 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35c40aab-f83d-41b2-947a-e29a7ed6818f.roa Signing time: Fri 15 Aug 2025 00:20:05 +0000 ROA not before: Fri 15 Aug 2025 00:20:05 +0000 ROA not after: Fri 19 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:4a:95:50:c5:be:d9:43:4f:a7:09:c0:48:06:40:cc:9d:f1:42:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 15 00:20:05 2025 GMT Not After : Sep 19 23:59:59 2025 GMT Subject: serialNumber=45c83addc0bdaad192afb6973353f533c851d9168a8302254937fe85fcfeb97c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:f4:9a:e2:6a:85:93:67:7d:b9:64:20:fa:64: 9e:37:ca:fd:9c:28:31:81:ae:0b:4f:aa:dd:71:d2: 8d:ff:77:a7:ef:0d:e3:3c:6f:92:b0:d5:08:72:9c: d1:ef:e7:67:b3:4e:b4:af:b9:2e:c2:de:d6:12:d0: fc:43:e4:74:a2:4b:69:50:87:5a:1e:4b:5f:9e:88: 7f:6a:57:be:08:9e:c8:51:5a:4d:77:65:ca:f3:f0: 72:56:ac:75:0a:f5:5f:89:eb:d0:74:ff:c4:a9:9e: 90:b5:e9:85:d7:9b:f9:84:03:8b:f4:36:f6:16:81: 5d:64:57:24:6e:9c:64:bd:05:cc:1d:af:00:7d:ad: 4a:a4:be:62:f4:30:cd:fc:c4:31:5f:25:58:04:3b: ab:6c:c4:41:b9:8c:8a:ac:d6:30:83:c3:6d:8b:53: a5:28:16:04:27:74:db:06:8c:20:56:93:77:8f:8b: 73:4f:38:87:1a:2b:21:45:19:61:68:13:18:dc:94: 5d:57:51:c4:11:21:8c:a9:41:c0:05:94:90:35:de: 70:1e:3b:14:47:bd:a1:af:8a:60:7b:3b:23:a6:e5: fa:c2:7b:71:b9:ec:a8:71:3c:ab:0b:bd:d6:b2:2a: 29:8d:18:d2:a7:a2:ec:73:3f:bc:bf:cd:c9:34:ce: f9:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:1D:5D:C8:F4:83:95:52:D8:8A:F4:95:22:DD:33:65:D5:71:B8:82 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35c40aab-f83d-41b2-947a-e29a7ed6818f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8::/32 Signature Algorithm: sha256WithRSAEncryption b0:84:ac:12:d0:0c:7b:e2:e6:70:01:b6:db:6f:27:81:f1:5d: 40:d5:4f:33:f3:55:62:c6:79:a2:33:a8:60:b6:bb:ab:d2:e9: f8:af:5e:0b:e9:53:8b:25:6e:84:ea:63:ec:d8:a2:a0:9d:a2: 2b:3d:1c:81:29:c6:d0:ce:5b:d3:aa:65:5f:6f:5f:6f:7c:1d: f9:cc:db:04:63:59:57:d8:c1:09:91:e7:b6:8f:cf:90:c4:86: f2:00:04:a7:01:26:75:ad:12:ff:d0:8e:80:93:97:45:f3:11: 1d:25:b1:7a:dc:23:4f:31:7e:00:2c:ac:a2:50:13:7c:fe:26: 23:a3:90:64:3f:04:63:ae:30:57:3e:4b:27:72:07:9b:c6:56: 47:83:45:9a:bc:88:da:96:7a:51:01:2e:d0:00:ff:79:80:de: 88:24:0a:cc:8a:c8:4f:ef:32:5c:77:85:1e:13:d7:dd:3c:2f: ad:77:c5:8d:97:78:7b:75:af:bb:f1:fb:11:51:72:41:a3:20: 28:c9:ca:3f:9d:98:ae:b9:95:36:94:50:03:3f:10:23:5d:4d: b8:60:f6:2b:4a:23:26:68:01:0b:c7:d8:99:72:34:e7:aa:9c: a0:aa:6e:55:e8:d5:38:49:17:a5:3c:2a:3f:8a:59:10:f7:2f: 51:be:0b:46 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUHkqVUMW+2UNPpwnASAZAzJ3xQgQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxNTAwMjAwNVoX DTI1MDkxOTIzNTk1OVowejFJMEcGA1UEBRNANDVjODNhZGRjMGJkYWFkMTkyYWZi Njk3MzM1M2Y1MzNjODUxZDkxNjhhODMwMjI1NDkzN2ZlODVmY2ZlYjk3YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fSa4mqFk2d9uWQg+mSeN8r9nCgx ga4LT6rdcdKN/3en7w3jPG+SsNUIcpzR7+dns060r7kuwt7WEtD8Q+R0oktpUIda Hktfnoh/ale+CJ7IUVpNd2XK8/ByVqx1CvVfievQdP/EqZ6QtemF15v5hAOL9Db2 FoFdZFckbpxkvQXMHa8Afa1KpL5i9DDN/MQxXyVYBDurbMRBuYyKrNYwg8Nti1Ol KBYEJ3TbBowgVpN3j4tzTziHGishRRlhaBMY3JRdV1HEESGMqUHABZSQNd5wHjsU R72hr4pgezsjpuX6wntxueyocTyrC73WsiopjRjSp6Lscz+8v83JNM750wIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFAgdXcj0g5VS2Ir0lSLdM2XVcbiCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM1YzQwYWFiLWY4M2QtNDFiMi05NDdhLWUyOWE3ZWQ2ODE4Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbauDANBgkqhkiG9w0BAQsFAAOCAQEAsISsEtAMe+LmcAG2228n gfFdQNVPM/NVYsZ5ojOoYLa7q9Lp+K9eC+lTiyVuhOpj7NiioJ2iKz0cgSnG0M5b 06plX29fb3wd+czbBGNZV9jBCZHnto/PkMSG8gAEpwEmda0S/9COgJOXRfMRHSWx etwjTzF+ACysolATfP4mI6OQZD8EY64wVz5LJ3IHm8ZWR4NFmryI2pZ6UQEu0AD/ eYDeiCQKzIrIT+8yXHeFHhPX3TwvrXfFjZd4e3Wvu/H7EVFyQaMgKMnKP52YrrmV NpRQAz8QI11NuGD2K0ojJmgBC8fYmXI056qcoKpuVejVOEkXpTwqP4pZEPcvUb4L Rg== -----END CERTIFICATE-----Generated at Sat Aug 23 12:00:43 2025 by rpki-client