$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9021aef9-c76a-41c7-9ff8-dd9ea326340d.roa File: 9021aef9-c76a-41c7-9ff8-dd9ea326340d.roa (raw, json) Hash identifier: N41dtDdYPXopWR16bofi3cae0PPwZwJDvBgKLCTJb3E= Subject key identifier: 9F:4E:4A:8A:3C:66:AE:C1:2D:6E:06:45:2B:20:16:B2:A2:08:10:7F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 45B7DFCA13023FBA67D3F60899AF20F7A64A21AE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9021aef9-c76a-41c7-9ff8-dd9ea326340d.roa Signing time: Sat 23 Aug 2025 00:50:17 +0000 ROA not before: Sat 23 Aug 2025 00:50:17 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:2800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:b7:df:ca:13:02:3f:ba:67:d3:f6:08:99:af:20:f7:a6:4a:21:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:50:17 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=b7434b1a5647cda1f0245cd72f3aa2106af9d7c5268665d14b40d959e3d56e01, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:f5:68:27:5b:74:7a:bd:7a:fd:49:76:d2:ac: a7:92:e4:f5:87:73:9f:07:0c:1c:94:50:b5:7c:fc: b6:fa:d2:5c:98:af:12:3a:59:3a:8a:bc:dc:5f:5b: ca:a6:41:70:8d:3b:bc:ae:70:3b:3b:35:64:c0:08: be:4d:2a:84:d6:94:f6:46:4b:ef:d3:03:14:af:96: ad:92:1e:4d:f8:db:16:ae:6d:70:58:b8:d0:8b:b7: bf:a7:9d:cf:31:ac:6f:0c:a2:f5:c1:8e:39:33:de: 81:94:bc:31:71:ad:55:fd:8d:b0:c4:7e:45:98:c0: 72:b0:1d:16:28:02:94:8a:63:a0:d0:33:bd:6c:28: 44:ae:66:45:37:05:1d:ea:db:57:e0:08:e3:c9:4e: df:f1:f1:dc:ad:4d:3e:1d:3e:e6:5e:95:54:c3:42: da:38:12:6d:5b:de:dc:b2:28:87:a5:e8:90:11:e3: aa:d7:cb:8b:b5:3d:66:62:17:32:7f:93:77:b7:de: c5:43:08:3d:93:a3:27:a6:dc:84:e6:d3:2e:ea:8b: 75:df:91:a3:43:a6:36:2b:c2:71:eb:04:5e:f7:89: f2:27:37:f4:a3:c5:aa:ce:ff:8a:34:21:80:cd:c3: 53:07:78:ec:44:a5:1a:36:48:87:96:9e:f0:1c:36: 84:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:4E:4A:8A:3C:66:AE:C1:2D:6E:06:45:2B:20:16:B2:A2:08:10:7F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9021aef9-c76a-41c7-9ff8-dd9ea326340d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:2800::/40 Signature Algorithm: sha256WithRSAEncryption a3:ab:9c:6f:5b:fe:5e:2a:c1:d6:4a:ea:7a:c6:5a:e6:72:d4: 39:ac:2d:6c:3a:05:30:dc:92:c3:f2:09:42:f2:fd:7b:7e:c9: ee:37:8e:ea:2c:1a:ac:fa:b5:4c:0c:96:2d:21:84:03:24:8d: 54:ea:5a:d6:8b:d2:eb:87:38:a5:15:86:d0:f4:bd:40:ee:a8: ea:93:db:4e:41:83:2b:5e:6a:8a:4b:f7:1b:b0:2b:6f:cb:f1: 0e:2b:20:85:22:e6:05:44:bd:2e:af:ba:c1:3c:44:ef:41:5a: 9e:87:36:1f:cf:45:c6:b0:32:28:a1:d6:5f:98:3d:7a:19:9c: 8c:76:a6:0f:3c:f7:0b:dd:2a:49:9f:8e:57:9a:23:8b:dd:ba: c7:ff:b6:8a:61:c9:f9:4f:7f:52:aa:a7:52:84:2e:77:af:42: 7d:f2:e6:1c:90:db:e0:64:01:07:24:51:93:dd:60:03:6c:7e: 40:e5:ed:23:0a:c5:5e:33:50:c4:e8:72:5e:bd:a0:61:eb:9b: 45:89:a6:bc:f0:68:56:80:73:e5:18:87:ab:93:c1:dd:b2:ec: de:da:11:fc:9f:8f:a8:29:7a:32:17:e6:ad:dc:11:b5:10:60: 94:66:44:0d:d1:58:bf:0a:f2:8a:7b:3d:52:1a:17:ef:93:0f: c8:51:fe:61 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIURbffyhMCP7pn0/YIma8g96ZKIa4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwNTAxN1oX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAYjc0MzRiMWE1NjQ3Y2RhMWYwMjQ1 Y2Q3MmYzYWEyMTA2YWY5ZDdjNTI2ODY2NWQxNGI0MGQ5NTllM2Q1NmUwMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfVoJ1t0er16/Ul20qynkuT1h3Of BwwclFC1fPy2+tJcmK8SOlk6irzcX1vKpkFwjTu8rnA7OzVkwAi+TSqE1pT2Rkvv 0wMUr5atkh5N+NsWrm1wWLjQi7e/p53PMaxvDKL1wY45M96BlLwxca1V/Y2wxH5F mMBysB0WKAKUimOg0DO9bChErmZFNwUd6ttX4AjjyU7f8fHcrU0+HT7mXpVUw0La OBJtW97csiiHpeiQEeOq18uLtT1mYhcyf5N3t97FQwg9k6MnptyE5tMu6ot135Gj Q6Y2K8Jx6wRe94nyJzf0o8Wqzv+KNCGAzcNTB3jsRKUaNkiHlp7wHDaEywIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJ9OSoo8Zq7BLW4GRSsgFrKiCBB/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkwMjFhZWY5LWM3NmEtNDFjNy05ZmY4LWRkOWVhMzI2MzQwZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYSgwDQYJKoZIhvcNAQELBQADggEBAKOrnG9b/l4qwdZK6nrG WuZy1DmsLWw6BTDcksPyCULy/Xt+ye43juosGqz6tUwMli0hhAMkjVTqWtaL0uuH OKUVhtD0vUDuqOqT205BgyteaopL9xuwK2/L8Q4rIIUi5gVEvS6vusE8RO9BWp6H Nh/PRcawMiih1l+YPXoZnIx2pg889wvdKkmfjleaI4vdusf/tophyflPf1Kqp1KE LnevQn3y5hyQ2+BkAQckUZPdYANsfkDl7SMKxV4zUMTocl69oGHrm0WJprzwaFaA c+UYh6uTwd2y7N7aEfyfj6gpejIX5q3cEbUQYJRmRA3RWL8K8op7PVIaF++TD8hR /mE= -----END CERTIFICATE-----Generated at Sat Aug 23 10:09:00 2025 by rpki-client