$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49fb7e22-9413-4e85-9c70-9dd3a60de128.roa File: 49fb7e22-9413-4e85-9c70-9dd3a60de128.roa (raw, json) Hash identifier: Z1cdZBtcUZ2/b5bKAWaHsHJOzK5qP+8Z1t8E5eXHBGk= Subject key identifier: 6B:DE:26:CE:0D:F3:44:F6:F9:D0:65:9E:84:14:D0:01:47:B9:CA:BA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5A28C0F2B0A354839CA083033F7AA1025903F5DC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49fb7e22-9413-4e85-9c70-9dd3a60de128.roa Signing time: Sat 23 Aug 2025 00:11:04 +0000 ROA not before: Sat 23 Aug 2025 00:11:04 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:f040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:28:c0:f2:b0:a3:54:83:9c:a0:83:03:3f:7a:a1:02:59:03:f5:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:11:04 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=4b656441138169984fbbcc852bab5450fb239f873fbcf1daf5c690a6faf5f3c5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:77:75:70:bd:c4:0a:3d:03:2c:89:6e:da:8d: 07:71:cf:8f:1a:5e:39:82:37:e6:5f:fb:ec:b8:07: 84:44:3d:e1:c6:86:be:ea:fd:fc:91:4a:f0:2e:89: 24:43:ce:59:c3:d4:f0:8e:e9:44:1e:8e:9d:ee:86: 10:fc:13:f8:d8:e8:7e:71:85:83:eb:b0:d9:a4:ab: de:e7:71:f6:85:0d:66:4c:db:08:60:0b:6a:ac:35: 8f:65:09:5a:7e:0c:79:d7:3e:c7:f0:14:24:cf:f3: 37:c4:5a:6b:80:9e:0d:ab:4d:d6:07:44:6e:54:cc: a3:d8:e6:fc:1a:6c:58:74:40:0c:5e:50:6a:51:00: 44:19:08:19:f0:77:97:7a:36:df:b1:5a:08:5d:d0: a7:19:6e:67:2e:14:71:20:0b:ff:fa:c4:9b:31:25: 7f:9b:a4:11:f3:71:a0:5d:e5:52:b6:a2:ac:06:9d: 50:7e:d3:43:31:2f:ba:be:5e:4a:03:72:91:e8:0a: e1:05:04:8a:00:87:ac:27:bf:e8:5a:24:e8:de:80: d5:71:a5:68:da:46:ce:9a:d6:82:ee:83:f1:d7:3e: 8d:6b:55:8d:9f:90:ca:94:d0:c0:57:c8:a3:69:b0: 23:e2:30:56:b9:52:22:a3:54:da:8a:d7:30:0d:8e: f3:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:DE:26:CE:0D:F3:44:F6:F9:D0:65:9E:84:14:D0:01:47:B9:CA:BA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49fb7e22-9413-4e85-9c70-9dd3a60de128.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:f040::/48 Signature Algorithm: sha256WithRSAEncryption 35:14:28:e8:27:e8:16:32:f6:70:5b:07:72:cc:4c:0d:30:e7: 3a:75:9b:55:9d:4e:2d:f8:7a:d1:79:26:94:37:c4:2a:6d:68: ec:7d:5a:e7:ad:e2:3b:9e:3a:b0:64:64:4e:e2:2f:8b:b2:48: cb:bc:25:fe:15:20:5e:e7:0e:59:0f:eb:09:c1:7c:cd:6e:f7: 01:cd:3d:f9:13:06:45:35:4c:53:d3:4a:81:41:17:b8:5c:13: 79:84:67:92:04:5f:70:d3:b7:c0:c3:44:63:52:51:9a:99:c7: 8b:6e:23:24:72:02:ef:ab:56:f8:f1:60:94:b3:f7:27:9b:96: 27:37:25:dc:75:91:7b:93:03:5c:97:20:52:68:18:3a:e3:2b: c3:19:d4:ee:3b:bb:96:16:d4:48:a5:22:4d:62:a9:5c:d4:42: 92:dd:69:c2:91:a4:e5:8a:4f:a9:9c:65:f6:39:1d:33:94:c0: fa:eb:30:29:9a:43:c1:e6:cf:4a:46:b8:a6:9d:ca:4b:60:5e: b4:ca:4d:4e:f6:c9:f8:05:bd:0a:9c:57:ee:03:02:b0:b6:67: a6:02:17:39:d8:34:c6:ff:49:07:bd:3a:58:aa:05:d6:65:ed: 64:da:49:2a:69:94:6d:ab:e6:61:3a:b5:0d:4c:30:40:13:46: 30:29:ff:83 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWijA8rCjVIOcoIMDP3qhAlkD9dwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMTEwNFoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNANGI2NTY0NDExMzgxNjk5ODRmYmJj Yzg1MmJhYjU0NTBmYjIzOWY4NzNmYmNmMWRhZjVjNjkwYTZmYWY1ZjNjNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXd1cL3ECj0DLIlu2o0Hcc+PGl45 gjfmX/vsuAeERD3hxoa+6v38kUrwLokkQ85Zw9TwjulEHo6d7oYQ/BP42Oh+cYWD 67DZpKve53H2hQ1mTNsIYAtqrDWPZQlafgx51z7H8BQkz/M3xFprgJ4Nq03WB0Ru VMyj2Ob8GmxYdEAMXlBqUQBEGQgZ8HeXejbfsVoIXdCnGW5nLhRxIAv/+sSbMSV/ m6QR83GgXeVStqKsBp1QftNDMS+6vl5KA3KR6ArhBQSKAIesJ7/oWiTo3oDVcaVo 2kbOmtaC7oPx1z6Na1WNn5DKlNDAV8ijabAj4jBWuVIio1TaitcwDY7zHQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGveJs4N80T2+dBlnoQU0AFHucq6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5ZmI3ZTIyLTk0MTMtNGU4NS05YzcwLTlkZDNhNjBkZTEyOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8vBAMA0GCSqGSIb3DQEBCwUAA4IBAQA1FCjoJ+gWMvZwWwdy zEwNMOc6dZtVnU4t+HrReSaUN8QqbWjsfVrnreI7njqwZGRO4i+LskjLvCX+FSBe 5w5ZD+sJwXzNbvcBzT35EwZFNUxT00qBQRe4XBN5hGeSBF9w07fAw0RjUlGamceL biMkcgLvq1b48WCUs/cnm5YnNyXcdZF7kwNclyBSaBg64yvDGdTuO7uWFtRIpSJN Yqlc1EKS3WnCkaTlik+pnGX2OR0zlMD66zApmkPB5s9KRrimncpLYF60yk1O9sn4 Bb0KnFfuAwKwtmemAhc52DTG/0kHvTpYqgXWZe1k2kkqaZRtq+ZhOrUNTDBAE0Yw Kf+D -----END CERTIFICATE-----Generated at Sat Aug 23 10:13:13 2025 by rpki-client