$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af8dad8f-1b43-44a7-a8af-fef9607356c3.roa File: af8dad8f-1b43-44a7-a8af-fef9607356c3.roa (raw, json) Hash identifier: pA8XgBuZGzGOk01bKdv0SSYTN3en9d6iFK5DwJu+FeM= Subject key identifier: 33:6B:95:24:6C:2C:90:3A:D0:22:8A:89:20:14:63:63:E9:73:B6:C4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3630709CE389CA1E6994BFBF80FA0018E08FC0E4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af8dad8f-1b43-44a7-a8af-fef9607356c3.roa Signing time: Wed 06 Aug 2025 00:01:05 +0000 ROA not before: Wed 06 Aug 2025 00:01:05 +0000 ROA not after: Wed 10 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daef:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:30:70:9c:e3:89:ca:1e:69:94:bf:bf:80:fa:00:18:e0:8f:c0:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 6 00:01:05 2025 GMT Not After : Sep 10 23:59:59 2025 GMT Subject: serialNumber=96aa751c0b871af6750867fab9376296bec5c5ebaa6a266120680bfebffd1548, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:a9:c0:9f:a8:03:fb:6b:13:3e:4f:28:0b:e5: 2c:0e:d4:c8:c7:76:80:30:6c:20:8c:34:81:cd:de: 9a:fc:42:04:c5:cd:6c:be:0f:66:d2:d9:85:52:7f: 14:54:02:77:28:f1:ef:99:80:d3:cf:e8:af:cf:77: 99:a7:f9:a2:9b:f0:ca:67:3b:02:26:ee:0e:c0:45: 39:37:87:f4:d7:21:da:38:f4:a4:58:99:8f:dc:3d: c8:25:2d:fc:4d:42:72:3d:32:eb:86:ba:04:1e:41: b1:ed:80:5a:ea:4f:03:01:bf:ac:be:1d:c6:76:25: 9b:3f:01:ba:38:0a:cd:2a:db:88:d4:73:31:22:c9: f1:7b:6e:bd:ca:9a:b3:c2:44:54:bf:4a:87:d2:13: 35:4b:a1:f1:f0:22:49:52:53:45:19:f1:e0:88:88: dc:ba:40:97:9e:14:76:a4:1f:59:0a:2c:b7:ad:76: 4a:c6:c2:19:51:9a:37:53:7d:24:a6:19:1a:43:66: 19:c2:19:0e:23:a0:4d:0d:cb:16:39:15:79:e4:05: fc:38:af:e7:35:4c:61:89:ec:3b:63:4a:10:99:97: 90:75:16:7f:19:bb:bf:c5:73:91:e8:51:e2:c8:95: ee:1c:59:d2:1c:72:f9:08:13:aa:2f:be:12:e9:53: 49:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:6B:95:24:6C:2C:90:3A:D0:22:8A:89:20:14:63:63:E9:73:B6:C4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af8dad8f-1b43-44a7-a8af-fef9607356c3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:f000::/40 Signature Algorithm: sha256WithRSAEncryption 90:a2:15:01:d6:9e:65:04:02:20:ed:c7:28:37:13:66:be:36: 5a:52:31:6c:ef:6f:df:37:54:ed:8a:89:cb:36:d2:7d:57:03: e3:c2:91:60:e1:84:dc:f5:2d:2e:7e:37:e4:da:80:97:c0:60: 25:f9:56:8e:55:ff:f6:49:e9:4d:7f:68:4f:e4:15:4e:9e:f6: e8:81:5c:ea:0b:bc:91:94:63:33:e5:9d:7d:9e:c9:d9:a6:de: fa:0e:6f:d3:fe:c7:cd:64:96:cc:bf:1d:42:8a:06:db:fa:ab: ce:7b:10:58:12:92:ff:64:35:36:a7:77:26:a4:c6:9e:1e:2f: 89:dc:37:43:30:22:13:06:55:c3:87:7b:86:44:ea:77:04:54: 70:9a:3d:98:6e:d8:26:1f:65:1d:73:dd:90:9d:c1:a9:79:2b: a0:49:d1:10:66:70:59:7b:5d:01:18:a6:59:ae:99:1b:a1:b5: f3:2a:dc:2d:0c:b1:b2:21:e6:9b:e4:d5:d1:b6:28:57:4e:34: 29:96:cf:2d:49:b6:fe:08:52:58:9a:44:f1:39:a0:46:53:77: 19:f4:e4:03:7f:07:f9:20:46:8c:35:9c:4a:85:5d:9c:2d:35: f6:9b:9d:bf:71:8f:4b:e8:a9:e7:c6:aa:73:71:34:a5:ad:14: c1:f4:73:93 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNjBwnOOJyh5plL+/gPoAGOCPwOQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwNjAwMDEwNVoX DTI1MDkxMDIzNTk1OVowejFJMEcGA1UEBRNAOTZhYTc1MWMwYjg3MWFmNjc1MDg2 N2ZhYjkzNzYyOTZiZWM1YzVlYmFhNmEyNjYxMjA2ODBiZmViZmZkMTU0ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKnAn6gD+2sTPk8oC+UsDtTIx3aA MGwgjDSBzd6a/EIExc1svg9m0tmFUn8UVAJ3KPHvmYDTz+ivz3eZp/mim/DKZzsC Ju4OwEU5N4f01yHaOPSkWJmP3D3IJS38TUJyPTLrhroEHkGx7YBa6k8DAb+svh3G diWbPwG6OArNKtuI1HMxIsnxe269ypqzwkRUv0qH0hM1S6Hx8CJJUlNFGfHgiIjc ukCXnhR2pB9ZCiy3rXZKxsIZUZo3U30kphkaQ2YZwhkOI6BNDcsWORV55AX8OK/n NUxhiew7Y0oQmZeQdRZ/Gbu/xXOR6FHiyJXuHFnSHHL5CBOqL74S6VNJSwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDNrlSRsLJA60CKKiSAUY2Ppc7bEMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FmOGRhZDhmLTFiNDMtNDRhNy1hOGFmLWZlZjk2MDczNTZjMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7/AwDQYJKoZIhvcNAQELBQADggEBAJCiFQHWnmUEAiDtxyg3 E2a+NlpSMWzvb983VO2Kics20n1XA+PCkWDhhNz1LS5+N+TagJfAYCX5Vo5V//ZJ 6U1/aE/kFU6e9uiBXOoLvJGUYzPlnX2eydmm3voOb9P+x81klsy/HUKKBtv6q857 EFgSkv9kNTandyakxp4eL4ncN0MwIhMGVcOHe4ZE6ncEVHCaPZhu2CYfZR1z3ZCd wal5K6BJ0RBmcFl7XQEYplmumRuhtfMq3C0MsbIh5pvk1dG2KFdONCmWzy1Jtv4I UliaRPE5oEZTdxn05AN/B/kgRow1nEqFXZwtNfabnb9xj0voqefGqnNxNKWtFMH0 c5M= -----END CERTIFICATE-----Generated at Sat Aug 23 08:10:02 2025 by rpki-client