$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/375520d4-df61-4e6c-9222-5f7232d9f4b8.roa File: 375520d4-df61-4e6c-9222-5f7232d9f4b8.roa (raw, json) Hash identifier: PnGqD+yxhgyAeFTWh1p90/awtZkWkf2Jtnkkvn19H1o= Subject key identifier: 8B:41:D8:91:DA:AA:3B:A8:58:45:28:4C:D0:20:FC:33:10:2E:93:B5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5BD42D47CC6129F3203EF68F7673FDB93B80ED78 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/375520d4-df61-4e6c-9222-5f7232d9f4b8.roa Signing time: Sat 23 Aug 2025 00:20:50 +0000 ROA not before: Sat 23 Aug 2025 00:20:50 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:4020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:d4:2d:47:cc:61:29:f3:20:3e:f6:8f:76:73:fd:b9:3b:80:ed:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:20:50 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=2858da821031dbc1603138352a011e9364fb70d0f95f65429e6829013fffc24d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:92:0d:f5:3e:89:1a:e3:77:e4:a8:bd:b3:6e: 44:32:1d:aa:7c:0a:00:43:45:e4:53:f7:e5:87:8e: 0a:be:46:46:0a:9d:da:4f:19:2f:75:2a:87:0d:41: 59:b7:57:90:73:f8:71:aa:0b:7e:68:04:43:f9:96: ec:5b:e6:7a:18:ba:07:bf:d4:e5:f9:87:da:b6:41: ed:00:ed:2b:cb:c8:27:3d:cf:d5:8b:9c:04:ed:65: c3:85:83:1c:b6:10:76:99:1c:7d:07:e9:55:7c:8f: 77:68:3f:e0:07:dc:52:5f:a6:29:4d:f0:be:ac:64: 1b:4a:91:42:2b:98:42:b4:ff:d1:df:d8:13:18:21: 8b:ab:0c:56:df:50:de:9d:9d:b7:b7:5f:85:89:d7: 3f:2b:6f:db:ce:94:a1:c5:49:ad:93:26:3f:71:2b: e3:c0:c1:b8:e7:ac:1d:31:05:43:e0:60:78:0f:ff: ea:ec:9d:f3:da:17:5a:7d:9a:96:61:8b:c4:15:86: 01:05:3b:01:16:41:a5:29:16:ec:8b:6e:c1:b6:65: 5f:88:ac:27:ba:99:a8:d4:fa:6f:31:fd:63:34:6b: ee:8d:17:3b:bb:b7:8c:b0:08:1d:0d:dd:8a:de:85: e4:c7:b7:00:42:92:62:62:ff:41:9b:f0:53:ca:49: 2a:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:41:D8:91:DA:AA:3B:A8:58:45:28:4C:D0:20:FC:33:10:2E:93:B5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/375520d4-df61-4e6c-9222-5f7232d9f4b8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:4020::/48 Signature Algorithm: sha256WithRSAEncryption 40:3a:5f:46:c9:ef:39:c8:b6:9b:2f:b7:f8:5e:4e:fb:82:d3: c6:bf:a1:83:ea:be:cf:1d:de:63:fc:5e:81:02:5b:dc:7e:c0: 28:5a:df:41:5f:17:7c:50:06:c2:f4:6b:ae:62:49:1d:1e:a8: 51:0b:11:16:7e:50:eb:09:c2:d8:d3:ae:ec:df:8d:6c:c2:c9: 5b:c4:cc:c2:7d:48:10:f7:20:04:c7:e0:c0:05:59:a5:7a:e2: 81:ec:3b:b0:8e:d2:fe:36:ea:d7:98:23:9c:da:d5:cc:20:30: c3:d7:d5:26:5e:ce:ba:d6:f5:29:16:f8:7a:84:ef:31:ff:f5: f4:45:a8:46:6f:23:39:00:d5:9a:5e:b7:ff:09:84:bd:d1:8a: 6b:9b:cc:15:1c:9c:d9:9e:c5:a4:01:f8:3f:81:43:4a:70:3a: ec:7f:c5:b5:92:90:a9:06:60:ee:69:45:f8:89:21:78:da:15: 39:74:b9:8d:8c:fd:1e:8a:74:6d:16:18:cf:ff:4b:8e:aa:24: a9:ed:f3:f5:ce:38:e2:c1:0b:0a:71:93:0c:2a:2d:bf:58:b8: 5c:90:4f:6d:d0:4e:d2:22:75:38:f5:11:c3:09:4f:d4:83:25: 38:1d:c0:4a:37:5f:3a:a5:ed:4a:1a:0b:04:a5:76:e2:89:90: b0:9e:af:02 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUW9QtR8xhKfMgPvaPdnP9uTuA7XgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMjA1MFoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAMjg1OGRhODIxMDMxZGJjMTYwMzEz ODM1MmEwMTFlOTM2NGZiNzBkMGY5NWY2NTQyOWU2ODI5MDEzZmZmYzI0ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JIN9T6JGuN35Ki9s25EMh2qfAoA Q0XkU/flh44KvkZGCp3aTxkvdSqHDUFZt1eQc/hxqgt+aARD+ZbsW+Z6GLoHv9Tl +YfatkHtAO0ry8gnPc/Vi5wE7WXDhYMcthB2mRx9B+lVfI93aD/gB9xSX6YpTfC+ rGQbSpFCK5hCtP/R39gTGCGLqwxW31DenZ23t1+Fidc/K2/bzpShxUmtkyY/cSvj wMG456wdMQVD4GB4D//q7J3z2hdafZqWYYvEFYYBBTsBFkGlKRbsi27BtmVfiKwn upmo1PpvMf1jNGvujRc7u7eMsAgdDd2K3oXkx7cAQpJiYv9Bm/BTykkqPwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFItB2JHaqjuoWEUoTNAg/DMQLpO1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM3NTUyMGQ0LWRmNjEtNGU2Yy05MjIyLTVmNzIzMmQ5ZjRiOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/0AgMA0GCSqGSIb3DQEBCwUAA4IBAQBAOl9Gye85yLabL7f4 Xk77gtPGv6GD6r7PHd5j/F6BAlvcfsAoWt9BXxd8UAbC9GuuYkkdHqhRCxEWflDr CcLY067s341swslbxMzCfUgQ9yAEx+DABVmleuKB7DuwjtL+NurXmCOc2tXMIDDD 19UmXs661vUpFvh6hO8x//X0RahGbyM5ANWaXrf/CYS90Yprm8wVHJzZnsWkAfg/ gUNKcDrsf8W1kpCpBmDuaUX4iSF42hU5dLmNjP0einRtFhjP/0uOqiSp7fP1zjji wQsKcZMMKi2/WLhckE9t0E7SInU49RHDCU/UgyU4HcBKN186pe1KGgsEpXbiiZCw nq8C -----END CERTIFICATE-----Generated at Sat Aug 23 17:47:54 2025 by rpki-client