$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa File: 3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa (raw, json) Hash identifier: 0qWHImewWv1w+eMRdp0QXB4hBOiacT8pEZFKiqNUfpw= Subject key identifier: 67:D1:32:0B:F5:89:A3:75:67:20:89:6E:43:CC:A1:FC:8D:8C:10:6F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 701CD5D08315F9E444CB1C2C859EBC816CEFE7CE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa Signing time: Sat 23 Aug 2025 00:41:37 +0000 ROA not before: Sat 23 Aug 2025 00:41:37 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:c880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:1c:d5:d0:83:15:f9:e4:44:cb:1c:2c:85:9e:bc:81:6c:ef:e7:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:41:37 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=ff1e6b016851fdc0f8dd3587e3aac400f5f6b4a31c69f91fea1818d257bdfe86, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:48:10:eb:f1:dd:3a:10:92:14:d7:fc:d9:66: 11:20:27:6f:43:58:42:99:4f:64:c9:a2:b1:96:2f: e8:79:e6:be:a3:96:c0:a4:d8:33:5d:e4:d2:cf:22: bb:12:15:8c:ec:e0:c2:96:96:ee:4d:f2:cf:ae:e1: ed:be:58:b1:02:23:b6:e7:55:62:8e:cc:71:73:66: 6e:a4:ad:41:c1:6c:79:e1:4e:f9:c0:24:02:39:83: 11:2b:d6:cf:00:64:49:1a:5f:e9:11:c7:b8:45:88: e0:e6:0c:5a:0a:df:c3:fa:d6:35:2a:83:51:e2:11: 24:16:b7:59:bf:c9:49:24:d5:93:4d:6b:e0:55:c1: 6c:6b:0b:79:2d:e6:53:65:78:f5:ec:a9:1e:a8:c6: 9f:22:0d:dc:9d:bd:79:fd:dc:c1:f0:80:86:6a:8c: 5d:11:ec:60:ad:eb:b7:16:7d:3e:2f:86:2e:18:60: 9e:30:94:68:e6:02:97:06:36:4d:d7:c0:24:5d:de: 43:fb:8a:5b:98:e1:4d:28:62:5a:2e:d7:28:92:00: 40:a0:05:e1:34:59:15:2f:1b:ef:62:bb:86:8d:79: ad:a0:ed:a9:22:f7:31:9a:55:ec:07:6e:f8:70:51: 7e:56:c6:8f:cb:8f:2f:34:53:ba:97:35:57:a0:ea: 0b:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:D1:32:0B:F5:89:A3:75:67:20:89:6E:43:CC:A1:FC:8D:8C:10:6F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:c880::/48 Signature Algorithm: sha256WithRSAEncryption a4:7f:2a:b7:46:22:1f:7e:34:14:7d:71:a4:a4:4c:6a:0c:56: ad:e2:1e:42:63:41:74:e4:30:88:ac:24:8f:f8:0e:b4:68:3e: 08:96:ef:e0:98:19:ee:93:08:7a:89:e3:da:a8:37:84:1d:1c: 6f:64:c1:73:2d:6c:e3:cf:aa:6e:66:5a:e5:b9:c4:56:3d:93: e1:9e:2e:97:6e:00:89:c4:d2:89:16:f1:5f:42:45:5b:84:65: fa:5d:63:c4:e7:e6:5f:19:70:81:a1:40:73:b0:21:c2:41:23: 1f:52:59:d7:a2:48:9c:09:06:d9:b3:40:3d:a0:52:80:7c:36: d8:00:14:01:77:29:f0:e9:3d:60:40:f3:dd:a9:2d:23:10:30: 20:14:55:08:ec:2a:76:c9:76:0f:bb:76:ae:88:08:84:5a:ba: 96:e7:bd:77:08:5f:68:6f:e5:21:17:ae:91:d3:cc:4a:35:07: fc:24:3c:41:4e:5b:b2:bc:6e:b1:c9:93:22:9d:cf:4a:a3:89: d2:30:1d:db:29:56:d3:f9:72:db:7c:f5:dd:38:eb:19:0e:99: a4:22:f1:e7:27:d7:ab:a1:6e:fd:1f:9c:64:da:1c:7b:64:6e: e0:de:7b:df:cc:f2:bb:52:c4:0d:27:a6:aa:e5:29:8d:6f:e3: 95:93:38:ce -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUcBzV0IMV+eREyxwshZ68gWzv584wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwNDEzN1oX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAZmYxZTZiMDE2ODUxZmRjMGY4ZGQz NTg3ZTNhYWM0MDBmNWY2YjRhMzFjNjlmOTFmZWExODE4ZDI1N2JkZmU4NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0gQ6/HdOhCSFNf82WYRICdvQ1hC mU9kyaKxli/oeea+o5bApNgzXeTSzyK7EhWM7ODClpbuTfLPruHtvlixAiO251Vi jsxxc2ZupK1BwWx54U75wCQCOYMRK9bPAGRJGl/pEce4RYjg5gxaCt/D+tY1KoNR 4hEkFrdZv8lJJNWTTWvgVcFsawt5LeZTZXj17KkeqMafIg3cnb15/dzB8ICGaoxd Eexgreu3Fn0+L4YuGGCeMJRo5gKXBjZN18AkXd5D+4pbmOFNKGJaLtcokgBAoAXh NFkVLxvvYruGjXmtoO2pIvcxmlXsB274cFF+VsaPy48vNFO6lzVXoOoLMQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGfRMgv1iaN1ZyCJbkPMofyNjBBvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNhNmYwMWYxLWJjNWItNDczZC1hMTJmLTdmMGZmZWQ1ZjRmYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8siAMA0GCSqGSIb3DQEBCwUAA4IBAQCkfyq3RiIffjQUfXGk pExqDFat4h5CY0F05DCIrCSP+A60aD4Ilu/gmBnukwh6iePaqDeEHRxvZMFzLWzj z6puZlrlucRWPZPhni6XbgCJxNKJFvFfQkVbhGX6XWPE5+ZfGXCBoUBzsCHCQSMf UlnXokicCQbZs0A9oFKAfDbYABQBdynw6T1gQPPdqS0jEDAgFFUI7Cp2yXYPu3au iAiEWrqW5713CF9ob+UhF66R08xKNQf8JDxBTluyvG6xyZMinc9Ko4nSMB3bKVbT +XLbfPXdOOsZDpmkIvHnJ9eroW79H5xk2hx7ZG7g3nvfzPK7UsQNJ6aq5SmNb+OV kzjO -----END CERTIFICATE-----Generated at Sat Aug 23 12:00:37 2025 by rpki-client