$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/53dc8acc-0c30-42d3-abfa-5792ea5bf7de.roa File: 53dc8acc-0c30-42d3-abfa-5792ea5bf7de.roa (raw, json) Hash identifier: Lesx8K0f9gP4kO41ezmrV5dfasp48N78LTjimJjxuqc= Subject key identifier: 54:08:E6:BC:23:54:3B:7F:26:A9:B4:09:99:7D:41:6B:C3:AB:8E:31 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 688DE9EDE7E6129F020614423126A45F8606A3C1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/53dc8acc-0c30-42d3-abfa-5792ea5bf7de.roa Signing time: Sat 23 Aug 2025 00:50:24 +0000 ROA not before: Sat 23 Aug 2025 00:50:24 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:2000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:8d:e9:ed:e7:e6:12:9f:02:06:14:42:31:26:a4:5f:86:06:a3:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:50:24 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=155f6d6c8d3085a56340ffd72e5a8e04aa33532a6d8d940604dd96cb0d004d24, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:7b:b3:23:34:04:87:ec:10:d4:8b:78:fa:b9: 32:f3:cc:43:ef:f6:53:b1:8e:7d:b4:0e:58:9f:10: 16:bb:22:ce:ac:c1:de:0a:3b:79:18:4b:45:ed:6a: f0:aa:6f:09:13:37:86:20:cb:6f:8a:75:f5:00:c3: 64:f2:b0:b3:33:25:1b:29:f9:71:8c:03:1d:d3:32: af:7b:fc:bb:a1:c6:79:bf:42:8f:cf:e6:ec:58:fa: 44:fb:57:3d:6a:c2:1a:e4:8f:67:6f:3e:92:5c:16: 3f:75:12:1e:43:30:fa:d2:4c:b1:bf:8a:b4:99:15: 63:70:66:45:c5:b9:14:1a:b6:2c:7a:f4:66:7d:be: bf:c7:04:73:9f:a2:69:19:d9:03:64:b6:5b:91:34: d4:63:dc:cc:3e:4e:09:e6:c5:5c:83:80:b6:8b:30: 01:22:d3:7a:4d:82:1a:45:21:b4:6d:a1:35:bc:70: 3b:21:d6:36:c8:b4:bb:ec:f7:eb:bf:8f:9d:e6:54: 8b:a4:85:7e:53:3e:7d:7d:38:14:44:da:84:d6:aa: 5e:80:5c:b9:54:5a:e2:79:31:2b:70:1c:15:58:bc: a6:04:28:6d:b5:00:c1:f3:be:c6:47:28:64:c0:30: fc:0e:ba:6f:fc:2f:39:02:08:8e:60:84:84:a5:4c: e5:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:08:E6:BC:23:54:3B:7F:26:A9:B4:09:99:7D:41:6B:C3:AB:8E:31 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/53dc8acc-0c30-42d3-abfa-5792ea5bf7de.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:2000::/40 Signature Algorithm: sha256WithRSAEncryption 4e:1a:6d:0f:c0:53:70:75:06:7e:0a:30:88:78:36:0c:f1:4d: be:3b:2f:60:79:b9:44:f3:f1:49:12:c3:6a:c4:44:7b:22:72: d4:f1:69:ef:a3:c1:3a:33:0c:cb:91:7d:89:9c:bc:f8:8f:4f: d8:85:d2:4d:97:6f:f1:41:f0:eb:e3:dc:f8:43:83:b4:ad:b4: 2b:ef:0d:0b:64:1a:d8:d2:c2:d7:26:b1:71:44:99:c7:e6:41: 49:0d:fd:63:9e:fa:6e:66:6b:71:e5:18:82:73:69:1c:af:e3: 5f:fc:a4:75:ad:10:94:06:c4:6b:47:e6:9c:28:2f:c5:0b:47: 28:21:5d:bb:05:12:e6:7a:9a:fe:da:55:2e:da:8d:5d:86:aa: a0:30:d1:e1:a1:72:da:25:e7:4b:0c:75:ee:a6:ec:87:64:89: 2e:0a:69:c9:e1:61:96:2a:8a:5d:5d:8c:49:4d:a8:91:ef:09: c8:5e:0e:e8:b9:6c:2e:64:48:0c:5a:0b:42:e9:8b:8d:43:51: 96:45:8e:1b:c3:d3:32:74:83:18:2d:0f:a1:9a:0f:d0:9f:63: c5:b0:37:a9:0a:9d:37:2f:81:3f:2e:dd:60:5b:af:82:ca:ef: b8:97:ea:77:b9:d1:6c:da:75:85:5c:53:d2:2f:77:c5:74:50: 51:23:c0:8a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUaI3p7efmEp8CBhRCMSakX4YGo8EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwNTAyNFoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAMTU1ZjZkNmM4ZDMwODVhNTYzNDBm ZmQ3MmU1YThlMDRhYTMzNTMyYTZkOGQ5NDA2MDRkZDk2Y2IwZDAwNGQyNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHuzIzQEh+wQ1It4+rky88xD7/ZT sY59tA5YnxAWuyLOrMHeCjt5GEtF7Wrwqm8JEzeGIMtvinX1AMNk8rCzMyUbKflx jAMd0zKve/y7ocZ5v0KPz+bsWPpE+1c9asIa5I9nbz6SXBY/dRIeQzD60kyxv4q0 mRVjcGZFxbkUGrYsevRmfb6/xwRzn6JpGdkDZLZbkTTUY9zMPk4J5sVcg4C2izAB ItN6TYIaRSG0baE1vHA7IdY2yLS77Pfrv4+d5lSLpIV+Uz59fTgURNqE1qpegFy5 VFrieTErcBwVWLymBChttQDB877GRyhkwDD8Drpv/C85AgiOYISEpUzlSwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFQI5rwjVDt/Jqm0CZl9QWvDq44xMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzUzZGM4YWNjLTBjMzAtNDJkMy1hYmZhLTU3OTJlYTViZjdkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/yAwDQYJKoZIhvcNAQELBQADggEBAE4abQ/AU3B1Bn4KMIh4 NgzxTb47L2B5uUTz8UkSw2rERHsictTxae+jwTozDMuRfYmcvPiPT9iF0k2Xb/FB 8Ovj3PhDg7SttCvvDQtkGtjSwtcmsXFEmcfmQUkN/WOe+m5ma3HlGIJzaRyv41/8 pHWtEJQGxGtH5pwoL8ULRyghXbsFEuZ6mv7aVS7ajV2GqqAw0eGhctol50sMde6m 7IdkiS4KacnhYZYqil1djElNqJHvCcheDui5bC5kSAxaC0Lpi41DUZZFjhvD0zJ0 gxgtD6GaD9CfY8WwN6kKnTcvgT8u3WBbr4LK77iX6ne50WzadYVcU9Ivd8V0UFEj wIo= -----END CERTIFICATE-----Generated at Sat Aug 23 06:39:02 2025 by rpki-client