$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/743b890a-7e61-4b72-82d0-b83a580809c5.roa File: 743b890a-7e61-4b72-82d0-b83a580809c5.roa (raw, json) Hash identifier: lqJoRF7+kPuK/MZL9ldn7o2plqe9Qc0zUX6bOiUWtF0= Subject key identifier: A7:97:ED:F2:B2:E8:49:A1:5C:C4:B0:22:72:08:68:D0:CA:1D:6C:BF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1455228ABEE516E0012BD13039A2401F75AA0029 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/743b890a-7e61-4b72-82d0-b83a580809c5.roa Signing time: Wed 06 Aug 2025 00:01:08 +0000 ROA not before: Wed 06 Aug 2025 00:01:08 +0000 ROA not after: Wed 10 Sep 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:55:22:8a:be:e5:16:e0:01:2b:d1:30:39:a2:40:1f:75:aa:00:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 6 00:01:08 2025 GMT Not After : Sep 10 23:59:59 2025 GMT Subject: serialNumber=2e59fea3f105b0b91b325a54a48d88066183492ce4b2c342cf562317a3063168, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:92:67:c7:01:8e:30:53:29:c8:f6:7a:22:f8: 17:5c:e7:36:a5:43:f5:2c:11:8a:db:ac:b2:a8:4d: 8b:82:64:9f:ce:7a:35:e5:e5:f8:9a:e6:0b:b8:7b: 52:86:01:27:fa:45:8f:00:91:f2:bc:b7:f6:92:55: fe:ad:09:50:94:cd:7b:54:f1:a8:9d:c6:8a:7e:95: 0f:0f:cf:bf:c8:7b:89:03:7f:6c:cd:ed:87:57:07: 70:10:86:8c:e0:6b:6a:7d:41:98:8f:91:ab:05:a6: 92:10:da:a7:e3:be:57:0f:24:54:3e:e6:4e:17:11: db:f4:5c:75:d3:27:4a:3e:ec:5b:6d:f8:4b:e0:43: b5:84:54:3d:5f:69:c4:c3:ac:41:31:9d:85:5c:1d: 24:d1:9d:8c:9f:fe:70:44:e5:e2:47:5a:78:66:03: cf:87:da:64:7a:32:31:83:3f:1c:02:4c:37:4e:0a: 1f:fb:6a:66:63:e4:8b:5e:f7:ad:79:59:e0:10:a8: eb:4a:b8:10:ed:1a:e7:63:07:a5:3b:68:f1:4f:fc: 37:ac:ba:84:13:67:b7:46:f9:1d:92:be:ae:04:10: 49:5d:c3:b0:00:e8:20:f1:b1:70:44:ff:b1:e4:c8: 58:30:a8:14:d2:33:3d:63:73:9a:d4:a1:a0:6c:54: ee:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:97:ED:F2:B2:E8:49:A1:5C:C4:B0:22:72:08:68:D0:CA:1D:6C:BF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/743b890a-7e61-4b72-82d0-b83a580809c5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:8800::/40 Signature Algorithm: sha256WithRSAEncryption c6:ac:07:f0:88:6a:1a:b4:7a:46:db:36:26:2c:66:91:b6:e2: c5:12:a8:a3:04:cf:55:1b:f0:49:17:7c:e3:98:2a:f7:35:37: 17:3a:60:df:f6:77:14:c0:fa:77:e3:e1:5f:6f:7f:91:03:62: 1d:5b:e5:76:c3:7d:d5:eb:7c:7b:42:7c:8c:24:83:62:6f:ec: 86:db:7c:e4:b9:0f:bc:ef:43:06:e5:97:e0:2d:ad:5c:cd:e9: 29:5b:25:ac:72:3c:09:60:7d:27:79:ad:b9:dd:85:15:a7:92: a8:a5:e7:3b:7b:c3:77:e1:07:f5:91:d9:6d:e6:2e:c9:a4:51: b8:d2:5b:53:f2:ca:fb:4b:93:96:01:03:20:8c:b0:5e:6b:33: 42:56:da:c2:6b:66:48:30:e0:27:ad:16:d1:3a:85:ce:db:8a: d4:79:1e:ab:c2:cd:88:58:e2:d3:e7:08:67:5d:4a:f2:85:15: 10:70:9a:f3:17:8e:5a:35:ff:5c:31:91:24:05:39:da:bf:26: d0:fe:31:90:15:57:a9:8a:5b:df:25:8f:2b:a6:fd:1d:8f:56: c8:10:fe:2e:8a:54:04:42:df:bc:b0:0b:d2:3c:55:d7:ce:57: 83:aa:67:63:46:76:b2:d2:a4:ba:ce:c5:43:75:9f:26:b0:af: fa:99:08:4a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFFUiir7lFuABK9EwOaJAH3WqACkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwNjAwMDEwOFoX DTI1MDkxMDIzNTk1OVowejFJMEcGA1UEBRNAMmU1OWZlYTNmMTA1YjBiOTFiMzI1 YTU0YTQ4ZDg4MDY2MTgzNDkyY2U0YjJjMzQyY2Y1NjIzMTdhMzA2MzE2ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5JnxwGOMFMpyPZ6IvgXXOc2pUP1 LBGK26yyqE2LgmSfzno15eX4muYLuHtShgEn+kWPAJHyvLf2klX+rQlQlM17VPGo ncaKfpUPD8+/yHuJA39sze2HVwdwEIaM4GtqfUGYj5GrBaaSENqn475XDyRUPuZO FxHb9Fx10ydKPuxbbfhL4EO1hFQ9X2nEw6xBMZ2FXB0k0Z2Mn/5wROXiR1p4ZgPP h9pkejIxgz8cAkw3Tgof+2pmY+SLXveteVngEKjrSrgQ7RrnYwelO2jxT/w3rLqE E2e3Rvkdkr6uBBBJXcOwAOgg8bFwRP+x5MhYMKgU0jM9Y3Oa1KGgbFTuuwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKeX7fKy6EmhXMSwInIIaNDKHWy/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc0M2I4OTBhLTdlNjEtNGI3Mi04MmQwLWI4M2E1ODA4MDljNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba74gwDQYJKoZIhvcNAQELBQADggEBAMasB/CIahq0ekbbNiYs ZpG24sUSqKMEz1Ub8EkXfOOYKvc1Nxc6YN/2dxTA+nfj4V9vf5EDYh1b5XbDfdXr fHtCfIwkg2Jv7IbbfOS5D7zvQwbll+AtrVzN6SlbJaxyPAlgfSd5rbndhRWnkqil 5zt7w3fhB/WR2W3mLsmkUbjSW1PyyvtLk5YBAyCMsF5rM0JW2sJrZkgw4CetFtE6 hc7bitR5HqvCzYhY4tPnCGddSvKFFRBwmvMXjlo1/1wxkSQFOdq/JtD+MZAVV6mK W98ljyum/R2PVsgQ/i6KVARC37ywC9I8VdfOV4OqZ2NGdrLSpLrOxUN1nyawr/qZ CEo= -----END CERTIFICATE-----Generated at Sat Aug 23 08:08:40 2025 by rpki-client