$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/85858219-71cc-46f9-9c59-e75c9c1f8098.roa File: 85858219-71cc-46f9-9c59-e75c9c1f8098.roa (raw, json) Hash identifier: ZDDAKRl2K+3BTik8MpfqMeq/UfJa3/U7ZQ8e5SjH0hw= Subject key identifier: C7:B1:93:59:77:FE:BB:73:F5:00:8A:6E:81:BB:A4:91:73:7D:16:43 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7C7FBBE4506BDC8D588B86CD1B06D59527225D48 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/85858219-71cc-46f9-9c59-e75c9c1f8098.roa Signing time: Sat 23 Aug 2025 00:31:08 +0000 ROA not before: Sat 23 Aug 2025 00:31:08 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:c800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:7f:bb:e4:50:6b:dc:8d:58:8b:86:cd:1b:06:d5:95:27:22:5d:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:31:08 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=da24cb330fb53b2f53bb3373ae917c51bff07605e2925dec5f8b4ec36bee44d9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:68:f9:44:53:46:c3:7c:c6:14:65:80:6b:e9: b6:81:9f:cc:95:e1:6d:31:ae:13:18:bb:9e:20:33: 81:50:f8:47:c0:e2:d8:69:4f:eb:18:66:b0:04:37: ee:78:88:a0:0e:9d:c3:d0:9d:e3:4c:f0:4d:7d:69: 81:44:15:d5:33:6f:fa:52:92:d0:ed:fa:2d:ad:51: 8d:46:92:a4:38:af:d7:b3:1a:79:8a:7c:9b:ed:2b: 14:15:ac:47:93:99:9d:82:57:c0:2b:01:dc:02:0f: da:31:0c:57:25:3d:50:e7:a5:93:b6:89:05:71:9d: 14:76:9f:f8:77:9f:e2:83:9d:53:33:90:2e:ed:b2: 63:3e:3a:01:99:66:07:d2:3a:a9:6a:98:64:f8:54: 78:06:6f:7d:d3:88:67:ff:3c:ca:1d:ec:ca:e9:76: 1a:c1:25:e8:f3:a3:81:61:df:05:3b:8b:5b:21:ac: a7:39:04:b7:0c:90:d8:b1:db:f8:b3:6e:cd:e7:3b: ae:3c:f5:8e:0e:2b:32:6f:3a:4e:3e:48:b6:7c:b1: ad:27:a0:f8:06:05:f0:e0:86:d9:7d:69:ea:e8:9d: 2c:6e:38:41:67:fc:a8:bc:ab:d8:d2:a1:0a:36:ed: df:55:ae:6d:86:54:07:e9:3f:3f:43:2d:67:4c:c7: 71:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:B1:93:59:77:FE:BB:73:F5:00:8A:6E:81:BB:A4:91:73:7D:16:43 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/85858219-71cc-46f9-9c59-e75c9c1f8098.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:c800::/40 Signature Algorithm: sha256WithRSAEncryption a3:36:e1:41:8f:11:46:e3:a9:00:e3:c2:d8:7c:70:6e:db:d5: 65:24:b4:89:f5:2a:01:f9:87:ea:0a:ca:1c:cc:45:4f:9e:47: 2d:c0:4a:0c:04:a2:7b:54:46:9e:2e:9f:de:5a:ac:23:7b:cb: 25:7e:56:95:c9:31:4c:ee:fc:71:68:c6:8f:4b:25:4e:0c:f6: b0:37:cc:ce:1a:e9:5a:23:5b:46:43:c8:4c:b7:ff:89:c6:60: 29:18:97:52:2f:24:48:80:4b:78:f7:5c:24:c4:ab:a4:80:9d: 80:dd:da:71:ea:10:0d:0d:95:5d:1b:9a:46:7e:9f:4d:8e:d6: d9:7c:a5:f2:bb:fe:11:46:15:e0:eb:21:03:b5:fd:e5:bc:38: 78:ab:6b:5a:ab:5f:25:dd:41:5e:55:de:a1:4a:3c:e2:bf:d7: 7d:b4:49:01:59:a8:49:16:e7:6c:19:41:86:22:4c:69:f5:aa: a3:f4:58:c7:b9:09:e2:5e:87:b8:49:c1:ec:94:a2:02:40:b9: 67:ae:4c:a4:46:20:59:d1:5a:a1:72:ea:33:ea:0c:9a:1c:c3: 5e:2d:fe:e3:3c:78:7d:f7:af:26:b2:b5:71:44:59:03:d2:07: db:7a:83:b4:e5:30:1a:2d:37:41:a7:79:be:bb:e2:e7:74:89: 10:09:eb:f4 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfH+75FBr3I1Yi4bNGwbVlSciXUgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMzEwOFoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAZGEyNGNiMzMwZmI1M2IyZjUzYmIz MzczYWU5MTdjNTFiZmYwNzYwNWUyOTI1ZGVjNWY4YjRlYzM2YmVlNDRkOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mj5RFNGw3zGFGWAa+m2gZ/MleFt Ma4TGLueIDOBUPhHwOLYaU/rGGawBDfueIigDp3D0J3jTPBNfWmBRBXVM2/6UpLQ 7fotrVGNRpKkOK/Xsxp5inyb7SsUFaxHk5mdglfAKwHcAg/aMQxXJT1Q56WTtokF cZ0Udp/4d5/ig51TM5Au7bJjPjoBmWYH0jqpaphk+FR4Bm9904hn/zzKHezK6XYa wSXo86OBYd8FO4tbIaynOQS3DJDYsdv4s27N5zuuPPWODisybzpOPki2fLGtJ6D4 BgXw4IbZfWnq6J0sbjhBZ/yovKvY0qEKNu3fVa5thlQH6T8/Qy1nTMdx6QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMexk1l3/rtz9QCKboG7pJFzfRZDMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg1ODU4MjE5LTcxY2MtNDZmOS05YzU5LWU3NWM5YzFmODA5OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAMgwDQYJKoZIhvcNAQELBQADggEBAKM24UGPEUbjqQDjwth8 cG7b1WUktIn1KgH5h+oKyhzMRU+eRy3ASgwEontURp4un95arCN7yyV+VpXJMUzu /HFoxo9LJU4M9rA3zM4a6VojW0ZDyEy3/4nGYCkYl1IvJEiAS3j3XCTEq6SAnYDd 2nHqEA0NlV0bmkZ+n02O1tl8pfK7/hFGFeDrIQO1/eW8OHira1qrXyXdQV5V3qFK POK/1320SQFZqEkW52wZQYYiTGn1qqP0WMe5CeJeh7hJweyUogJAuWeuTKRGIFnR WqFy6jPqDJocw14t/uM8eH33ryaytXFEWQPSB9t6g7TlMBotN0Gneb674ud0iRAJ 6/Q= -----END CERTIFICATE-----Generated at Sat Aug 23 08:16:00 2025 by rpki-client