$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9890d9ef-a083-463c-9928-98be77ac9ced.roa File: 9890d9ef-a083-463c-9928-98be77ac9ced.roa (raw, json) Hash identifier: uinQPsyIYrpTwuMT7ITvvwCLC0aQdbiCbBDdr34SI2g= Subject key identifier: 94:24:B6:15:93:37:65:6A:09:B7:28:22:6B:0A:95:43:B8:37:4C:37 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 224424F5B97E951A8759C0A2022CE4A15F104806 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9890d9ef-a083-463c-9928-98be77ac9ced.roa Signing time: Fri 22 Aug 2025 00:00:14 +0000 ROA not before: Fri 22 Aug 2025 00:00:14 +0000 ROA not after: Fri 26 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:4090::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:44:24:f5:b9:7e:95:1a:87:59:c0:a2:02:2c:e4:a1:5f:10:48:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 22 00:00:14 2025 GMT Not After : Sep 26 23:59:59 2025 GMT Subject: serialNumber=2b3f853a12f75ea7443bd0e1135a8f94719909abacdaa60ecd6eace35583b216, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:20:90:70:17:2e:07:80:cd:f8:13:9f:6d:6b: 11:be:b7:e4:ff:fe:62:bc:5c:8c:66:7a:08:7b:23: a8:c8:20:7b:ae:1c:d4:48:b3:e5:97:92:cf:f3:2a: 79:52:84:e1:44:ae:61:dc:34:1d:af:b2:d9:50:d4: b5:81:62:35:01:ab:9a:55:56:bd:6d:6d:04:d7:92: a8:ab:f7:52:24:2a:c6:f1:92:31:e8:3d:05:f9:24: bd:ec:d9:0d:9c:3b:79:21:ee:35:46:49:b0:8e:22: 62:db:f5:3c:cf:47:9e:e5:21:f4:da:0e:7c:ac:e3: cf:ea:bf:48:4f:cf:6f:b6:ac:3a:c5:d8:05:d8:8c: e2:14:31:23:a4:ed:a2:de:d4:92:16:d0:36:81:35: 84:2e:c9:d5:25:f0:de:b5:c8:c5:bb:9b:1e:3e:c6: d0:39:76:68:0c:8a:3f:6c:0c:56:c1:cd:23:f7:c1: 15:de:68:be:e2:e0:a1:6d:6c:87:05:3f:59:c5:10: e4:d0:ee:02:1a:b0:66:03:a5:2e:d8:3f:7a:68:54: 74:0d:b5:a4:f8:63:aa:c5:a9:c3:d8:45:18:ad:b7: 3c:8e:af:f3:e3:83:a4:6c:22:4b:28:41:ff:dc:d4: a7:0a:1d:ae:4d:58:9b:7a:81:d2:fd:2f:30:af:8f: 5d:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:24:B6:15:93:37:65:6A:09:B7:28:22:6B:0A:95:43:B8:37:4C:37 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9890d9ef-a083-463c-9928-98be77ac9ced.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:4090::/48 Signature Algorithm: sha256WithRSAEncryption 24:e3:fe:bd:4e:cc:59:c0:c0:56:b4:e0:32:ba:5d:d8:a7:32: ae:37:aa:93:fe:e9:6f:3a:25:bc:7b:16:4a:70:19:79:ce:5b: 9b:64:f6:6c:a2:0b:8e:21:69:93:e0:44:7f:45:b7:21:bf:e4: e5:f0:cc:80:2a:63:c9:cc:2b:e3:5e:89:2f:d8:f6:49:92:9c: ed:52:7f:66:5f:f7:e5:66:e3:45:61:6e:48:ff:50:af:d8:4c: e8:25:ca:1f:a5:a9:63:f4:95:85:78:b1:4b:b8:27:c7:ea:5b: fb:d3:5f:1e:a5:25:b0:a2:26:e8:29:1c:8a:92:80:37:62:64: 1e:7b:03:7a:3a:49:d2:43:54:56:b0:19:e4:6d:8c:99:3c:6b: c6:c8:43:f8:fe:b6:58:09:e2:a1:73:52:12:bb:b6:05:ed:01: b3:5e:91:b9:21:59:31:43:13:aa:9c:90:26:a1:93:0a:83:e6: aa:48:29:01:07:1c:1e:15:ba:a2:63:e1:57:c1:3d:db:78:02: 50:65:1b:90:52:55:4d:fa:08:2a:cb:bd:5f:4f:09:9a:07:2f: 4d:32:fa:b8:f9:ee:ce:8b:dd:f2:79:8a:fd:65:d4:44:8f:f6: d2:e8:5b:7e:ae:d0:6d:e6:ce:9a:fe:2b:5f:fb:c2:cf:4a:84: 18:80:ed:c4 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUIkQk9bl+lRqHWcCiAizkoV8QSAYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMjAwMDAxNFoX DTI1MDkyNjIzNTk1OVowejFJMEcGA1UEBRNAMmIzZjg1M2ExMmY3NWVhNzQ0M2Jk MGUxMTM1YThmOTQ3MTk5MDlhYmFjZGFhNjBlY2Q2ZWFjZTM1NTgzYjIxNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyCQcBcuB4DN+BOfbWsRvrfk//5i vFyMZnoIeyOoyCB7rhzUSLPll5LP8yp5UoThRK5h3DQdr7LZUNS1gWI1AauaVVa9 bW0E15Koq/dSJCrG8ZIx6D0F+SS97NkNnDt5Ie41RkmwjiJi2/U8z0ee5SH02g58 rOPP6r9IT89vtqw6xdgF2IziFDEjpO2i3tSSFtA2gTWELsnVJfDetcjFu5sePsbQ OXZoDIo/bAxWwc0j98EV3mi+4uChbWyHBT9ZxRDk0O4CGrBmA6Uu2D96aFR0DbWk +GOqxanD2EUYrbc8jq/z44OkbCJLKEH/3NSnCh2uTVibeoHS/S8wr49dLQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJQkthWTN2VqCbcoImsKlUO4N0w3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk4OTBkOWVmLWEwODMtNDYzYy05OTI4LTk4YmU3N2FjOWNlZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/0CQMA0GCSqGSIb3DQEBCwUAA4IBAQAk4/69TsxZwMBWtOAy ul3YpzKuN6qT/ulvOiW8exZKcBl5zlubZPZsoguOIWmT4ER/Rbchv+Tl8MyAKmPJ zCvjXokv2PZJkpztUn9mX/flZuNFYW5I/1Cv2EzoJcofpalj9JWFeLFLuCfH6lv7 018epSWwoiboKRyKkoA3YmQeewN6OknSQ1RWsBnkbYyZPGvGyEP4/rZYCeKhc1IS u7YF7QGzXpG5IVkxQxOqnJAmoZMKg+aqSCkBBxweFbqiY+FXwT3beAJQZRuQUlVN +ggqy71fTwmaBy9NMvq4+e7Oi93yeYr9ZdREj/bS6Ft+rtBt5s6a/itf+8LPSoQY gO3E -----END CERTIFICATE-----Generated at Sat Aug 23 08:13:36 2025 by rpki-client