$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9add10b6-9103-4c19-a99b-242367ce96bd.roa File: 9add10b6-9103-4c19-a99b-242367ce96bd.roa (raw, json) Hash identifier: QUrVJ9mjkj7wr6SWU+6WOLdeIpjZ778gp/uhJCaHCMo= Subject key identifier: 2B:32:79:6A:6E:DF:F2:87:A3:9D:0E:B3:1F:A3:2E:51:84:42:88:5D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 32F6E917F2A5188D9C5FB8022A08B69A52852FBD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9add10b6-9103-4c19-a99b-242367ce96bd.roa Signing time: Sat 23 Aug 2025 00:10:56 +0000 ROA not before: Sat 23 Aug 2025 00:10:56 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:4840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:f6:e9:17:f2:a5:18:8d:9c:5f:b8:02:2a:08:b6:9a:52:85:2f:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:10:56 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=eaf23ecea466d4c578639ee01ad5a37d0fb0a8d361555dd79c4814332fe4ff88, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:62:5b:0d:77:00:b8:84:e3:a5:bc:3d:85:31: f9:86:78:ca:22:e3:53:57:b5:61:8c:80:d9:61:a3: 3b:3d:62:b4:97:5d:c9:a4:7e:4f:10:0b:ac:1c:0b: 1a:b0:ed:04:7d:af:20:35:69:81:5a:69:30:58:b2: d7:3d:7c:f5:af:5f:e4:3b:41:ae:c3:f3:a8:87:11: c8:ee:c4:a0:74:e6:81:b6:83:36:19:eb:be:66:c0: d9:52:bd:00:83:32:be:5b:f7:60:77:66:ed:72:95: 69:02:63:e6:98:ef:83:e3:80:b6:48:91:f6:54:0a: d4:af:43:6d:73:d3:9e:5f:9c:a1:54:bd:d1:a1:c1: c3:7b:5f:fc:90:03:4a:7d:82:fa:13:4d:b7:89:ac: 71:fa:42:78:7e:8c:be:bb:ba:6a:4d:1c:21:95:c0: 22:db:9f:12:4c:f4:5d:14:0e:17:02:61:62:4d:17: ce:a3:9a:57:3c:2d:56:a2:b8:5d:28:1a:ff:a6:91: ea:bf:50:39:c0:33:f4:49:2d:e1:d6:5b:32:46:0a: 4e:84:cc:91:02:b9:f4:e5:31:39:98:c7:d2:46:04: e2:20:86:3c:1c:68:eb:06:4f:77:48:e9:fd:b3:95: 58:c7:f2:40:12:6b:23:3c:4f:97:c4:65:f1:a8:47: b4:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:32:79:6A:6E:DF:F2:87:A3:9D:0E:B3:1F:A3:2E:51:84:42:88:5D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9add10b6-9103-4c19-a99b-242367ce96bd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:4840::/48 Signature Algorithm: sha256WithRSAEncryption 38:5f:c6:6d:e5:0d:28:3d:70:a4:e2:ab:12:47:39:c8:70:f6: aa:3e:5a:cd:c9:cc:66:02:fd:2d:d1:f2:25:2f:78:f2:40:c5: e6:68:f9:3a:19:e3:84:e0:92:6b:95:80:56:b6:4f:86:3a:48: 10:20:1e:75:ec:b1:56:b5:03:9b:a0:79:4a:3f:9e:0a:4a:52: b7:b2:92:bd:3d:c0:62:62:3f:48:f5:8c:a7:d9:20:08:67:99: 7c:8c:89:6d:32:d1:60:bb:01:1b:91:d6:15:5b:55:3d:e2:e0: 57:26:29:1c:8e:cc:5b:e5:5b:83:e8:21:57:6f:c5:7b:4c:41: 4a:c0:cc:d8:2a:8b:71:ee:04:01:21:f3:7f:d9:c8:dc:ed:5a: 46:79:e3:d9:4a:c7:73:82:5f:8e:0e:37:8d:e3:8d:33:d3:cd: d0:27:b9:ba:90:60:38:74:34:4a:b3:8b:28:42:71:16:6d:89: 3a:65:53:d2:8d:4b:f1:c8:39:44:cd:e0:11:93:e5:af:5c:36: 00:dd:79:f1:66:7e:e3:e4:ec:95:54:8b:71:8a:83:45:98:a5: 0b:86:43:ba:6e:d2:19:64:b8:54:58:23:c6:c9:26:87:b8:b4: 4d:d2:a5:3a:57:ec:f1:83:6e:00:dc:12:99:b3:b5:90:a1:82: 7f:af:46:55 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUMvbpF/KlGI2cX7gCKgi2mlKFL70wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMTA1NloX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAZWFmMjNlY2VhNDY2ZDRjNTc4NjM5 ZWUwMWFkNWEzN2QwZmIwYThkMzYxNTU1ZGQ3OWM0ODE0MzMyZmU0ZmY4ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02JbDXcAuITjpbw9hTH5hnjKIuNT V7VhjIDZYaM7PWK0l13JpH5PEAusHAsasO0Efa8gNWmBWmkwWLLXPXz1r1/kO0Gu w/OohxHI7sSgdOaBtoM2Geu+ZsDZUr0AgzK+W/dgd2btcpVpAmPmmO+D44C2SJH2 VArUr0Ntc9OeX5yhVL3RocHDe1/8kANKfYL6E023iaxx+kJ4foy+u7pqTRwhlcAi 258STPRdFA4XAmFiTRfOo5pXPC1WorhdKBr/ppHqv1A5wDP0SS3h1lsyRgpOhMyR Arn05TE5mMfSRgTiIIY8HGjrBk93SOn9s5VYx/JAEmsjPE+XxGXxqEe0AwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCsyeWpu3/KHo50Osx+jLlGEQohdMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlhZGQxMGI2LTkxMDMtNGMxOS1hOTliLTI0MjM2N2NlOTZiZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/0hAMA0GCSqGSIb3DQEBCwUAA4IBAQA4X8Zt5Q0oPXCk4qsS RznIcPaqPlrNycxmAv0t0fIlL3jyQMXmaPk6GeOE4JJrlYBWtk+GOkgQIB517LFW tQOboHlKP54KSlK3spK9PcBiYj9I9Yyn2SAIZ5l8jIltMtFguwEbkdYVW1U94uBX Jikcjsxb5VuD6CFXb8V7TEFKwMzYKotx7gQBIfN/2cjc7VpGeePZSsdzgl+ODjeN 440z083QJ7m6kGA4dDRKs4soQnEWbYk6ZVPSjUvxyDlEzeARk+WvXDYA3XnxZn7j 5OyVVItxioNFmKULhkO6btIZZLhUWCPGySaHuLRN0qU6V+zxg24A3BKZs7WQoYJ/ r0ZV -----END CERTIFICATE-----Generated at Sat Aug 23 14:04:58 2025 by rpki-client