$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7105aadf-8449-4060-98c4-d4b349ff7892.roa File: 7105aadf-8449-4060-98c4-d4b349ff7892.roa (raw, json) Hash identifier: fCQuG75GreJcPCSi3ujrbmgXL4I5I7hoGD7m6Z0Mv8o= Subject key identifier: A0:B9:A0:BA:E9:FE:0A:14:EA:BA:9E:F3:85:4F:2F:CC:C3:6F:FA:FE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 18B342C10606B4A91F05E8648D04054B7F69E71C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7105aadf-8449-4060-98c4-d4b349ff7892.roa Signing time: Sat 16 Aug 2025 00:00:40 +0000 ROA not before: Sat 16 Aug 2025 00:00:40 +0000 ROA not after: Sat 20 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:b3:42:c1:06:06:b4:a9:1f:05:e8:64:8d:04:05:4b:7f:69:e7:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 16 00:00:40 2025 GMT Not After : Sep 20 23:59:59 2025 GMT Subject: serialNumber=24e916c9879f18fa7dd66030634b6677d2d7654cd8ca07cfe641120237c2692b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:ae:c9:ed:41:9c:df:51:a8:a6:6b:c1:4f:c3: fa:e1:0b:e2:b5:df:ad:45:a2:09:33:2c:4b:c8:ec: b9:d4:a7:06:b6:29:dd:bf:7a:d1:04:41:a3:bb:01: 68:72:f9:df:f5:f3:ef:ce:d1:c4:82:de:31:b8:95: 5d:d8:6f:42:2f:49:72:6c:6a:3e:94:1b:b7:e0:53: 22:21:a9:b8:b8:61:69:ac:8d:06:de:32:69:b3:7c: 89:54:b4:41:0d:1f:6c:06:f1:02:a3:ed:1c:a3:5b: 07:c7:c3:11:4c:f3:65:63:bc:c3:4a:c0:86:0a:ad: 0d:df:cb:e6:8f:58:f6:91:81:35:1c:b1:93:7e:30: 88:f4:f4:e0:9e:d5:9b:81:c9:b2:c4:ef:eb:22:86: d0:70:d0:08:e4:82:83:87:47:58:6b:24:96:17:d0: 0b:b0:65:54:8e:55:10:38:2a:d6:8c:7f:e9:49:08: d2:0d:da:31:65:b9:0e:0f:56:23:35:09:e1:d2:37: 58:78:dc:d3:d4:38:f6:6f:72:1b:f1:ce:72:1e:bb: 02:32:25:5a:dc:f7:06:22:60:22:47:b4:68:c3:71: 8b:ff:2e:7e:aa:0a:4a:c5:24:49:27:f9:85:21:8f: 6e:c9:15:7d:0e:18:ba:ae:31:d1:90:e3:16:86:d6: 07:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:B9:A0:BA:E9:FE:0A:14:EA:BA:9E:F3:85:4F:2F:CC:C3:6F:FA:FE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7105aadf-8449-4060-98c4-d4b349ff7892.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:b000::/40 Signature Algorithm: sha256WithRSAEncryption 77:e3:ab:be:af:7a:e8:c6:c0:21:25:a9:7f:b7:a0:76:18:a7: 97:9b:89:fd:a8:44:c3:13:29:af:56:dc:16:38:90:a6:bc:e2: d3:75:68:5f:b5:12:15:84:34:1c:c1:e3:be:6e:38:0c:8f:5b: f0:15:b5:d6:e5:ab:8b:67:cb:35:06:ae:37:df:36:df:98:51: f5:c0:b3:7e:e3:92:56:62:b2:c8:c1:13:1b:d1:f6:bd:df:58: 83:7b:2a:61:70:38:91:0a:25:8d:32:81:1f:be:64:b2:f3:91: b2:38:dd:54:b8:24:88:4b:fa:2a:ff:03:69:2a:06:06:13:c9: f4:50:2e:65:9f:9b:70:f7:22:2a:1b:45:e3:1d:0f:a1:f3:46: 4c:88:5f:2a:bb:f3:92:48:31:cf:fb:3f:40:3e:2b:a3:a5:64: 69:19:4b:2e:e1:0c:b9:d9:2e:70:e3:f3:f6:d8:c5:a5:0c:a1: e2:65:93:63:c5:4f:65:ee:0f:3d:3a:57:f0:e8:0a:c6:16:84: b4:85:35:c8:8c:63:ed:db:9e:22:11:ea:f3:64:3f:f4:21:5c: b9:4b:68:43:7a:9f:1e:52:14:d5:75:04:ef:52:e9:e8:b0:13: 01:4b:88:52:cf:93:13:fe:23:56:fc:9f:f3:0d:53:57:79:8c: eb:ee:4f:aa -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGLNCwQYGtKkfBehkjQQFS39p5xwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxNjAwMDA0MFoX DTI1MDkyMDIzNTk1OVowejFJMEcGA1UEBRNAMjRlOTE2Yzk4NzlmMThmYTdkZDY2 MDMwNjM0YjY2NzdkMmQ3NjU0Y2Q4Y2EwN2NmZTY0MTEyMDIzN2MyNjkyYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuK7J7UGc31GopmvBT8P64Qvitd+t RaIJMyxLyOy51KcGtindv3rRBEGjuwFocvnf9fPvztHEgt4xuJVd2G9CL0lybGo+ lBu34FMiIam4uGFprI0G3jJps3yJVLRBDR9sBvECo+0co1sHx8MRTPNlY7zDSsCG Cq0N38vmj1j2kYE1HLGTfjCI9PTgntWbgcmyxO/rIobQcNAI5IKDh0dYaySWF9AL sGVUjlUQOCrWjH/pSQjSDdoxZbkOD1YjNQnh0jdYeNzT1Dj2b3Ib8c5yHrsCMiVa 3PcGImAiR7Row3GL/y5+qgpKxSRJJ/mFIY9uyRV9Dhi6rjHRkOMWhtYHAwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKC5oLrp/goU6rqe84VPL8zDb/r+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcxMDVhYWRmLTg0NDktNDA2MC05OGM0LWQ0YjM0OWZmNzg5Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9bAwDQYJKoZIhvcNAQELBQADggEBAHfjq76veujGwCElqX+3 oHYYp5ebif2oRMMTKa9W3BY4kKa84tN1aF+1EhWENBzB475uOAyPW/AVtdblq4tn yzUGrjffNt+YUfXAs37jklZissjBExvR9r3fWIN7KmFwOJEKJY0ygR++ZLLzkbI4 3VS4JIhL+ir/A2kqBgYTyfRQLmWfm3D3IiobReMdD6HzRkyIXyq785JIMc/7P0A+ K6OlZGkZSy7hDLnZLnDj8/bYxaUMoeJlk2PFT2XuDz06V/DoCsYWhLSFNciMY+3b niIR6vNkP/QhXLlLaEN6nx5SFNV1BO9S6eiwEwFLiFLPkxP+I1b8n/MNU1d5jOvu T6o= -----END CERTIFICATE-----Generated at Sat Aug 23 10:17:57 2025 by rpki-client