$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c01d0b7-a36c-4fd4-8763-5cffae96bc6a.roa File: 4c01d0b7-a36c-4fd4-8763-5cffae96bc6a.roa (raw, json) Hash identifier: PM4wEIL6yp5w101MxW3iZrCKNKvuwhDsJSSi+fZKpPE= Subject key identifier: E0:9A:87:95:C8:C1:51:22:C5:EF:D8:A5:85:1E:5C:2E:BE:DD:D3:49 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 35834D56F6FC5FB58E3808D8E8541A96FCAE17DC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c01d0b7-a36c-4fd4-8763-5cffae96bc6a.roa Signing time: Sat 23 Aug 2025 00:50:12 +0000 ROA not before: Sat 23 Aug 2025 00:50:12 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:1080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:83:4d:56:f6:fc:5f:b5:8e:38:08:d8:e8:54:1a:96:fc:ae:17:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:50:12 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=c3871afa34ceb35622869e16c6c1edecca9901665f114b90c95ff5caa4ddf4b3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:84:7e:89:1c:c2:29:55:35:a6:40:b0:99:57: a0:96:56:8c:51:df:ec:3b:7d:8b:c4:f4:62:69:05: 41:22:de:08:2f:75:4c:98:43:ea:fa:d4:8f:fa:aa: 3b:23:b8:7c:89:cc:8f:47:08:d4:cd:81:b4:f1:de: 51:0f:0c:25:ab:37:13:0c:4e:12:f2:41:a1:53:36: bc:5c:e2:02:e7:cc:96:09:39:cb:5f:d7:0a:28:64: 7e:7f:e8:27:d6:5a:11:9d:a6:9d:92:25:10:9e:77: 19:57:aa:ad:92:17:85:90:11:f0:69:c7:74:02:fa: 23:8d:81:5c:94:3c:b8:07:42:6c:77:58:97:80:8b: cb:c2:89:97:7f:10:87:1f:7a:b6:20:4a:e1:0e:99: 6c:ed:61:25:ad:37:6e:c7:60:30:3d:a3:a7:f9:9b: c2:a1:ab:8b:6d:59:80:aa:d0:d2:42:cb:2b:69:b8: b8:67:91:94:ed:95:44:66:1c:8c:f0:94:bd:e1:7e: ab:44:b4:62:14:b5:7f:7d:19:19:f7:2d:15:ad:65: 25:8c:bb:1e:78:8d:81:da:f6:d7:6b:81:77:75:7f: e2:90:b6:fd:df:57:4d:e7:8f:7e:7b:c3:4f:38:3c: 0a:92:4a:5d:d2:d9:27:02:55:06:34:0a:d6:b6:21: 69:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:9A:87:95:C8:C1:51:22:C5:EF:D8:A5:85:1E:5C:2E:BE:DD:D3:49 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c01d0b7-a36c-4fd4-8763-5cffae96bc6a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:1080::/48 Signature Algorithm: sha256WithRSAEncryption 81:e5:c3:7a:94:2c:13:3b:45:a9:19:13:0c:c6:09:13:d3:3b: 84:9c:f2:f2:ff:b1:02:bc:b5:fb:c8:0b:97:8a:27:fc:bf:b1: ca:72:c2:d6:42:62:65:e5:4d:83:62:06:da:0d:a0:d6:16:69: 0d:52:90:0a:cf:d2:ee:73:5c:d6:d0:6d:5f:56:78:b1:78:36: dc:30:9c:20:d7:67:a2:62:d7:81:4a:a0:02:9c:b4:11:21:31: 0b:f6:d6:54:0b:bb:79:f8:39:65:26:55:d9:da:fe:55:ed:f4: 53:dd:19:e8:1c:e8:0c:f5:fe:4f:b2:24:f1:15:16:0c:4d:9c: aa:ee:56:df:db:3e:08:4d:3b:cc:a0:62:4b:9f:cb:77:55:ce: 29:5c:c5:dd:92:56:cc:cf:f5:88:da:44:15:93:c1:00:75:ff: 4c:10:4b:7f:ed:c5:69:37:0f:26:a4:ae:17:8e:76:da:54:ed: ed:0b:ae:3f:51:95:c3:23:d9:68:68:88:f4:2a:9b:dd:1c:74: 65:26:5c:92:df:cf:90:d8:97:ca:af:ae:88:86:b3:95:1f:62: 80:d7:dd:cf:41:71:2c:05:3e:5f:06:98:32:fd:f9:fc:9e:a6: 0b:8e:91:c9:b6:6f:65:75:d8:5a:c8:c0:8c:2d:58:f8:18:34: 47:08:1d:08 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUNYNNVvb8X7WOOAjY6FQalvyuF9wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwNTAxMloX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAYzM4NzFhZmEzNGNlYjM1NjIyODY5 ZTE2YzZjMWVkZWNjYTk5MDE2NjVmMTE0YjkwYzk1ZmY1Y2FhNGRkZjRiMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4R+iRzCKVU1pkCwmVegllaMUd/s O32LxPRiaQVBIt4IL3VMmEPq+tSP+qo7I7h8icyPRwjUzYG08d5RDwwlqzcTDE4S 8kGhUza8XOIC58yWCTnLX9cKKGR+f+gn1loRnaadkiUQnncZV6qtkheFkBHwacd0 AvojjYFclDy4B0Jsd1iXgIvLwomXfxCHH3q2IErhDpls7WElrTdux2AwPaOn+ZvC oauLbVmAqtDSQssrabi4Z5GU7ZVEZhyM8JS94X6rRLRiFLV/fRkZ9y0VrWUljLse eI2B2vbXa4F3dX/ikLb931dN549+e8NPODwKkkpd0tknAlUGNArWtiFpvwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOCah5XIwVEixe/YpYUeXC6+3dNJMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRjMDFkMGI3LWEzNmMtNGZkNC04NzYzLTVjZmZhZTk2YmM2YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaABCAMA0GCSqGSIb3DQEBCwUAA4IBAQCB5cN6lCwTO0WpGRMM xgkT0zuEnPLy/7ECvLX7yAuXiif8v7HKcsLWQmJl5U2DYgbaDaDWFmkNUpAKz9Lu c1zW0G1fVnixeDbcMJwg12eiYteBSqACnLQRITEL9tZUC7t5+DllJlXZ2v5V7fRT 3RnoHOgM9f5PsiTxFRYMTZyq7lbf2z4ITTvMoGJLn8t3Vc4pXMXdklbMz/WI2kQV k8EAdf9MEEt/7cVpNw8mpK4XjnbaVO3tC64/UZXDI9loaIj0KpvdHHRlJlyS38+Q 2JfKr66IhrOVH2KA193PQXEsBT5fBpgy/fn8nqYLjpHJtm9lddhayMCMLVj4GDRH CB0I -----END CERTIFICATE-----Generated at Sat Aug 23 08:05:32 2025 by rpki-client