$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5b5ea3b5-d1e1-4482-9795-44899d6c1b41.roa File: 5b5ea3b5-d1e1-4482-9795-44899d6c1b41.roa (raw, json) Hash identifier: Y8kS8qm2Bk3LzPNgBrV890d9AmpIc0tSRGf1ghijHPE= Subject key identifier: DD:7F:5F:AF:D9:D8:D0:09:05:40:AD:DF:54:D9:C7:68:B9:98:53:B7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 574A0E11CF383FE52F1059E167F2701B39A2536E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5b5ea3b5-d1e1-4482-9795-44899d6c1b41.roa Signing time: Sat 23 Aug 2025 00:21:54 +0000 ROA not before: Sat 23 Aug 2025 00:21:54 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:7000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:4a:0e:11:cf:38:3f:e5:2f:10:59:e1:67:f2:70:1b:39:a2:53:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:21:54 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=cf09bc3d42514f6fc892c82107fe93a64e9300827e50c17a85d8e2f964b0e8f3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:58:b1:1b:72:ea:4f:8d:58:e2:47:fa:41:91: 4b:f3:07:98:97:77:64:74:11:1f:ef:d1:4d:1c:f6: db:2b:f3:54:8f:1f:e6:0b:33:43:2f:f3:24:8e:0a: 81:87:d7:3b:58:6c:ca:b7:27:e5:4a:6d:dc:2a:47: ad:46:9f:b9:a5:0a:f4:d9:63:1a:eb:c9:46:61:e4: eb:b1:8c:37:86:2f:94:c5:ab:59:bc:1b:86:92:97: 02:cb:24:1b:02:64:fb:e2:56:3a:14:1f:e2:05:b4: 59:71:06:4f:04:f4:e9:76:6b:1c:ec:2a:b0:c3:30: 4c:d5:e0:5a:6e:39:d2:90:82:5e:9a:74:1f:c5:96: 4b:97:7d:cb:bc:e5:7a:37:b1:bb:8c:fa:d6:21:07: 9c:cc:15:d8:41:2e:0e:88:83:37:2d:2d:80:7e:d6: b6:c9:e2:46:ab:5e:0c:19:9d:f6:dc:a2:8c:5f:9c: c5:99:a8:0b:a3:78:f6:bc:9c:5d:4e:78:6d:2f:62: 4b:2a:2f:f4:44:be:2e:dc:bb:bb:98:d0:ed:c1:05: 34:aa:83:c5:14:7c:41:f5:1e:9b:8b:ab:c9:43:86: 46:a8:28:8f:19:f2:99:d8:15:e6:2d:12:fd:ce:28: f1:f0:be:2c:ee:8e:b2:0f:1e:eb:24:50:bc:30:c6: 63:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:7F:5F:AF:D9:D8:D0:09:05:40:AD:DF:54:D9:C7:68:B9:98:53:B7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5b5ea3b5-d1e1-4482-9795-44899d6c1b41.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:7000::/40 Signature Algorithm: sha256WithRSAEncryption 3f:ec:ca:f8:d9:8e:72:76:54:48:11:cc:d7:10:7b:8e:57:4d: 4f:b5:89:a7:cc:e3:24:f9:d3:36:f9:16:9b:21:ac:6a:e9:30: db:83:d2:31:d0:ed:ef:f0:b0:bd:a1:b2:b3:75:cf:29:6f:99: f6:3f:c8:ed:15:65:25:f0:52:c1:a6:e6:e6:ca:d0:c8:6d:ab: 12:ba:62:1b:a3:05:68:33:aa:ce:68:f8:ae:19:63:63:52:eb: 80:62:10:7f:ab:e1:e6:a5:f2:fe:b8:32:5f:de:10:bb:3b:15: 83:b9:77:ad:de:9e:6a:4b:2e:35:53:9b:37:21:e0:03:70:18: b8:eb:5f:15:aa:ea:47:5a:4f:f7:38:6c:04:f9:d5:5a:88:36: 14:9e:21:7d:fe:37:16:ec:b8:d3:a6:ed:02:71:0f:59:e3:0e: 23:28:87:e2:c2:b6:e0:0f:cc:19:e4:6c:f3:c7:c7:a5:3f:40: 3e:ee:0f:2e:b5:83:b3:97:d2:e4:c5:43:59:28:82:3a:3b:9f: 57:33:44:8a:be:65:8e:ba:52:45:ba:e9:82:7d:85:3e:0e:88: 05:38:5f:91:ea:dc:4e:4b:b2:60:26:32:39:a3:98:59:3d:b8: f4:36:d5:dc:d6:ce:26:f8:c4:92:77:95:5b:97:bf:3a:6c:5b: b0:0a:32:d2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUV0oOEc84P+UvEFnhZ/JwGzmiU24wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMjE1NFoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAY2YwOWJjM2Q0MjUxNGY2ZmM4OTJj ODIxMDdmZTkzYTY0ZTkzMDA4MjdlNTBjMTdhODVkOGUyZjk2NGIwZThmMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1ixG3LqT41Y4kf6QZFL8weYl3dk dBEf79FNHPbbK/NUjx/mCzNDL/MkjgqBh9c7WGzKtyflSm3cKketRp+5pQr02WMa 68lGYeTrsYw3hi+UxatZvBuGkpcCyyQbAmT74lY6FB/iBbRZcQZPBPTpdmsc7Cqw wzBM1eBabjnSkIJemnQfxZZLl33LvOV6N7G7jPrWIQeczBXYQS4OiIM3LS2Afta2 yeJGq14MGZ323KKMX5zFmagLo3j2vJxdTnhtL2JLKi/0RL4u3Lu7mNDtwQU0qoPF FHxB9R6bi6vJQ4ZGqCiPGfKZ2BXmLRL9zijx8L4s7o6yDx7rJFC8MMZjtwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFN1/X6/Z2NAJBUCt31TZx2i5mFO3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzViNWVhM2I1LWQxZTEtNDQ4Mi05Nzk1LTQ0ODk5ZDZjMWI0MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYXAwDQYJKoZIhvcNAQELBQADggEBAD/syvjZjnJ2VEgRzNcQ e45XTU+1iafM4yT50zb5FpshrGrpMNuD0jHQ7e/wsL2hsrN1zylvmfY/yO0VZSXw UsGm5ubK0MhtqxK6YhujBWgzqs5o+K4ZY2NS64BiEH+r4eal8v64Ml/eELs7FYO5 d63enmpLLjVTmzch4ANwGLjrXxWq6kdaT/c4bAT51VqINhSeIX3+NxbsuNOm7QJx D1njDiMoh+LCtuAPzBnkbPPHx6U/QD7uDy61g7OX0uTFQ1kogjo7n1czRIq+ZY66 UkW66YJ9hT4OiAU4X5Hq3E5LsmAmMjmjmFk9uPQ21dzWzib4xJJ3lVuXvzpsW7AK MtI= -----END CERTIFICATE-----Generated at Sat Aug 23 08:10:36 2025 by rpki-client