$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/69b62cdf-1adc-4227-8782-99cecf187e33.roa File: 69b62cdf-1adc-4227-8782-99cecf187e33.roa (raw, json) Hash identifier: mstIZ0KHvmCiGNBAuYBHNTqwOpEqnodyFPjndV/RvVs= Subject key identifier: 4B:7C:5C:EF:B7:92:E0:E1:F8:49:49:21:BA:9D:44:A0:33:50:87:B6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 16CBBFD1282E49EB053EC2DF55DF5155DD99418F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/69b62cdf-1adc-4227-8782-99cecf187e33.roa Signing time: Sat 23 Aug 2025 00:10:25 +0000 ROA not before: Sat 23 Aug 2025 00:10:25 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:7080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:cb:bf:d1:28:2e:49:eb:05:3e:c2:df:55:df:51:55:dd:99:41:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:10:25 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=c07f3a6bf1fea4062d758bd6149a27313879b37f796951fcb820f89ef88b529f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:19:d4:be:48:06:c4:28:67:ef:d9:47:d9:48: 3d:68:1b:2c:b7:11:3a:3e:52:af:97:95:d7:27:e0: a0:46:3e:73:26:df:27:5f:a3:a4:65:0d:05:c4:87: 30:34:ca:c2:42:54:53:51:c6:1a:08:66:09:ec:a3: b1:dc:e7:fd:08:6e:3a:a9:ea:32:1d:25:28:7f:6c: 36:2a:45:90:2e:10:9b:d9:2f:b7:d5:99:66:29:e3: 75:04:f4:95:c9:fa:9f:ed:99:b7:cc:bf:a2:0e:01: 23:8a:33:73:2c:3a:ba:f2:a3:81:0c:b0:af:1d:8c: db:8c:7b:ea:ef:69:ad:65:6e:ff:5b:ab:0a:f0:e5: 02:25:68:b4:29:99:05:9b:65:81:de:b8:c3:d9:98: 68:5d:8d:4d:60:0d:df:a7:62:6e:a4:de:54:b3:96: 95:83:72:9f:e8:d6:9d:94:08:a7:9d:ca:74:34:9a: 35:35:a1:f4:9d:f1:61:8e:7b:da:e5:4a:ed:18:f3: e0:85:95:66:da:d2:36:1d:1f:a5:05:b8:56:89:2b: 4c:bb:99:66:b2:cb:a5:2c:33:5f:33:34:e0:22:da: c3:b8:05:fa:c0:f2:a6:9b:10:95:c1:4d:fd:1c:d4: 5a:9c:93:63:ea:5b:2f:54:ad:1f:77:88:3e:b2:9c: 33:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:7C:5C:EF:B7:92:E0:E1:F8:49:49:21:BA:9D:44:A0:33:50:87:B6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/69b62cdf-1adc-4227-8782-99cecf187e33.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:7080::/48 Signature Algorithm: sha256WithRSAEncryption 36:90:00:69:e7:9f:fa:39:c2:86:58:93:e4:96:0d:f4:3e:4c: c9:97:8d:e8:b9:75:78:83:52:64:27:32:a0:ed:40:58:92:49: 71:64:2a:ed:62:23:e9:89:c2:b0:87:9a:a7:0e:4f:1e:b6:1d: b6:50:0e:11:8f:3d:fe:e0:c6:d1:b3:2f:21:2f:26:47:75:35: 04:e3:ab:ac:cb:a0:f7:b7:d3:c2:ef:bb:c9:f2:3c:70:36:c7: 06:3f:87:04:e7:3e:a0:12:8d:81:63:9c:b5:94:52:a7:1e:02: 95:a8:96:62:7d:c9:45:29:fa:62:6c:60:b4:dc:30:d6:ee:c2: 7e:ab:85:8c:85:a0:33:e9:bc:74:e1:81:5f:0a:0a:51:2d:7d: 90:0d:74:1f:23:1d:f4:d6:fc:3b:95:fa:b3:a5:c5:a9:c8:a4: 3f:fc:b2:f0:0f:af:26:a1:87:d5:2f:76:40:4c:d9:e5:5e:61: 35:a2:e3:e0:86:97:c5:fc:54:25:a3:eb:b6:87:f0:5a:f2:58: 0f:c0:a5:4d:53:50:e0:4c:f9:dc:9a:56:6c:cd:b0:cf:45:43: 4a:c1:41:2d:04:bb:44:ca:ff:8b:28:5d:f2:8b:60:a9:9f:6a: c6:84:f9:5f:82:d4:1b:fb:65:96:57:e4:8a:d5:bc:93:36:ab: 05:83:8d:d8 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUFsu/0SguSesFPsLfVd9RVd2ZQY8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMTAyNVoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAYzA3ZjNhNmJmMWZlYTQwNjJkNzU4 YmQ2MTQ5YTI3MzEzODc5YjM3Zjc5Njk1MWZjYjgyMGY4OWVmODhiNTI5ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBnUvkgGxChn79lH2Ug9aBsstxE6 PlKvl5XXJ+CgRj5zJt8nX6OkZQ0FxIcwNMrCQlRTUcYaCGYJ7KOx3Of9CG46qeoy HSUof2w2KkWQLhCb2S+31ZlmKeN1BPSVyfqf7Zm3zL+iDgEjijNzLDq68qOBDLCv HYzbjHvq72mtZW7/W6sK8OUCJWi0KZkFm2WB3rjD2ZhoXY1NYA3fp2JupN5Us5aV g3Kf6NadlAinncp0NJo1NaH0nfFhjnva5UrtGPPghZVm2tI2HR+lBbhWiStMu5lm ssulLDNfMzTgItrDuAX6wPKmmxCVwU39HNRanJNj6lsvVK0fd4g+spwzlwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEt8XO+3kuDh+ElJIbqdRKAzUIe2MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY5YjYyY2RmLTFhZGMtNDIyNy04NzgyLTk5Y2VjZjE4N2UzMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8nCAMA0GCSqGSIb3DQEBCwUAA4IBAQA2kABp55/6OcKGWJPk lg30PkzJl43ouXV4g1JkJzKg7UBYkklxZCrtYiPpicKwh5qnDk8eth22UA4Rjz3+ 4MbRsy8hLyZHdTUE46usy6D3t9PC77vJ8jxwNscGP4cE5z6gEo2BY5y1lFKnHgKV qJZifclFKfpibGC03DDW7sJ+q4WMhaAz6bx04YFfCgpRLX2QDXQfIx301vw7lfqz pcWpyKQ//LLwD68moYfVL3ZATNnlXmE1ouPghpfF/FQlo+u2h/Ba8lgPwKVNU1Dg TPncmlZszbDPRUNKwUEtBLtEyv+LKF3yi2Cpn2rGhPlfgtQb+2WWV+SK1byTNqsF g43Y -----END CERTIFICATE-----Generated at Sat Aug 23 12:11:27 2025 by rpki-client