$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8c6b3e2f-c441-4d2e-a3fb-511aebd72aa2.roa File: 8c6b3e2f-c441-4d2e-a3fb-511aebd72aa2.roa (raw, json) Hash identifier: TAm4Q45vb4qw591rmsmB4TGjqzNPuPDwXbRezLX+ChY= Subject key identifier: 37:77:D0:28:2A:9C:99:64:66:BE:FA:27:95:1B:10:4D:96:95:ED:8C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 187FCB3747A4AEA6CEE448C2F55C0BF520218883 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8c6b3e2f-c441-4d2e-a3fb-511aebd72aa2.roa Signing time: Sat 23 Aug 2025 00:50:22 +0000 ROA not before: Sat 23 Aug 2025 00:50:22 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:2040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:7f:cb:37:47:a4:ae:a6:ce:e4:48:c2:f5:5c:0b:f5:20:21:88:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:50:22 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=d213a3d6bca228d4ad631561b3ed76bfe4de803403afb5ebe792b3a44e4e03b4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:00:d6:f3:98:8b:96:de:e2:ae:c6:ea:f7:cc: 17:de:72:ef:ac:de:db:14:0e:40:5a:cb:cd:49:32: 7f:58:e9:28:e2:36:8e:15:ae:c7:f7:fe:b4:2b:75: c6:3d:0a:b9:28:ca:b7:26:e5:b5:66:5c:ad:b4:65: da:3b:49:18:cc:e7:37:b1:76:ff:21:1b:8d:6d:c0: 05:59:8e:1c:1b:44:ea:37:f3:17:e4:c8:9a:16:70: d5:f7:ee:12:71:4b:32:19:00:e9:67:2e:7c:08:6d: 91:86:52:b5:2a:8d:54:3e:5c:71:45:94:6c:e0:c1: 0c:e3:bb:fc:42:b5:05:71:98:b2:01:d1:0d:85:45: 37:b8:63:06:a8:9e:40:70:7b:ae:3c:9f:d0:9b:9b: 02:65:32:73:63:30:4b:a0:73:04:cb:35:06:49:bb: 16:05:3f:69:17:63:12:1f:d5:5f:ba:4d:4f:60:56: f9:48:5d:73:5a:9f:b7:90:30:5a:78:03:db:9b:bc: e9:fb:d9:00:d1:c2:fe:b6:11:50:52:5d:b8:6a:06: 12:3c:13:47:c3:67:85:33:76:d2:1f:c8:4a:2d:dd: 57:94:73:6c:fc:aa:42:f6:14:c9:38:c1:ef:de:2e: 36:73:57:b8:69:1d:90:cc:88:8d:47:f5:44:ff:90: 84:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:77:D0:28:2A:9C:99:64:66:BE:FA:27:95:1B:10:4D:96:95:ED:8C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8c6b3e2f-c441-4d2e-a3fb-511aebd72aa2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:2040::/48 Signature Algorithm: sha256WithRSAEncryption 94:35:74:cd:7b:0a:f3:84:31:90:a9:f7:d5:eb:07:94:ed:c9: 07:cb:ee:f3:5a:2d:52:3c:44:22:11:0a:52:1e:34:71:83:b4: 5a:41:c7:8e:a8:13:67:2c:82:02:35:34:28:21:68:7a:06:00: 33:11:a4:33:c7:32:fe:0f:5a:c6:61:6f:aa:5a:60:38:a9:70: 7f:18:9f:68:1d:95:85:65:c7:7f:79:26:49:ed:93:92:69:4f: d3:38:24:79:ca:9b:eb:27:7c:ac:52:d6:02:84:74:1b:fe:e1: 35:c9:56:f5:22:e3:5f:1d:50:1f:0c:b2:5e:97:48:74:17:d4: 5c:e0:cd:ba:f0:79:d9:3c:2c:59:3a:20:9b:a4:84:30:e2:77: ca:d6:63:ae:6a:56:2a:b7:cd:c9:50:a3:25:a1:58:7c:83:20: b9:d0:01:bd:9e:76:a6:31:bb:31:27:f5:98:03:ee:7a:77:98: 2d:9c:b9:49:69:3f:29:ed:1f:39:0c:ce:5a:0b:00:5b:70:c1: 8d:f5:c6:85:ad:44:03:c3:42:d4:b3:71:e6:66:4e:8b:27:b8: 48:84:d9:16:f1:a8:a4:31:65:52:f3:96:24:25:bb:e7:5e:28: 38:40:8a:c3:6c:e3:c5:b1:b7:c0:59:2a:53:eb:5d:91:b4:07: 1f:a3:03:96 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGH/LN0ekrqbO5EjC9VwL9SAhiIMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwNTAyMloX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAZDIxM2EzZDZiY2EyMjhkNGFkNjMx NTYxYjNlZDc2YmZlNGRlODAzNDAzYWZiNWViZTc5MmIzYTQ0ZTRlMDNiNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgDW85iLlt7irsbq98wX3nLvrN7b FA5AWsvNSTJ/WOko4jaOFa7H9/60K3XGPQq5KMq3JuW1ZlyttGXaO0kYzOc3sXb/ IRuNbcAFWY4cG0TqN/MX5MiaFnDV9+4ScUsyGQDpZy58CG2RhlK1Ko1UPlxxRZRs 4MEM47v8QrUFcZiyAdENhUU3uGMGqJ5AcHuuPJ/Qm5sCZTJzYzBLoHMEyzUGSbsW BT9pF2MSH9Vfuk1PYFb5SF1zWp+3kDBaeAPbm7zp+9kA0cL+thFQUl24agYSPBNH w2eFM3bSH8hKLd1XlHNs/KpC9hTJOMHv3i42c1e4aR2QzIiNR/VE/5CE1wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDd30CgqnJlkZr76J5UbEE2Wle2MMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhjNmIzZTJmLWM0NDEtNGQyZS1hM2ZiLTUxMWFlYmQ3MmFhMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/yBAMA0GCSqGSIb3DQEBCwUAA4IBAQCUNXTNewrzhDGQqffV 6weU7ckHy+7zWi1SPEQiEQpSHjRxg7RaQceOqBNnLIICNTQoIWh6BgAzEaQzxzL+ D1rGYW+qWmA4qXB/GJ9oHZWFZcd/eSZJ7ZOSaU/TOCR5ypvrJ3ysUtYChHQb/uE1 yVb1IuNfHVAfDLJel0h0F9Rc4M268HnZPCxZOiCbpIQw4nfK1mOualYqt83JUKMl oVh8gyC50AG9nnamMbsxJ/WYA+56d5gtnLlJaT8p7R85DM5aCwBbcMGN9caFrUQD w0LUs3HmZk6LJ7hIhNkW8aikMWVS85YkJbvnXig4QIrDbOPFsbfAWSpT612RtAcf owOW -----END CERTIFICATE-----Generated at Sat Aug 23 08:04:53 2025 by rpki-client