$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/38ae37ad-50db-4547-8df2-8cdcc56e5ca1.roa File: 38ae37ad-50db-4547-8df2-8cdcc56e5ca1.roa (raw, json) Hash identifier: ntfzijz3NJ2yoadH3D0wAUk5RlBQFlwO67Ip7JVRb8Y= Subject key identifier: D2:30:33:93:B6:AA:9A:B5:9B:99:9D:2E:46:EA:2C:6D:DD:E5:EB:6E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 14F42AB14F1ACF191D669C9B32285CE5DCF9CC87 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/38ae37ad-50db-4547-8df2-8cdcc56e5ca1.roa Signing time: Wed 13 Aug 2025 00:00:08 +0000 ROA not before: Wed 13 Aug 2025 00:00:08 +0000 ROA not after: Wed 17 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:f4:2a:b1:4f:1a:cf:19:1d:66:9c:9b:32:28:5c:e5:dc:f9:cc:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 13 00:00:08 2025 GMT Not After : Sep 17 23:59:59 2025 GMT Subject: serialNumber=eb0729c0852f4a65540373e2ced735517003885dc03ff038773cf1ef9fa2eecd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:75:39:c8:2d:cc:19:51:fd:da:5d:69:4b:ef: 4d:68:53:c6:72:94:6d:cf:31:8b:d8:8e:84:56:7d: 61:d4:b1:a2:99:95:5b:a6:50:d4:4c:85:8a:a9:12: c0:ee:f6:54:54:18:1a:d3:d1:db:94:72:09:a3:6e: 92:82:ca:f0:df:a2:90:98:0f:9a:57:b9:aa:2c:a0: 64:a4:55:b7:fe:23:c1:67:5a:af:3c:53:b5:bc:f9: 37:a0:7a:ac:36:a0:a4:62:b7:dd:56:6d:90:9c:c0: f1:b2:0d:03:31:ca:a5:4a:4a:e8:01:01:2e:1a:ef: 14:a0:cc:fa:bd:a7:66:6d:0d:7f:ac:f8:41:4c:8c: 88:1d:92:83:0b:2d:f3:ab:9c:56:e8:03:8a:be:3b: f8:d2:02:6a:66:6b:70:57:1c:7c:c0:28:79:f9:90: 6a:32:ea:d3:c5:5c:ac:74:83:96:db:42:28:e1:89: b4:d5:b5:65:fe:4a:14:ca:19:7b:b2:fb:4b:9e:1d: a0:57:cd:f5:34:0b:a1:4f:5d:b6:28:34:80:90:7d: 88:52:a9:d2:a3:5d:ae:8e:9d:76:44:05:95:a0:93: 53:c9:25:83:cc:3e:b4:df:16:d7:bd:b0:a8:aa:77: 21:00:15:c0:88:07:d4:dd:25:aa:a1:96:ed:0a:09: 3c:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:30:33:93:B6:AA:9A:B5:9B:99:9D:2E:46:EA:2C:6D:DD:E5:EB:6E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/38ae37ad-50db-4547-8df2-8cdcc56e5ca1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32::/32 Signature Algorithm: sha256WithRSAEncryption 0d:96:cf:63:fd:d9:e5:55:8e:6f:0f:b5:8c:f8:99:1a:94:cf: 1d:9c:0d:94:3b:80:5b:7b:40:88:62:73:01:4f:22:15:d9:3b: 33:4c:ad:5f:e7:cb:57:f2:14:5c:1f:0f:64:80:68:29:74:6d: 32:0e:ea:33:c9:13:bb:9c:64:b7:62:e3:9a:cf:01:01:63:7d: c0:f4:d4:2d:c2:05:0b:bb:00:58:94:48:a3:f8:a4:20:af:99: 96:f1:c0:b5:50:e3:da:d3:29:15:c5:db:98:98:2f:25:a1:c8: a3:40:a2:ba:7b:fe:a7:88:bd:1b:86:41:60:e4:02:27:54:f5: 8d:95:3c:be:6d:0f:69:36:ba:d1:7e:f0:2f:14:ba:7d:13:21: 12:b3:61:67:d3:f0:bc:00:e2:fb:03:05:5c:5e:21:b5:b8:5b: bd:6e:99:87:17:e7:92:9d:8b:84:e4:c6:87:42:ac:7f:5e:d6: ad:f1:92:fa:ce:1b:33:08:75:98:b6:fd:ad:32:3d:2b:a3:f8: 52:65:aa:6f:40:0e:fa:d2:96:9a:3e:f3:f1:bc:93:41:cf:ff: 79:d5:02:4d:c6:a2:95:4e:12:e0:32:f9:57:57:54:a3:dc:20: 5f:9f:c1:53:1a:65:eb:c6:ee:d5:a0:86:89:35:bd:31:a1:27: c7:7f:e4:9d -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUFPQqsU8azxkdZpybMihc5dz5zIcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxMzAwMDAwOFoX DTI1MDkxNzIzNTk1OVowejFJMEcGA1UEBRNAZWIwNzI5YzA4NTJmNGE2NTU0MDM3 M2UyY2VkNzM1NTE3MDAzODg1ZGMwM2ZmMDM4NzczY2YxZWY5ZmEyZWVjZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXU5yC3MGVH92l1pS+9NaFPGcpRt zzGL2I6EVn1h1LGimZVbplDUTIWKqRLA7vZUVBga09HblHIJo26Sgsrw36KQmA+a V7mqLKBkpFW3/iPBZ1qvPFO1vPk3oHqsNqCkYrfdVm2QnMDxsg0DMcqlSkroAQEu Gu8UoMz6vadmbQ1/rPhBTIyIHZKDCy3zq5xW6AOKvjv40gJqZmtwVxx8wCh5+ZBq MurTxVysdIOW20Io4Ym01bVl/koUyhl7svtLnh2gV831NAuhT122KDSAkH2IUqnS o12ujp12RAWVoJNTySWDzD603xbXvbCoqnchABXAiAfU3SWqoZbtCgk8hQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFNIwM5O2qpq1m5mdLkbqLG3d5etuMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM4YWUzN2FkLTUwZGItNDU0Ny04ZGYyLThjZGNjNTZlNWNhMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbaMjANBgkqhkiG9w0BAQsFAAOCAQEADZbPY/3Z5VWObw+1jPiZ GpTPHZwNlDuAW3tAiGJzAU8iFdk7M0ytX+fLV/IUXB8PZIBoKXRtMg7qM8kTu5xk t2Ljms8BAWN9wPTULcIFC7sAWJRIo/ikIK+ZlvHAtVDj2tMpFcXbmJgvJaHIo0Ci unv+p4i9G4ZBYOQCJ1T1jZU8vm0PaTa60X7wLxS6fRMhErNhZ9PwvADi+wMFXF4h tbhbvW6Zhxfnkp2LhOTGh0Ksf17WrfGS+s4bMwh1mLb9rTI9K6P4UmWqb0AO+tKW mj7z8byTQc//edUCTcailU4S4DL5V1dUo9wgX5/BUxpl68bu1aCGiTW9MaEnx3/k nQ== -----END CERTIFICATE-----Generated at Sat Aug 23 06:45:24 2025 by rpki-client