$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7d2bce7b-37e2-4787-95fb-0e0d01dbc543.roa File: 7d2bce7b-37e2-4787-95fb-0e0d01dbc543.roa (raw, json) Hash identifier: NcUmhSlL4Cmw5rXwGTPbAB20PqoUXDixaENFi17CcdU= Subject key identifier: 78:34:97:4A:B0:EE:D9:0D:0C:BC:3F:15:97:F0:0B:DF:92:15:4A:15 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1DD9A12C5764EEBE3F96DBC97314F2748D8FB9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7d2bce7b-37e2-4787-95fb-0e0d01dbc543.roa Signing time: Sat 23 Aug 2025 00:41:36 +0000 ROA not before: Sat 23 Aug 2025 00:41:36 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:80a0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:d9:a1:2c:57:64:ee:be:3f:96:db:c9:73:14:f2:74:8d:8f:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:41:36 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=f65ea06fd0d579e359b3b238efdf10d90d97fc73831e4d11fe93ab30b5946b09, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:45:3c:9e:30:2b:c4:06:af:70:68:a0:16:0d: 08:66:3d:1e:0c:1e:04:7c:ed:f5:48:a0:a8:fe:e7: 42:43:b5:64:15:ec:0f:31:f8:0d:0b:9f:84:78:00: be:f6:64:1b:fa:51:d0:1f:a2:99:ab:6d:22:ca:2c: ac:9a:e0:e6:76:a6:af:8f:99:1a:55:9c:47:fe:1c: 24:5c:00:d9:95:c3:ea:95:cc:d8:2d:f7:bb:a8:ce: 43:df:8f:db:4e:72:37:fa:07:16:1f:79:fa:03:8d: 2f:53:56:b3:52:d1:97:7d:e9:31:12:7b:02:4a:75: ae:e4:cb:82:42:38:d1:c4:39:d3:b1:20:c8:12:de: 39:ef:3d:b5:1f:ce:6b:96:bc:ab:60:33:88:96:41: 66:e5:b3:c9:82:57:1a:ef:ca:d7:20:c9:10:28:78: 60:85:a1:a3:30:08:75:b5:76:11:d1:5b:62:d3:2e: e2:63:8c:7e:e6:a3:46:f3:cb:68:39:e1:88:4b:50: 21:a1:00:e6:c7:9d:8d:29:3c:91:f2:09:9e:4c:44: e0:e8:87:25:af:ec:5d:54:b2:b7:2b:72:89:63:40: 11:6a:bb:b3:ba:d5:28:3e:4d:10:2d:82:8b:96:38: 08:38:64:f7:db:ba:c4:c4:8f:06:f7:c5:7f:b3:d3: cd:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:34:97:4A:B0:EE:D9:0D:0C:BC:3F:15:97:F0:0B:DF:92:15:4A:15 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7d2bce7b-37e2-4787-95fb-0e0d01dbc543.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:80a0::/48 Signature Algorithm: sha256WithRSAEncryption 6a:e8:07:ae:3d:9f:15:09:1f:1d:b2:fa:a0:a0:81:e4:34:d3: 13:29:e3:c0:66:08:14:ba:fd:db:d0:7f:7a:c8:70:43:82:1d: 51:4a:04:65:f6:22:b5:ce:6b:3f:01:b6:88:50:aa:42:33:7c: 06:88:7b:94:4d:3d:8f:d8:48:36:d4:d7:86:d8:e6:7b:e1:d1: 08:ec:31:74:c3:05:37:09:60:35:65:0d:5d:d7:c1:67:b8:e5: c4:0e:25:74:d6:f9:47:18:64:2c:77:f2:c4:3e:a0:58:aa:7c: 13:dd:32:d3:dd:23:3f:67:9d:92:2a:2f:64:34:f2:da:e4:a6: 1d:a7:5c:96:31:b3:1a:f6:17:0d:8f:7b:05:9a:4b:ac:74:af: 83:23:04:6c:ad:03:e8:3b:57:5b:93:e9:44:2e:e6:7a:4f:59: 36:05:43:2c:ad:07:b3:bf:06:c4:0f:cf:fd:75:fb:f5:3a:f5: eb:4f:da:89:a8:c7:f3:68:81:0b:ea:aa:ab:59:9d:c6:b2:b8: 64:ec:d1:eb:32:41:7a:aa:58:91:8c:6b:89:1f:49:ed:94:5f: cf:b9:ba:9b:ad:a7:80:09:21:d2:16:1f:cf:70:44:a9:d3:39: 9b:63:e8:d4:53:8f:f8:48:1e:34:43:40:5e:81:59:45:d6:02: af:b3:e0:76 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgITHdmhLFdk7r4/ltvJcxTydI2PuTANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjUwODIzMDA0MTM2WhcN MjUwOTI3MjM1OTU5WjB6MUkwRwYDVQQFE0BmNjVlYTA2ZmQwZDU3OWUzNTliM2Iy MzhlZmRmMTBkOTBkOTdmYzczODMxZTRkMTFmZTkzYWIzMGI1OTQ2YjA5MS0wKwYD VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdRTyeMCvEBq9waKAWDQhmPR4MHgR8 7fVIoKj+50JDtWQV7A8x+A0Ln4R4AL72ZBv6UdAfopmrbSLKLKya4OZ2pq+PmRpV nEf+HCRcANmVw+qVzNgt97uozkPfj9tOcjf6BxYfefoDjS9TVrNS0Zd96TESewJK da7ky4JCONHEOdOxIMgS3jnvPbUfzmuWvKtgM4iWQWbls8mCVxrvytcgyRAoeGCF oaMwCHW1dhHRW2LTLuJjjH7mo0bzy2g54YhLUCGhAObHnY0pPJHyCZ5MRODohyWv 7F1UsrcrcoljQBFqu7O61Sg+TRAtgouWOAg4ZPfbusTEjwb3xX+z083BAgMBAAGj ggJLMIICRzAdBgNVHQ4EFgQUeDSXSrDu2Q0MvD8Vl/AL35IVShUwHwYDVR0jBBgw FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv N2QyYmNlN2ItMzdlMi00Nzg3LTk1ZmItMGUwZDAxZGJjNTQzLnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E AgACMAkDBwAkBtr/gKAwDQYJKoZIhvcNAQELBQADggEBAGroB649nxUJHx2y+qCg geQ00xMp48BmCBS6/dvQf3rIcEOCHVFKBGX2IrXOaz8BtohQqkIzfAaIe5RNPY/Y SDbU14bY5nvh0QjsMXTDBTcJYDVlDV3XwWe45cQOJXTW+UcYZCx38sQ+oFiqfBPd MtPdIz9nnZIqL2Q08trkph2nXJYxsxr2Fw2PewWaS6x0r4MjBGytA+g7V1uT6UQu 5npPWTYFQyytB7O/BsQPz/11+/U69etP2omox/NogQvqqqtZncayuGTs0esyQXqq WJGMa4kfSe2UX8+5uputp4AJIdIWH89wRKnTOZtj6NRTj/hIHjRDQF6BWUXWAq+z 4HY= -----END CERTIFICATE-----Generated at Sat Aug 23 08:09:01 2025 by rpki-client