$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa File: aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa (raw, json) Hash identifier: VIRG9frefgPCrP5GN527f4AcM5LbiDf53a8m8N2H80A= Subject key identifier: 15:20:07:83:27:E1:DD:05:82:54:B5:9F:21:1E:F7:48:44:91:55:B2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 261DEF2E50A1B1CCEBF955606820C34E64629F04 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa Signing time: Wed 13 Aug 2025 00:00:12 +0000 ROA not before: Wed 13 Aug 2025 00:00:12 +0000 ROA not after: Wed 17 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:1d:ef:2e:50:a1:b1:cc:eb:f9:55:60:68:20:c3:4e:64:62:9f:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 13 00:00:12 2025 GMT Not After : Sep 17 23:59:59 2025 GMT Subject: serialNumber=9073f8b2946b3c5866e4808097e839c8da68dc8137f2aaa2a2ea09ca00baab39, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:d2:f4:8c:f4:95:28:cc:20:e8:86:6d:a1:f7: ae:15:bc:be:6b:43:f9:a7:14:cf:be:de:04:0f:3f: c6:fd:6b:3b:cf:af:5f:5e:34:2b:6b:18:32:12:ba: bd:e7:2b:40:84:65:c3:87:e0:e7:94:a6:49:eb:1c: 48:e1:38:a1:8b:c6:8d:38:ad:38:51:dd:1b:9f:93: 20:ec:82:86:c0:43:94:cc:d7:90:0a:f9:30:93:59: 51:eb:d4:52:6d:d4:c4:66:33:8b:1f:29:45:50:25: 31:a9:41:01:95:40:15:96:7a:6c:1c:78:f2:6b:a7: 58:f7:89:9c:ba:1f:ed:09:e8:3c:fa:f5:48:6e:a9: 64:98:27:ec:bd:96:49:77:51:23:60:10:b8:48:ee: 18:b0:3a:62:25:83:c9:55:f8:fb:f5:2e:32:0b:07: fd:b0:3e:b7:8d:99:2a:48:c6:82:5c:34:a9:f1:70: f0:04:ef:99:ba:1e:65:c9:9a:db:cc:31:fe:f2:b4: a1:5f:70:8f:0d:4f:ad:aa:7d:0b:d9:da:32:17:a6: f2:13:6b:5a:37:97:d5:22:16:aa:69:f1:81:dd:1c: ec:20:b4:af:b0:b5:ea:83:ff:1b:5c:c0:7d:85:98: 9d:84:7a:e2:60:ea:35:64:b4:d1:ae:98:fb:1e:a2: 0c:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:20:07:83:27:E1:DD:05:82:54:B5:9F:21:1E:F7:48:44:91:55:B2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:a000::/40 Signature Algorithm: sha256WithRSAEncryption be:11:47:4d:76:a5:a4:b4:64:af:cf:40:05:28:c8:9c:f7:78: e2:c2:41:ef:62:89:55:2a:33:a0:43:9e:46:1c:6c:fa:4d:1c: 5e:2e:a0:6e:69:15:01:9d:80:ff:2a:85:43:28:6d:b4:aa:d1: 89:5c:1f:08:c4:b0:f4:2f:7b:38:3d:9a:6a:73:da:f7:6c:35: b2:74:9c:b1:70:2d:ad:fe:9b:4c:d6:87:25:48:31:09:b2:6e: 1c:18:e3:87:9c:af:a0:c1:05:fc:47:00:ce:8e:61:f8:81:21: 77:ab:02:ae:ae:05:89:43:25:7d:db:19:86:fc:60:ef:e3:3c: 8a:1c:74:71:12:25:74:cd:00:a8:15:8b:47:02:d3:be:b7:22: 40:44:69:b8:57:8c:a7:a3:ac:0c:9e:33:22:ed:55:d2:8f:e5: 58:54:05:65:1b:17:a8:49:97:f3:29:8c:48:51:92:60:a7:25: ba:cf:89:a0:66:a0:cc:7f:98:ee:54:aa:e0:7a:57:29:5e:e6: 1d:9e:7b:32:f9:fa:cd:91:cc:15:48:4c:01:28:83:57:3b:a6: 1c:1c:4f:ed:25:93:28:78:59:b5:34:da:90:58:70:6c:61:c2: 77:89:eb:6e:01:c7:75:3d:89:c1:4b:b7:06:a0:02:16:23:49: 6a:a1:d8:68 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJh3vLlChsczr+VVgaCDDTmRinwQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxMzAwMDAxMloX DTI1MDkxNzIzNTk1OVowejFJMEcGA1UEBRNAOTA3M2Y4YjI5NDZiM2M1ODY2ZTQ4 MDgwOTdlODM5YzhkYTY4ZGM4MTM3ZjJhYWEyYTJlYTA5Y2EwMGJhYWIzOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9L0jPSVKMwg6IZtofeuFby+a0P5 pxTPvt4EDz/G/Ws7z69fXjQraxgyErq95ytAhGXDh+DnlKZJ6xxI4Tihi8aNOK04 Ud0bn5Mg7IKGwEOUzNeQCvkwk1lR69RSbdTEZjOLHylFUCUxqUEBlUAVlnpsHHjy a6dY94mcuh/tCeg8+vVIbqlkmCfsvZZJd1EjYBC4SO4YsDpiJYPJVfj79S4yCwf9 sD63jZkqSMaCXDSp8XDwBO+Zuh5lyZrbzDH+8rShX3CPDU+tqn0L2doyF6byE2ta N5fVIhaqafGB3RzsILSvsLXqg/8bXMB9hZidhHriYOo1ZLTRrpj7HqIM4QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBUgB4Mn4d0FglS1nyEe90hEkVWyMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FiYTIzMThjLWU5NmEtNDA1OC04ZTBjLTVhY2EyYjU2YWFkOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMqAwDQYJKoZIhvcNAQELBQADggEBAL4RR012paS0ZK/PQAUo yJz3eOLCQe9iiVUqM6BDnkYcbPpNHF4uoG5pFQGdgP8qhUMobbSq0YlcHwjEsPQv ezg9mmpz2vdsNbJ0nLFwLa3+m0zWhyVIMQmybhwY44ecr6DBBfxHAM6OYfiBIXer Aq6uBYlDJX3bGYb8YO/jPIocdHESJXTNAKgVi0cC0763IkBEabhXjKejrAyeMyLt VdKP5VhUBWUbF6hJl/MpjEhRkmCnJbrPiaBmoMx/mO5UquB6Vyle5h2eezL5+s2R zBVITAEog1c7phwcT+0lkyh4WbU02pBYcGxhwneJ624Bx3U9icFLtwagAhYjSWqh 2Gg= -----END CERTIFICATE-----Generated at Sat Aug 23 06:45:29 2025 by rpki-client