$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/361d936c-1adc-484a-92e0-91a674c8ad9d.roa File: 361d936c-1adc-484a-92e0-91a674c8ad9d.roa (raw, json) Hash identifier: TLz3HttyUl4q9biDOnUqYiYyYUBjLpo+QZIL6BwmsI8= Subject key identifier: 4C:96:89:26:E1:08:77:B6:E1:3F:B6:F3:9C:F1:21:DA:DB:01:89:05 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0FF76A2FDE75E285BA8EABBCDFCFF97ACF02307E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/361d936c-1adc-484a-92e0-91a674c8ad9d.roa Signing time: Sat 23 Aug 2025 00:11:00 +0000 ROA not before: Sat 23 Aug 2025 00:11:00 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:c0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:f7:6a:2f:de:75:e2:85:ba:8e:ab:bc:df:cf:f9:7a:cf:02:30:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:11:00 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=a20956088c32888c5083a2d5ad37c7cfb3f6ad5561a2baa4c9b88d414d25c35a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:d9:ea:37:21:e8:93:d5:fa:1f:cf:c3:60:4a: 85:8a:66:1a:3c:21:71:1f:41:f2:a7:97:8c:d4:11: 61:7c:71:50:f6:6b:6a:83:09:4a:db:79:39:75:49: 6d:a2:8b:af:a2:ed:09:6a:c1:a2:b7:a9:a0:fb:c7: b1:9b:de:51:11:73:90:55:84:76:90:32:7e:51:89: 24:65:38:98:6f:3f:cc:db:a0:51:f7:4a:50:5c:ca: 03:27:b4:35:39:5a:a3:3f:54:48:03:1c:0b:4b:36: 25:d1:b4:8b:32:b0:b1:c4:5a:98:8d:94:09:5c:0e: b5:60:b3:af:ef:f9:bb:2d:57:56:bd:a1:8a:38:e6: dd:ad:4a:9d:72:54:0c:1d:39:e8:22:16:9a:ce:73: dc:1b:e5:4d:f3:cf:ef:c1:98:0e:a8:47:97:2b:48: df:49:98:d1:c8:5f:ca:1e:9e:4f:d8:3d:db:eb:b2: 8e:fe:ba:d0:a2:13:26:7b:4b:75:b3:fb:c1:e8:83: 08:db:e0:dd:f0:67:88:f2:8e:81:14:d4:5d:63:73: c0:77:a6:01:a8:9d:02:5f:10:a0:d6:01:d2:bb:61: 9d:ef:0d:c0:62:bf:6d:08:58:07:22:bc:2e:f4:09: bf:24:0c:e8:ab:29:70:48:60:81:90:e8:4d:5d:56: 1e:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:96:89:26:E1:08:77:B6:E1:3F:B6:F3:9C:F1:21:DA:DB:01:89:05 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/361d936c-1adc-484a-92e0-91a674c8ad9d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:c0c0::/48 Signature Algorithm: sha256WithRSAEncryption b5:bd:ca:ce:01:a0:82:ff:b3:06:e3:81:90:01:8d:c8:3c:ab: 42:47:36:e3:29:18:17:c2:c3:80:60:3c:d8:7f:92:e6:85:e6: 04:9a:3c:8e:a4:cb:c0:00:0d:09:2f:90:91:fc:49:99:64:8a: dd:af:1b:9c:24:2e:ce:a7:ec:a1:af:b2:4a:1c:c3:12:cc:72: d2:43:99:2f:2a:34:be:63:6f:78:56:a3:43:bc:44:5b:64:0b: c4:39:10:bb:99:4d:f6:3e:b5:34:97:96:72:e0:b7:98:52:a0: c4:37:9a:3e:ba:7c:06:33:c6:ba:95:81:1b:b2:59:f6:01:c2: 9a:67:06:d4:dc:94:56:8e:a2:90:87:8e:a7:b6:60:16:f0:34: c2:34:7d:a1:4d:23:72:28:02:97:86:b7:c7:29:01:13:1d:b9: ac:17:fe:d2:23:66:24:e7:44:3b:de:02:b1:35:e3:74:34:2d: b0:57:8d:12:95:b1:4b:90:b7:03:79:17:12:26:b0:1b:a0:ca: 66:21:d1:ef:ea:08:81:42:e9:0f:4a:64:1b:bc:61:7a:74:2e: 61:96:9d:39:02:d3:07:63:b0:1a:70:5f:0d:3d:79:2f:c4:5e: e2:f9:f8:7a:8d:50:2e:28:bc:fe:e5:5c:d3:91:f8:b5:b5:f6: 0b:7f:bd:52 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUD/dqL9514oW6jqu838/5es8CMH4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMTEwMFoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAYTIwOTU2MDg4YzMyODg4YzUwODNh MmQ1YWQzN2M3Y2ZiM2Y2YWQ1NTYxYTJiYWE0YzliODhkNDE0ZDI1YzM1YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9nqNyHok9X6H8/DYEqFimYaPCFx H0Hyp5eM1BFhfHFQ9mtqgwlK23k5dUltoouvou0JasGit6mg+8exm95REXOQVYR2 kDJ+UYkkZTiYbz/M26BR90pQXMoDJ7Q1OVqjP1RIAxwLSzYl0bSLMrCxxFqYjZQJ XA61YLOv7/m7LVdWvaGKOObdrUqdclQMHTnoIhaaznPcG+VN88/vwZgOqEeXK0jf SZjRyF/KHp5P2D3b67KO/rrQohMme0t1s/vB6IMI2+Dd8GeI8o6BFNRdY3PAd6YB qJ0CXxCg1gHSu2Gd7w3AYr9tCFgHIrwu9Am/JAzoqylwSGCBkOhNXVYeLwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEyWiSbhCHe24T+285zxIdrbAYkFMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM2MWQ5MzZjLTFhZGMtNDg0YS05MmUwLTkxYTY3NGM4YWQ5ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOMDAMA0GCSqGSIb3DQEBCwUAA4IBAQC1vcrOAaCC/7MG44GQ AY3IPKtCRzbjKRgXwsOAYDzYf5LmheYEmjyOpMvAAA0JL5CR/EmZZIrdrxucJC7O p+yhr7JKHMMSzHLSQ5kvKjS+Y294VqNDvERbZAvEORC7mU32PrU0l5Zy4LeYUqDE N5o+unwGM8a6lYEbsln2AcKaZwbU3JRWjqKQh46ntmAW8DTCNH2hTSNyKAKXhrfH KQETHbmsF/7SI2Yk50Q73gKxNeN0NC2wV40SlbFLkLcDeRcSJrAboMpmIdHv6giB QukPSmQbvGF6dC5hlp05AtMHY7AacF8NPXkvxF7i+fh6jVAuKLz+5VzTkfi1tfYL f71S -----END CERTIFICATE-----Generated at Sat Aug 23 12:03:02 2025 by rpki-client