$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/75fce456-5901-4b20-bd6e-e79945bb44d1.roa File: 75fce456-5901-4b20-bd6e-e79945bb44d1.roa (raw, json) Hash identifier: 9g+AolnC4QEM8MUTOBiqV8aoNBqQR+LnB40cQK2YjH0= Subject key identifier: 99:D8:C4:22:46:F7:31:6B:A2:49:53:98:57:8A:72:F6:34:3D:B8:24 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2A623754F319C74F3B67048A38C90F9E42C23F59 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/75fce456-5901-4b20-bd6e-e79945bb44d1.roa Signing time: Sat 16 Aug 2025 00:00:31 +0000 ROA not before: Sat 16 Aug 2025 00:00:31 +0000 ROA not after: Sat 20 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:a000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:62:37:54:f3:19:c7:4f:3b:67:04:8a:38:c9:0f:9e:42:c2:3f:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 16 00:00:31 2025 GMT Not After : Sep 20 23:59:59 2025 GMT Subject: serialNumber=661319d2f1c3d84bab035489765d60a5367a30d26050c125487d0a9d0e68b820, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:75:5e:29:0c:aa:95:a5:9d:c7:fa:6b:d4:48: 83:f4:f8:24:fa:08:37:81:be:ea:9d:50:96:fe:ec: d1:03:fe:6e:a5:c0:38:16:22:ac:0f:86:19:6f:97: e2:b0:b7:e1:6d:71:51:05:7f:da:f3:35:46:88:c3: fd:30:db:89:dd:26:d6:05:38:8a:a9:f7:0d:b4:80: b8:8b:7e:07:41:16:ab:85:3c:ff:dd:82:dd:95:91: a5:a8:e3:c7:5a:a6:a7:48:d2:4e:ac:05:7c:73:3b: db:28:04:d1:36:b1:17:6c:0e:f8:c3:6b:39:d9:5d: 91:17:38:92:37:1f:3b:26:7c:68:de:b6:a2:5b:3b: 2f:fa:56:ae:e2:62:94:ee:33:3f:bd:a1:e2:7d:20: d3:cc:86:d4:08:39:1e:a2:26:aa:4d:6c:93:42:59: 62:d8:f5:9f:5a:11:42:22:18:6f:aa:78:88:5c:2b: 34:82:90:84:fe:c6:11:e4:3c:c6:02:e1:74:4a:5f: 93:d8:33:78:dc:5b:79:0d:dd:24:ae:07:b0:13:b0: 4c:e5:cc:cb:40:21:5f:d6:fc:0e:00:44:7d:9a:48: 92:ad:5d:ff:5b:fe:e7:1c:0d:22:d8:e6:d3:16:f9: 3a:c2:7a:4b:be:40:0b:e5:e3:03:97:ef:d4:22:f0: 75:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:D8:C4:22:46:F7:31:6B:A2:49:53:98:57:8A:72:F6:34:3D:B8:24 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/75fce456-5901-4b20-bd6e-e79945bb44d1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:a000::/48 Signature Algorithm: sha256WithRSAEncryption ad:9a:49:cf:0e:d2:c1:d4:7f:01:a4:21:6d:46:8f:48:7f:a1: 5c:a0:69:c9:32:de:4a:23:fa:3f:9d:4a:2e:1b:2c:f0:6c:3c: 26:99:a5:0d:fa:84:9c:d8:15:26:18:3e:9a:ac:ca:87:a6:26: ee:69:9a:a3:b8:13:07:30:58:9b:53:74:85:a7:21:2c:09:e1: 8b:9d:66:34:db:d3:1b:48:eb:10:6f:e7:53:60:ae:9b:8e:57: 0c:ba:18:16:d6:95:00:9b:0d:2e:b7:c6:a7:2a:f7:74:a1:52: 72:27:87:f2:85:ea:a8:a4:8c:38:76:7e:2e:59:8d:b4:52:86: d7:64:bf:5a:f1:51:98:ec:c5:5e:e8:05:f1:ca:a1:c1:4e:fc: 89:42:b6:56:cd:18:f3:12:ba:6e:37:db:f2:60:f9:f2:5a:6a: 64:97:42:18:0a:86:33:86:76:c6:c3:f5:fa:16:b9:ab:57:ae: 56:02:7b:39:cf:74:8c:6f:e0:0b:90:d8:6b:5c:6a:c4:d6:bb: 1f:93:3f:62:b6:80:c6:36:3e:2d:bb:9a:41:3e:d3:fc:11:e8: 95:c4:55:6a:28:d2:7b:05:7d:70:91:15:ba:46:47:a2:40:87: ac:48:06:fc:f5:f6:85:b0:2d:8c:e7:70:50:b2:6b:c6:ce:f1: 5a:19:fc:39 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUKmI3VPMZx087ZwSKOMkPnkLCP1kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxNjAwMDAzMVoX DTI1MDkyMDIzNTk1OVowejFJMEcGA1UEBRNANjYxMzE5ZDJmMWMzZDg0YmFiMDM1 NDg5NzY1ZDYwYTUzNjdhMzBkMjYwNTBjMTI1NDg3ZDBhOWQwZTY4YjgyMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXVeKQyqlaWdx/pr1EiD9Pgk+gg3 gb7qnVCW/uzRA/5upcA4FiKsD4YZb5fisLfhbXFRBX/a8zVGiMP9MNuJ3SbWBTiK qfcNtIC4i34HQRarhTz/3YLdlZGlqOPHWqanSNJOrAV8czvbKATRNrEXbA74w2s5 2V2RFziSNx87Jnxo3raiWzsv+lau4mKU7jM/vaHifSDTzIbUCDkeoiaqTWyTQlli 2PWfWhFCIhhvqniIXCs0gpCE/sYR5DzGAuF0Sl+T2DN43Ft5Dd0krgewE7BM5czL QCFf1vwOAER9mkiSrV3/W/7nHA0i2ObTFvk6wnpLvkAL5eMDl+/UIvB1WQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJnYxCJG9zFroklTmFeKcvY0PbgkMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc1ZmNlNDU2LTU5MDEtNGIyMC1iZDZlLWU3OTk0NWJiNDRkMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9qAAMA0GCSqGSIb3DQEBCwUAA4IBAQCtmknPDtLB1H8BpCFt Ro9If6FcoGnJMt5KI/o/nUouGyzwbDwmmaUN+oSc2BUmGD6arMqHpibuaZqjuBMH MFibU3SFpyEsCeGLnWY029MbSOsQb+dTYK6bjlcMuhgW1pUAmw0ut8anKvd0oVJy J4fyheqopIw4dn4uWY20UobXZL9a8VGY7MVe6AXxyqHBTvyJQrZWzRjzErpuN9vy YPnyWmpkl0IYCoYzhnbGw/X6FrmrV65WAns5z3SMb+ALkNhrXGrE1rsfkz9itoDG Nj4tu5pBPtP8EeiVxFVqKNJ7BX1wkRW6RkeiQIesSAb89faFsC2M53BQsmvGzvFa Gfw5 -----END CERTIFICATE-----Generated at Sat Aug 23 10:13:09 2025 by rpki-client