$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b04ab6cc-e646-42b2-b8a0-75a22e4744ea.roa File: b04ab6cc-e646-42b2-b8a0-75a22e4744ea.roa (raw, json) Hash identifier: 0YNjKk8Y6crfpKTELiKS5y4swHwjPDfJAxLwEE2ACN8= Subject key identifier: 20:E4:18:6D:79:40:92:2C:9B:59:A9:E4:28:B1:96:23:13:48:98:BA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1F8EC59CB5E853F6C451B4D35CA3787E106677DC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b04ab6cc-e646-42b2-b8a0-75a22e4744ea.roa Signing time: Wed 13 Aug 2025 00:00:05 +0000 ROA not before: Wed 13 Aug 2025 00:00:05 +0000 ROA not after: Wed 17 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:8e:c5:9c:b5:e8:53:f6:c4:51:b4:d3:5c:a3:78:7e:10:66:77:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 13 00:00:05 2025 GMT Not After : Sep 17 23:59:59 2025 GMT Subject: serialNumber=3d6be8a1eb8b4766f9c5afb0ca0bf28993656a45602dc9194d3fec917d700bc1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:95:a7:8b:32:02:6b:6f:3a:0d:13:c3:19:20: 3e:22:1b:2a:46:51:70:0e:d1:75:92:ee:60:b0:f3: 62:a6:e5:99:1c:89:91:b7:b5:12:31:92:3c:11:a4: b7:a4:95:2b:7f:69:b6:e0:de:49:12:e1:20:37:f8: 57:e8:a8:58:27:42:3c:f6:01:9e:b8:38:87:3c:1b: 85:4c:3a:62:49:f7:82:d5:dc:19:a9:10:f4:b3:f5: 17:40:71:4c:51:1e:c7:5e:43:af:8a:9e:bb:a3:bf: 14:64:db:b1:63:74:58:c3:91:22:0a:f2:ed:19:9c: 7e:44:d8:8b:37:0b:6b:eb:46:6c:9b:ad:3c:cc:5f: f2:7c:ca:62:d2:f5:8a:81:45:01:35:a6:43:3d:33: c7:b8:4c:67:48:82:3a:7c:3a:79:0b:76:3d:8e:d1: 77:e8:0c:ee:e0:1f:aa:d9:13:17:9e:5f:f6:b2:97: c6:72:89:d3:83:71:3a:9a:ee:a4:92:2c:e5:ad:41: b1:f3:37:e7:2c:e2:b4:dd:11:c6:07:c9:cb:22:a8: 5f:9e:c5:ba:0d:50:42:12:3b:8f:11:f6:25:71:06: 3d:0f:58:8b:47:82:60:53:2b:10:e3:01:5e:a0:8f: 87:0c:9f:9d:c6:33:06:62:5c:61:70:44:97:b2:5a: 9c:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:E4:18:6D:79:40:92:2C:9B:59:A9:E4:28:B1:96:23:13:48:98:BA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b04ab6cc-e646-42b2-b8a0-75a22e4744ea.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:1000::/40 Signature Algorithm: sha256WithRSAEncryption 35:68:52:85:9e:d5:d9:90:90:de:4e:cd:0e:c6:52:29:ea:f5: e5:5a:b1:e0:1a:40:0f:83:ac:95:da:ee:6a:fd:e8:1c:b0:4e: df:fb:53:52:5c:7a:91:f3:39:c0:7f:67:0e:05:e0:12:5e:49: b4:a1:60:00:b6:5b:b5:40:d6:1c:ca:c0:75:fd:33:eb:09:4d: 68:52:8e:04:e2:a3:7f:0d:ad:05:f3:58:19:d5:5f:4c:0a:3d: 3f:a7:cf:72:c0:4b:b7:1e:14:81:66:73:8b:40:33:d1:8d:82: 19:10:45:cf:69:56:7d:03:2c:93:db:f1:39:fe:de:fe:2e:53: 35:6b:40:fe:e8:ba:6b:b3:94:6d:fe:07:c9:96:91:aa:8a:10: 25:1b:95:a8:1a:9a:aa:9c:ee:40:5e:f9:6f:80:88:d2:e8:d7: 79:6d:fe:da:13:88:0d:86:5d:cb:a0:7a:8c:57:a4:25:00:d9: fd:6d:fa:b7:93:8b:f2:e4:08:c3:93:a5:a1:05:87:db:c2:19: d5:f0:df:9c:df:ac:d2:7c:66:af:f0:e7:41:cc:3c:27:bd:52: d9:16:a2:67:59:1f:bd:c2:92:6a:e6:28:ba:e2:4d:03:05:c0: 9a:e6:4b:c8:20:ea:71:2b:b6:dd:0b:94:45:96:d6:44:bf:6f: 05:29:2e:33 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUH47FnLXoU/bEUbTTXKN4fhBmd9wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxMzAwMDAwNVoX DTI1MDkxNzIzNTk1OVowejFJMEcGA1UEBRNAM2Q2YmU4YTFlYjhiNDc2NmY5YzVh ZmIwY2EwYmYyODk5MzY1NmE0NTYwMmRjOTE5NGQzZmVjOTE3ZDcwMGJjMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZWnizICa286DRPDGSA+IhsqRlFw DtF1ku5gsPNipuWZHImRt7USMZI8EaS3pJUrf2m24N5JEuEgN/hX6KhYJ0I89gGe uDiHPBuFTDpiSfeC1dwZqRD0s/UXQHFMUR7HXkOvip67o78UZNuxY3RYw5EiCvLt GZx+RNiLNwtr60Zsm608zF/yfMpi0vWKgUUBNaZDPTPHuExnSII6fDp5C3Y9jtF3 6Azu4B+q2RMXnl/2spfGconTg3E6mu6kkizlrUGx8zfnLOK03RHGB8nLIqhfnsW6 DVBCEjuPEfYlcQY9D1iLR4JgUysQ4wFeoI+HDJ+dxjMGYlxhcESXslqc3wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCDkGG15QJIsm1mp5CixliMTSJi6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IwNGFiNmNjLWU2NDYtNDJiMi1iOGEwLTc1YTIyZTQ3NDRlYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMhAwDQYJKoZIhvcNAQELBQADggEBADVoUoWe1dmQkN5OzQ7G Uinq9eVaseAaQA+DrJXa7mr96BywTt/7U1JcepHzOcB/Zw4F4BJeSbShYAC2W7VA 1hzKwHX9M+sJTWhSjgTio38NrQXzWBnVX0wKPT+nz3LAS7ceFIFmc4tAM9GNghkQ Rc9pVn0DLJPb8Tn+3v4uUzVrQP7oumuzlG3+B8mWkaqKECUblagamqqc7kBe+W+A iNLo13lt/toTiA2GXcugeoxXpCUA2f1t+reTi/LkCMOTpaEFh9vCGdXw35zfrNJ8 Zq/w50HMPCe9UtkWomdZH73CkmrmKLriTQMFwJrmS8gg6nErtt0LlEWW1kS/bwUp LjM= -----END CERTIFICATE-----Generated at Sat Aug 23 08:07:16 2025 by rpki-client