$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8dba85b7-4730-4c28-98df-3c8484e0f1cc.roa File: 8dba85b7-4730-4c28-98df-3c8484e0f1cc.roa (raw, json) Hash identifier: P9DUtCROQ6rHWHfLllVyBlgQqI4o043fIW9jQtCPcWM= Subject key identifier: D0:D1:87:26:77:1E:45:61:AC:1E:ED:A8:1B:30:75:04:D9:6A:39:D7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 78E7798932548CF591DA57B8D6787A061B66CDAC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8dba85b7-4730-4c28-98df-3c8484e0f1cc.roa Signing time: Sat 23 Aug 2025 00:20:54 +0000 ROA not before: Sat 23 Aug 2025 00:20:54 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:c840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:e7:79:89:32:54:8c:f5:91:da:57:b8:d6:78:7a:06:1b:66:cd:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:20:54 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=e919a3e225ff8a7f8facaf9a87165fdccde2cda53be38fe92a88b2f6f90d1e93, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:7d:ae:43:ee:5b:a5:78:52:8f:b3:b2:f2:fe: fd:bd:9c:09:47:62:41:9e:c0:a1:2d:e2:cd:5d:fc: 2c:be:5a:01:5e:00:2e:a2:ec:39:f7:1b:17:97:75: 30:9b:6a:45:a3:35:1c:8e:38:52:fd:bf:98:aa:a9: 86:1c:cd:c3:3e:7f:99:e2:3d:3d:4d:24:30:ce:93: e3:a0:3c:02:90:29:66:81:a8:f8:96:44:57:75:62: 87:71:3e:77:a4:05:9d:6a:f4:d4:0c:4a:b0:67:b9: 0a:23:58:fd:93:c2:fb:72:8b:72:a5:4f:6c:c3:4a: a2:c7:45:25:eb:76:dc:dc:a2:77:6a:00:dc:c5:cf: 17:6a:6d:21:c7:70:69:f3:24:67:55:c6:79:e2:b4: 9d:1b:ee:99:ee:0d:19:51:e2:49:a3:4b:21:59:fd: b9:61:1d:76:31:fd:5f:96:6f:2c:4a:47:32:ed:9e: 1e:54:b7:b0:89:3e:e7:c0:63:4c:79:25:e0:b2:34: 41:7b:5a:84:75:80:66:4c:01:b9:20:dd:4a:86:e0: ba:93:aa:67:8a:ca:ce:21:50:95:34:47:33:12:95: 4c:00:60:9c:e6:fc:78:59:73:73:ea:09:93:da:b4: 3b:dc:38:a2:44:55:4c:33:05:79:a6:09:7a:77:87: 3f:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:D1:87:26:77:1E:45:61:AC:1E:ED:A8:1B:30:75:04:D9:6A:39:D7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8dba85b7-4730-4c28-98df-3c8484e0f1cc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:c840::/48 Signature Algorithm: sha256WithRSAEncryption 35:9c:3c:86:e8:a2:9d:9e:75:94:e7:ac:9f:4c:c3:49:cc:c0: ae:55:6d:5f:7f:ec:31:13:8f:16:a8:8e:d5:cb:dd:26:1d:13: c2:dc:0f:e2:35:a9:b0:21:4e:85:f5:cd:44:2d:0c:d8:b7:27: 7e:55:7d:33:51:9f:cd:3d:5d:49:7e:5e:11:e4:89:62:56:29: 08:2f:33:cc:c8:e1:c2:30:87:8e:08:a1:67:ee:a1:b9:2d:09: e1:b6:02:be:d2:b2:0e:f8:f7:cf:88:f7:a4:f5:eb:e9:d2:98: 30:d3:65:31:2f:7a:42:b1:b5:68:f5:15:10:04:fa:df:cc:71: 0b:5a:9f:d9:23:a1:4c:07:db:00:ec:26:66:a5:45:3c:a9:09: 4d:c9:be:08:e6:de:66:81:4d:1d:43:20:b5:56:a7:0d:2e:0e: 90:78:89:ea:0f:87:13:1e:77:50:ac:29:c2:23:6a:c3:fc:da: f0:94:2d:69:4a:dc:5b:87:9b:31:2c:e5:82:6e:58:c4:38:ed: 07:14:0b:08:a6:1d:a7:03:e8:69:4d:25:cd:f1:fc:2d:b3:47: e0:fa:f8:43:2e:b1:01:d2:b3:23:21:ee:e8:ee:87:d3:30:dd: 8f:cb:65:ba:d4:ab:e8:6a:f5:5b:2e:91:37:7a:d4:15:15:73: d8:ea:9f:a3 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUeOd5iTJUjPWR2le41nh6BhtmzawwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMjA1NFoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAZTkxOWEzZTIyNWZmOGE3ZjhmYWNh ZjlhODcxNjVmZGNjZGUyY2RhNTNiZTM4ZmU5MmE4OGIyZjZmOTBkMWU5MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsX2uQ+5bpXhSj7Oy8v79vZwJR2JB nsChLeLNXfwsvloBXgAuouw59xsXl3Uwm2pFozUcjjhS/b+YqqmGHM3DPn+Z4j09 TSQwzpPjoDwCkClmgaj4lkRXdWKHcT53pAWdavTUDEqwZ7kKI1j9k8L7cotypU9s w0qix0Ul63bc3KJ3agDcxc8Xam0hx3Bp8yRnVcZ54rSdG+6Z7g0ZUeJJo0shWf25 YR12Mf1flm8sSkcy7Z4eVLewiT7nwGNMeSXgsjRBe1qEdYBmTAG5IN1KhuC6k6pn isrOIVCVNEczEpVMAGCc5vx4WXNz6gmT2rQ73DiiRFVMMwV5pgl6d4c/KQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNDRhyZ3HkVhrB7tqBswdQTZajnXMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhkYmE4NWI3LTQ3MzAtNGMyOC05OGRmLTNjODQ4NGUwZjFjYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8shAMA0GCSqGSIb3DQEBCwUAA4IBAQA1nDyG6KKdnnWU56yf TMNJzMCuVW1ff+wxE48WqI7Vy90mHRPC3A/iNamwIU6F9c1ELQzYtyd+VX0zUZ/N PV1Jfl4R5IliVikILzPMyOHCMIeOCKFn7qG5LQnhtgK+0rIO+PfPiPek9evp0pgw 02UxL3pCsbVo9RUQBPrfzHELWp/ZI6FMB9sA7CZmpUU8qQlNyb4I5t5mgU0dQyC1 VqcNLg6QeInqD4cTHndQrCnCI2rD/NrwlC1pStxbh5sxLOWCbljEOO0HFAsIph2n A+hpTSXN8fwts0fg+vhDLrEB0rMjIe7o7ofTMN2Py2W61KvoavVbLpE3etQVFXPY 6p+j -----END CERTIFICATE-----Generated at Sat Aug 23 10:08:53 2025 by rpki-client