$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/857d996d-a66c-48d8-8669-f36141564a43.roa File: 857d996d-a66c-48d8-8669-f36141564a43.roa (raw, json) Hash identifier: vmtBApmH1BZ+aYLKshQiCMhzg3HB1jlILLH0XM65aMs= Subject key identifier: 12:E2:62:AD:07:A0:C2:76:F8:14:CA:2E:6C:C0:E2:DF:B5:F8:18:27 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 76B48FAE61595AF8D135B1D8332575BA3B21878C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/857d996d-a66c-48d8-8669-f36141564a43.roa Signing time: Sat 23 Aug 2025 00:30:51 +0000 ROA not before: Sat 23 Aug 2025 00:30:51 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:4800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:b4:8f:ae:61:59:5a:f8:d1:35:b1:d8:33:25:75:ba:3b:21:87:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:30:51 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=6811ac2390e1405fa35c30e01bdc3ecbb4f91a42b9cabe2ed126ed2211195891, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:20:82:a2:5e:5f:ff:70:2a:d0:a8:7e:44:d6: 76:8f:a4:36:d3:69:90:37:4f:5e:bb:39:91:15:78: 9b:d3:80:89:94:08:9f:28:39:1d:03:fb:43:40:4d: f6:c0:16:22:aa:b7:ba:b3:a9:e0:fc:7f:60:78:6f: 07:f8:8c:9e:ca:10:0f:1b:40:67:ca:05:4b:ab:8c: 20:69:d6:a4:c7:1a:24:0e:c5:21:41:5a:06:80:41: 64:6e:30:54:a2:af:4b:be:97:99:e0:94:7d:f1:d5: 6e:5f:72:0c:2c:2c:4c:62:00:1c:b6:f6:53:a4:db: 07:4c:02:30:25:a0:7c:32:c0:cd:03:d7:3d:ff:18: eb:a7:8a:c8:bb:7e:fe:7a:2f:f3:ff:a6:85:b8:71: fb:6e:e0:de:89:e8:ac:d0:07:8a:5c:fc:d0:70:85: 59:36:a5:e9:52:3a:72:24:29:2f:3b:4f:16:2a:b8: 32:1c:bf:0f:d4:29:e6:d6:e0:6d:9f:63:b5:65:cc: 1f:6d:cd:9b:5b:a1:45:55:60:c5:8e:64:8b:38:6b: f9:aa:8c:21:11:3d:95:7a:76:ee:ed:d9:84:7d:16: 64:82:f5:1e:4b:f9:2c:14:f3:d1:6e:8d:fa:a9:ef: 2d:c6:96:73:50:61:67:22:0f:54:10:45:f7:7e:95: 09:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:E2:62:AD:07:A0:C2:76:F8:14:CA:2E:6C:C0:E2:DF:B5:F8:18:27 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/857d996d-a66c-48d8-8669-f36141564a43.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:4800::/40 Signature Algorithm: sha256WithRSAEncryption 65:f4:1b:0b:6e:bc:76:1c:9f:03:21:71:e2:00:9c:77:8b:98: ae:4f:a2:06:db:b9:25:05:97:ea:c6:27:83:70:6a:33:6f:a4: 4c:7e:e8:b1:44:cd:48:8e:f4:52:b9:1b:04:6d:89:ac:ff:16: 2a:7b:0f:bd:d1:cb:8b:a7:e7:c3:fb:8b:ee:fa:da:e9:ac:eb: f4:45:92:5f:b8:60:9b:a7:b1:b9:7d:a5:67:2a:a2:bd:03:4e: 51:c3:2b:03:59:7f:65:53:20:06:ef:ce:f5:b3:e7:75:b9:ba: 2b:e0:37:b4:19:12:b6:26:c1:30:b4:a9:d4:85:38:65:e4:f1: 66:e3:b9:7c:89:71:80:92:f0:93:80:18:16:52:9b:b4:0f:60: 89:7b:0d:a6:a8:8d:28:dd:11:0d:13:0f:d1:73:3d:fb:15:5c: b3:2a:7b:28:86:41:45:b0:76:ea:cd:01:32:6e:3e:8a:e0:19: bf:62:03:9d:80:76:e2:48:dd:47:7f:7c:a0:e1:68:e2:47:c3: 42:e7:9c:fc:d5:1a:56:51:75:79:17:63:03:f0:5a:b5:a9:8d: 7b:aa:29:86:a1:05:07:54:f7:8d:b1:ff:d7:d8:e7:5c:7d:6d: 9c:b0:97:64:c0:cd:17:1b:bc:6d:e6:e1:96:95:d0:c1:d1:ee: 4d:4b:23:a0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdrSPrmFZWvjRNbHYMyV1ujshh4wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMzA1MVoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNANjgxMWFjMjM5MGUxNDA1ZmEzNWMz MGUwMWJkYzNlY2JiNGY5MWE0MmI5Y2FiZTJlZDEyNmVkMjIxMTE5NTg5MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6iCCol5f/3Aq0Kh+RNZ2j6Q202mQ N09euzmRFXib04CJlAifKDkdA/tDQE32wBYiqre6s6ng/H9geG8H+IyeyhAPG0Bn ygVLq4wgadakxxokDsUhQVoGgEFkbjBUoq9LvpeZ4JR98dVuX3IMLCxMYgActvZT pNsHTAIwJaB8MsDNA9c9/xjrp4rIu37+ei/z/6aFuHH7buDeieis0AeKXPzQcIVZ NqXpUjpyJCkvO08WKrgyHL8P1Cnm1uBtn2O1Zcwfbc2bW6FFVWDFjmSLOGv5qowh ET2Venbu7dmEfRZkgvUeS/ksFPPRbo36qe8txpZzUGFnIg9UEEX3fpUJnQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBLiYq0HoMJ2+BTKLmzA4t+1+BgnMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg1N2Q5OTZkLWE2NmMtNDhkOC04NjY5LWYzNjE0MTU2NGE0My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/0gwDQYJKoZIhvcNAQELBQADggEBAGX0GwtuvHYcnwMhceIA nHeLmK5PogbbuSUFl+rGJ4NwajNvpEx+6LFEzUiO9FK5GwRtiaz/Fip7D73Ry4un 58P7i+762ums6/RFkl+4YJunsbl9pWcqor0DTlHDKwNZf2VTIAbvzvWz53W5uivg N7QZErYmwTC0qdSFOGXk8WbjuXyJcYCS8JOAGBZSm7QPYIl7DaaojSjdEQ0TD9Fz PfsVXLMqeyiGQUWwdurNATJuPorgGb9iA52AduJI3Ud/fKDhaOJHw0LnnPzVGlZR dXkXYwPwWrWpjXuqKYahBQdU942x/9fY51x9bZywl2TAzRcbvG3m4ZaV0MHR7k1L I6A= -----END CERTIFICATE-----Generated at Sat Aug 23 06:38:40 2025 by rpki-client