$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/41e0909c-5b11-419b-8046-ee979b1850a3.roa File: 41e0909c-5b11-419b-8046-ee979b1850a3.roa (raw, json) Hash identifier: serNTcqgnLr+JnUIWb8rTQqeWrdX6emfQXNzAB0vvtk= Subject key identifier: D9:34:12:B0:40:8D:2D:4D:92:A4:EF:74:35:28:EF:68:22:72:88:A0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2B00B2F32380952D218334FDEBE2D636D7B4AA36 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/41e0909c-5b11-419b-8046-ee979b1850a3.roa Signing time: Tue 19 Aug 2025 00:00:07 +0000 ROA not before: Tue 19 Aug 2025 00:00:07 +0000 ROA not after: Tue 23 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:00:b2:f3:23:80:95:2d:21:83:34:fd:eb:e2:d6:36:d7:b4:aa:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 19 00:00:07 2025 GMT Not After : Sep 23 23:59:59 2025 GMT Subject: serialNumber=d1f793a50cd16cd8822f5a99e26828a689ac2f72d98ba2aee7077d00a8beb17f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:65:34:6b:cc:9f:48:f9:af:de:3d:cd:d3:4d: c6:76:12:d2:4d:6f:7d:62:ba:e2:23:94:39:a6:ed: a5:17:70:20:df:2b:01:79:4e:73:ee:b4:b2:08:3b: 0d:b4:4c:60:a5:36:3f:8e:19:84:74:33:38:01:e8: 31:e3:a8:39:8c:25:07:b6:ba:f4:59:77:9f:f1:80: 7f:54:ce:1e:5d:48:cd:d4:62:50:0b:97:bb:cb:1b: 18:58:aa:3e:a4:52:6e:eb:01:cb:5e:5a:68:59:ea: 56:bf:cb:d8:a5:fd:18:bf:6c:e4:4f:91:a0:ef:34: b8:fb:4c:65:e5:2d:16:8d:80:70:26:f4:45:c7:ec: 4d:4b:92:b3:b7:de:dc:fb:b4:6d:3b:33:d9:e1:a6: 0d:5d:b5:47:53:ee:0a:a7:c6:4d:1f:d7:71:71:ad: 17:b1:46:fe:e9:e5:f1:5a:fc:d7:7e:8b:80:11:59: 4b:b8:a0:7a:f4:b5:7c:16:db:bd:b1:dd:96:75:fb: d0:ac:08:26:6f:3e:cd:2e:61:62:4e:f5:3a:b0:c5: 36:5f:15:41:c1:c1:a4:f2:da:c9:a7:ce:76:02:e3: db:0e:f6:10:df:bf:a5:68:8e:cd:6a:8e:07:cf:8d: 1a:e6:d3:9b:3f:1e:79:1b:fe:df:10:5a:bd:37:19: 3b:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:34:12:B0:40:8D:2D:4D:92:A4:EF:74:35:28:EF:68:22:72:88:A0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/41e0909c-5b11-419b-8046-ee979b1850a3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:8800::/40 Signature Algorithm: sha256WithRSAEncryption 24:de:70:f7:d4:f9:34:3b:9d:cd:de:8b:a5:c4:ef:5b:40:a5: 22:0e:c5:16:6c:70:8f:58:a6:1f:3b:a0:33:e5:48:99:21:1e: 4b:96:9e:04:df:10:a6:74:f7:01:9e:15:c5:d9:cb:6c:00:fa: c5:9e:4f:1a:bc:5b:2b:92:3f:af:24:d6:12:32:b4:8b:1e:be: 12:2a:81:33:7b:54:19:f5:ee:84:17:e5:33:57:81:84:28:a9: 0d:ca:11:45:4a:ce:72:64:92:9b:ce:bc:1a:3d:45:0c:87:c7: aa:e7:a5:a6:1d:95:d9:57:00:57:8c:67:17:5a:87:58:c7:a0: 55:3a:63:ad:ea:fb:a9:f9:66:45:74:92:7c:9f:08:44:39:c1: 12:99:4c:d9:b4:38:70:f5:67:f6:23:d5:b0:7b:de:9b:1f:79: 40:fd:37:4a:dc:ae:fd:23:e3:c2:5b:83:e7:0e:a2:57:9d:79: 11:ef:a8:33:94:aa:2a:00:b6:81:c1:6e:46:a9:37:1d:64:3f: 10:1a:84:53:cb:3d:75:f8:a4:af:99:af:e9:5a:61:63:7b:30: 10:a6:28:a4:26:cf:6d:fb:70:8f:6c:0c:18:3a:7b:f8:97:9c: 31:45:b8:fa:b5:3e:3e:8d:6e:d6:60:34:26:c0:f5:f3:8c:9e: 67:bd:1a:54 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKwCy8yOAlS0hgzT96+LWNte0qjYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxOTAwMDAwN1oX DTI1MDkyMzIzNTk1OVowejFJMEcGA1UEBRNAZDFmNzkzYTUwY2QxNmNkODgyMmY1 YTk5ZTI2ODI4YTY4OWFjMmY3MmQ5OGJhMmFlZTcwNzdkMDBhOGJlYjE3ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2U0a8yfSPmv3j3N003GdhLSTW99 YrriI5Q5pu2lF3Ag3ysBeU5z7rSyCDsNtExgpTY/jhmEdDM4Aegx46g5jCUHtrr0 WXef8YB/VM4eXUjN1GJQC5e7yxsYWKo+pFJu6wHLXlpoWepWv8vYpf0Yv2zkT5Gg 7zS4+0xl5S0WjYBwJvRFx+xNS5Kzt97c+7RtOzPZ4aYNXbVHU+4Kp8ZNH9dxca0X sUb+6eXxWvzXfouAEVlLuKB69LV8Ftu9sd2WdfvQrAgmbz7NLmFiTvU6sMU2XxVB wcGk8trJp852AuPbDvYQ37+laI7Nao4Hz40a5tObPx55G/7fEFq9Nxk7XwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNk0ErBAjS1NkqTvdDUo72gicoigMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQxZTA5MDljLTViMTEtNDE5Yi04MDQ2LWVlOTc5YjE4NTBhMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYIgwDQYJKoZIhvcNAQELBQADggEBACTecPfU+TQ7nc3ei6XE 71tApSIOxRZscI9Yph87oDPlSJkhHkuWngTfEKZ09wGeFcXZy2wA+sWeTxq8WyuS P68k1hIytIsevhIqgTN7VBn17oQX5TNXgYQoqQ3KEUVKznJkkpvOvBo9RQyHx6rn paYdldlXAFeMZxdah1jHoFU6Y63q+6n5ZkV0knyfCEQ5wRKZTNm0OHD1Z/Yj1bB7 3psfeUD9N0rcrv0j48Jbg+cOoledeRHvqDOUqioAtoHBbkapNx1kPxAahFPLPXX4 pK+Zr+laYWN7MBCmKKQmz237cI9sDBg6e/iXnDFFuPq1Pj6NbtZgNCbA9fOMnme9 GlQ= -----END CERTIFICATE-----Generated at Sat Aug 23 12:07:55 2025 by rpki-client