$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e10b881-cc4d-4575-9034-6eacfc118456.roa File: 3e10b881-cc4d-4575-9034-6eacfc118456.roa (raw, json) Hash identifier: 7YreZlyLRttmKfvSeKG0OYnViPG37Xf3TpJ3NL56Mh0= Subject key identifier: 66:72:2F:0B:67:13:5C:BA:6E:C4:36:B2:7E:2E:3E:B1:56:61:55:1E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0FA5F12C3C9A66761E605795289298767CAB017B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e10b881-cc4d-4575-9034-6eacfc118456.roa Signing time: Sat 23 Aug 2025 00:31:30 +0000 ROA not before: Sat 23 Aug 2025 00:31:30 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:2000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:a5:f1:2c:3c:9a:66:76:1e:60:57:95:28:92:98:76:7c:ab:01:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:31:30 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=763a92662c3eb73ab9449a6adb03e5cddf0783ae2bd8fa0f8a0a399ebc60dc8c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:c4:1f:e0:9f:7e:e6:a4:7a:3b:29:19:04:04: ec:7c:dc:69:0b:17:07:a1:1d:94:58:9c:ce:a7:ee: ee:a2:2e:f7:a2:21:cd:8f:fa:3d:11:54:31:ca:49: 70:80:7c:77:e3:a6:38:0f:08:5a:c9:fc:36:40:5a: 68:0f:ec:08:b2:c7:f1:bb:ac:74:73:3e:19:80:68: 7d:03:12:3e:14:d6:33:e6:10:22:81:84:e0:b3:74: d4:17:59:16:58:be:ee:98:ee:15:6a:55:94:4e:f1: 18:9e:09:12:34:1b:14:67:cc:20:a4:26:44:e1:6f: c8:5b:46:7a:e3:ce:eb:94:5f:6d:96:43:cc:0f:e1: 8c:26:a8:80:e4:56:c7:1d:c0:d2:fc:75:bc:2c:5b: f5:a9:62:cd:80:6f:a8:ab:f1:13:5a:ab:18:8e:a5: 67:df:f5:88:6c:0e:11:f3:79:30:b7:87:6d:a3:ac: c3:0b:b3:c9:14:6e:ea:95:24:6f:40:ab:46:6f:ab: 10:5b:0e:90:34:a1:a9:b8:c1:e0:47:c9:36:58:41: e9:14:5c:b1:18:c3:fe:dc:8f:20:1b:2b:20:24:27: 78:f4:7c:c6:07:38:ae:36:df:49:04:1b:c8:ff:05: d0:27:07:51:08:c6:f7:30:1b:5c:b0:3b:91:77:18: 46:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:72:2F:0B:67:13:5C:BA:6E:C4:36:B2:7E:2E:3E:B1:56:61:55:1E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e10b881-cc4d-4575-9034-6eacfc118456.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:2000::/40 Signature Algorithm: sha256WithRSAEncryption 9b:f6:ce:41:f7:f4:4e:81:46:b2:b4:8f:2e:d5:aa:fe:5c:e0: ac:c6:bb:55:df:97:6f:a9:3c:8b:f8:03:1a:bc:d7:13:c4:00: 33:58:5a:40:38:cc:f9:cf:15:7b:35:56:28:b5:c4:29:4c:24: 64:e5:00:6d:21:e9:63:6e:08:59:2b:e7:6a:98:39:55:15:f7: 83:19:eb:0a:4d:83:e2:5d:bc:1d:3b:20:6f:77:60:19:75:7c: 98:45:b5:1b:35:0c:36:0e:c9:30:dd:1f:ea:f3:97:ab:3a:94: 2d:a7:46:53:c5:e7:d7:96:80:0d:ce:da:f8:c0:05:64:68:7c: 16:ce:88:05:39:44:b7:90:bc:bf:96:b0:87:ec:89:0a:76:2f: cc:0c:e1:1c:0a:56:9f:eb:1c:d1:ae:06:5d:fa:a0:54:2c:0a: 1a:c3:fc:68:11:07:cc:72:b5:35:d2:e2:e1:20:5a:d5:59:48: 12:a4:45:92:03:9a:0b:62:75:e9:04:91:20:d2:3c:7f:3d:c3: 59:7d:da:35:ac:65:86:3e:29:b5:62:a5:46:7b:ce:2d:58:39: e9:28:c9:cb:18:29:5e:b8:0b:66:9e:eb:70:8c:ff:42:14:d5: 10:ff:18:b2:45:79:32:64:8c:c0:62:c7:6f:3b:b6:1d:de:52: 7a:16:43:1c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUD6XxLDyaZnYeYFeVKJKYdnyrAXswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMzEzMFoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNANzYzYTkyNjYyYzNlYjczYWI5NDQ5 YTZhZGIwM2U1Y2RkZjA3ODNhZTJiZDhmYTBmOGEwYTM5OWViYzYwZGM4YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocQf4J9+5qR6OykZBATsfNxpCxcH oR2UWJzOp+7uoi73oiHNj/o9EVQxyklwgHx346Y4Dwhayfw2QFpoD+wIssfxu6x0 cz4ZgGh9AxI+FNYz5hAigYTgs3TUF1kWWL7umO4ValWUTvEYngkSNBsUZ8wgpCZE 4W/IW0Z6487rlF9tlkPMD+GMJqiA5FbHHcDS/HW8LFv1qWLNgG+oq/ETWqsYjqVn 3/WIbA4R83kwt4dto6zDC7PJFG7qlSRvQKtGb6sQWw6QNKGpuMHgR8k2WEHpFFyx GMP+3I8gGysgJCd49HzGBziuNt9JBBvI/wXQJwdRCMb3MBtcsDuRdxhGXQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGZyLwtnE1y6bsQ2sn4uPrFWYVUeMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNlMTBiODgxLWNjNGQtNDU3NS05MDM0LTZlYWNmYzExODQ1Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYSAwDQYJKoZIhvcNAQELBQADggEBAJv2zkH39E6BRrK0jy7V qv5c4KzGu1Xfl2+pPIv4Axq81xPEADNYWkA4zPnPFXs1Vii1xClMJGTlAG0h6WNu CFkr52qYOVUV94MZ6wpNg+JdvB07IG93YBl1fJhFtRs1DDYOyTDdH+rzl6s6lC2n RlPF59eWgA3O2vjABWRofBbOiAU5RLeQvL+WsIfsiQp2L8wM4RwKVp/rHNGuBl36 oFQsChrD/GgRB8xytTXS4uEgWtVZSBKkRZIDmgtidekEkSDSPH89w1l92jWsZYY+ KbVipUZ7zi1YOekoycsYKV64C2ae63CM/0IU1RD/GLJFeTJkjMBix287th3eUnoW Qxw= -----END CERTIFICATE-----Generated at Sat Aug 23 08:32:44 2025 by rpki-client