$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/680b28c0-fd78-49c9-9355-94724e964ebe.roa File: 680b28c0-fd78-49c9-9355-94724e964ebe.roa (raw, json) Hash identifier: KgbCtrZOppSReNf77UvFdnaFdEKpX6CUy1r1utMYUm0= Subject key identifier: BC:D7:C6:D1:06:40:AB:7B:8E:16:80:8D:0B:C4:29:DB:F5:7A:63:5D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5158A4B1E2BB859BEFB7D43381F6759D15884474 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/680b28c0-fd78-49c9-9355-94724e964ebe.roa Signing time: Sat 23 Aug 2025 00:31:38 +0000 ROA not before: Sat 23 Aug 2025 00:31:38 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:c040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:58:a4:b1:e2:bb:85:9b:ef:b7:d4:33:81:f6:75:9d:15:88:44:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:31:38 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=2b8669ac6edb58181679b7474eb58c99cbc431fd9ff874460abf30537079b501, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:38:0f:bc:5f:bb:f7:bf:cc:8e:49:79:19:5c: ff:8a:2d:16:de:8d:a6:36:2c:d0:52:5f:33:8e:57: 51:55:74:b2:e6:e5:21:91:4f:76:39:68:e3:46:b4: 42:de:91:7b:0b:21:b1:b0:15:99:f2:28:a0:b5:fd: dd:72:aa:63:7a:3f:e6:1f:f5:2d:47:b1:49:96:1a: 8e:b0:bb:c4:8d:83:b4:eb:62:8d:45:88:61:bf:07: 7a:4a:b1:71:57:c3:16:d0:e0:d8:52:25:96:62:30: f9:79:00:11:5d:f9:46:f4:d9:37:89:78:06:1d:48: ba:45:42:85:d6:09:de:85:c3:0a:93:bf:23:dc:b2: 52:e9:2a:c6:b1:c7:8f:09:6b:aa:ad:ee:be:fb:25: 29:79:68:15:ae:1c:86:e9:8a:71:33:f7:e7:02:be: 2f:71:63:c1:cb:9e:7c:0f:dc:cd:65:d4:4e:55:3d: de:ab:44:2f:7b:ec:c9:2a:31:a5:69:42:e6:b0:07: e8:21:0a:b6:47:a3:b0:38:7f:94:61:7e:ab:47:bc: b4:70:e7:2d:12:df:b0:e3:60:bc:21:f9:03:d8:d5: 96:a5:d8:37:bb:ac:00:76:46:7c:4e:e7:95:c1:eb: b4:f4:3d:6b:88:2e:a7:a1:89:4b:d4:db:8d:81:80: 98:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:D7:C6:D1:06:40:AB:7B:8E:16:80:8D:0B:C4:29:DB:F5:7A:63:5D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/680b28c0-fd78-49c9-9355-94724e964ebe.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:c040::/48 Signature Algorithm: sha256WithRSAEncryption 22:29:b5:a2:ce:ea:36:79:47:a1:db:50:87:dc:af:27:48:7b: e0:f9:fa:93:ef:49:c3:b2:54:81:98:c9:ee:e5:ea:72:8d:26: bb:07:8d:f0:0d:a0:07:60:59:2e:3c:75:db:91:a2:45:51:b3: 03:be:b5:30:57:1f:51:8c:ab:e1:dc:cb:c8:79:29:ec:ab:5c: 3b:0d:5f:b4:66:6f:40:c7:30:09:32:c0:4e:99:57:10:84:d6: e7:62:25:00:29:9e:36:4f:47:60:0f:bf:5f:7b:79:5d:98:ec: 87:b5:02:a5:e9:23:16:3b:35:5d:41:b5:33:40:96:33:39:94: 56:24:3d:2f:77:e0:20:31:6b:f9:ab:f4:36:22:f7:0a:b4:9a: 6f:9f:40:24:b0:b6:2c:a6:71:ae:d2:2b:07:92:e0:50:09:14: 6a:ec:34:1d:f8:a4:6b:ef:5d:89:06:55:f8:3e:ad:ad:77:69: 1a:bd:87:11:8a:fd:7e:38:25:8f:9b:f1:ff:31:d8:c5:83:51: f4:66:b5:32:35:47:d8:05:36:5e:5b:35:ca:db:a1:6f:95:3b: 60:39:45:79:e4:24:cd:22:48:00:3a:15:33:29:dc:26:5e:08: 0d:ee:d7:fa:53:2d:30:d0:cd:47:d6:df:ba:6c:b4:77:0a:c9: 4e:e3:0b:97 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUUVikseK7hZvvt9QzgfZ1nRWIRHQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMzEzOFoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAMmI4NjY5YWM2ZWRiNTgxODE2Nzli NzQ3NGViNThjOTljYmM0MzFmZDlmZjg3NDQ2MGFiZjMwNTM3MDc5YjUwMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTgPvF+797/Mjkl5GVz/ii0W3o2m NizQUl8zjldRVXSy5uUhkU92OWjjRrRC3pF7CyGxsBWZ8iigtf3dcqpjej/mH/Ut R7FJlhqOsLvEjYO062KNRYhhvwd6SrFxV8MW0ODYUiWWYjD5eQARXflG9Nk3iXgG HUi6RUKF1gnehcMKk78j3LJS6SrGscePCWuqre6++yUpeWgVrhyG6YpxM/fnAr4v cWPBy558D9zNZdROVT3eq0Qve+zJKjGlaULmsAfoIQq2R6OwOH+UYX6rR7y0cOct Et+w42C8IfkD2NWWpdg3u6wAdkZ8TueVweu09D1riC6noYlL1NuNgYCY7wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLzXxtEGQKt7jhaAjQvEKdv1emNdMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY4MGIyOGMwLWZkNzgtNDljOS05MzU1LTk0NzI0ZTk2NGViZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYcBAMA0GCSqGSIb3DQEBCwUAA4IBAQAiKbWizuo2eUeh21CH 3K8nSHvg+fqT70nDslSBmMnu5epyjSa7B43wDaAHYFkuPHXbkaJFUbMDvrUwVx9R jKvh3MvIeSnsq1w7DV+0Zm9AxzAJMsBOmVcQhNbnYiUAKZ42T0dgD79fe3ldmOyH tQKl6SMWOzVdQbUzQJYzOZRWJD0vd+AgMWv5q/Q2IvcKtJpvn0AksLYspnGu0isH kuBQCRRq7DQd+KRr712JBlX4Pq2td2kavYcRiv1+OCWPm/H/MdjFg1H0ZrUyNUfY BTZeWzXK26FvlTtgOUV55CTNIkgAOhUzKdwmXggN7tf6Uy0w0M1H1t+6bLR3CslO 4wuX -----END CERTIFICATE-----Generated at Sat Aug 23 08:14:37 2025 by rpki-client