$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b2265854-ac1c-4e5a-a794-d4ce1e5833ad.roa File: b2265854-ac1c-4e5a-a794-d4ce1e5833ad.roa (raw, json) Hash identifier: oB+Y2Lz+XqCuj4LQPeuHdC1JeiZBnI5YYKa2hGmufyw= Subject key identifier: 84:2E:F6:D4:F5:E3:6B:D2:43:63:BE:91:81:8D:D6:D1:73:C5:D4:7D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0CB53E469B4AD28DF05B9EC2F0647D8F64420E29 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b2265854-ac1c-4e5a-a794-d4ce1e5833ad.roa Signing time: Sat 23 Aug 2025 00:40:06 +0000 ROA not before: Sat 23 Aug 2025 00:40:06 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:8800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:b5:3e:46:9b:4a:d2:8d:f0:5b:9e:c2:f0:64:7d:8f:64:42:0e:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:40:06 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=e10bd8a97e2bdb549eddb3b0c0ecf88d40af0cc924b100013af194c5e8835bff, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:17:ea:a9:f9:d4:13:e9:4f:55:a8:a9:49:78: dc:57:67:05:0a:fb:20:be:ad:65:01:a9:46:62:e3: 75:11:35:ff:84:13:25:3c:14:93:ec:83:b2:dc:fc: 84:dc:a8:78:7b:ec:68:bf:23:f2:20:56:3f:84:75: d7:39:27:a2:b5:50:9f:f0:00:bb:9e:62:7b:ca:6a: a4:e2:a9:64:8e:3e:d7:b9:ad:bc:ee:2f:87:13:b4: 9e:47:0c:2a:8e:dd:61:3b:30:42:b8:14:40:d2:60: 92:91:c6:33:cb:5a:37:bf:33:dc:b3:01:46:22:84: b4:b8:b5:c1:49:7e:44:56:07:84:ed:9a:26:78:03: db:95:fc:15:12:d9:3c:7f:a6:ae:01:f3:a8:a9:46: 2e:8e:cd:a8:b2:a7:14:be:a1:a5:67:38:c8:17:d3: 2f:13:36:21:69:34:13:f9:ca:bf:7d:4a:88:c2:18: 9a:ac:87:06:63:9d:e2:44:8b:c3:a2:08:47:4d:93: 22:80:a1:16:07:1e:50:49:cb:2c:f9:9c:77:20:65: ed:7f:cb:db:18:04:58:4b:09:2b:6e:69:d9:27:e2: a1:21:d7:80:73:85:a5:5c:ae:5d:ed:66:58:ad:d2: 5d:28:2d:ef:06:f2:32:a2:99:98:c4:56:3b:9e:b6: 97:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:2E:F6:D4:F5:E3:6B:D2:43:63:BE:91:81:8D:D6:D1:73:C5:D4:7D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b2265854-ac1c-4e5a-a794-d4ce1e5833ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:8800::/40 Signature Algorithm: sha256WithRSAEncryption 91:4e:4d:e1:3c:c7:f4:3c:42:38:6c:dc:dd:1f:23:8c:ec:cd: 67:bc:d8:9e:b0:a9:5f:d5:b5:97:7b:b6:2d:bf:32:6e:d7:24: 7b:98:61:ad:17:67:fc:10:e5:21:13:ca:77:bd:89:ec:52:d2: f9:ae:ab:d4:ae:24:a4:dd:a8:c4:21:c8:bd:00:85:ea:a2:5d: 40:47:0c:d8:a1:4b:ca:5a:1a:9d:dc:cb:77:be:f2:2c:ce:c3: 63:45:64:ee:38:2e:17:9b:0c:4b:be:4e:1d:d5:a5:a3:31:f9: 73:f3:2f:9e:9c:57:20:eb:ce:4f:e6:9b:1f:a1:6d:fe:4a:6b: 8b:2d:73:eb:b2:28:31:dd:f1:ec:04:96:b6:ed:1a:9a:52:6f: 60:12:17:d2:d3:c7:eb:71:a8:96:96:0b:38:89:df:bd:a2:2a: da:a7:46:54:2f:3f:68:ea:70:8c:55:f8:27:5e:dd:28:93:0e: 8e:ff:8e:dd:f7:1e:de:d0:73:e5:d8:85:19:35:8a:26:ca:74: d9:47:ad:19:19:19:30:5f:da:22:79:54:69:47:eb:7e:ab:1c: 55:70:0b:87:73:65:78:28:ce:de:51:6f:45:5b:4a:e8:98:e0: c3:fa:c3:e1:52:73:2d:37:13:90:48:3f:36:90:dc:ad:47:57: d4:8f:2d:6e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDLU+RptK0o3wW57C8GR9j2RCDikwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwNDAwNloX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAZTEwYmQ4YTk3ZTJiZGI1NDllZGRi M2IwYzBlY2Y4OGQ0MGFmMGNjOTI0YjEwMDAxM2FmMTk0YzVlODgzNWJmZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5hfqqfnUE+lPVaipSXjcV2cFCvsg vq1lAalGYuN1ETX/hBMlPBST7IOy3PyE3Kh4e+xovyPyIFY/hHXXOSeitVCf8AC7 nmJ7ymqk4qlkjj7Xua287i+HE7SeRwwqjt1hOzBCuBRA0mCSkcYzy1o3vzPcswFG IoS0uLXBSX5EVgeE7ZomeAPblfwVEtk8f6auAfOoqUYujs2osqcUvqGlZzjIF9Mv EzYhaTQT+cq/fUqIwhiarIcGY53iRIvDoghHTZMigKEWBx5QScss+Zx3IGXtf8vb GARYSwkrbmnZJ+KhIdeAc4WlXK5d7WZYrdJdKC3vBvIyopmYxFY7nraXtwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIQu9tT142vSQ2O+kYGN1tFzxdR9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IyMjY1ODU0LWFjMWMtNGU1YS1hNzk0LWQ0Y2UxZTU4MzNhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOIgwDQYJKoZIhvcNAQELBQADggEBAJFOTeE8x/Q8Qjhs3N0f I4zszWe82J6wqV/VtZd7ti2/Mm7XJHuYYa0XZ/wQ5SETyne9iexS0vmuq9SuJKTd qMQhyL0AheqiXUBHDNihS8paGp3cy3e+8izOw2NFZO44LhebDEu+Th3VpaMx+XPz L56cVyDrzk/mmx+hbf5Ka4stc+uyKDHd8ewElrbtGppSb2ASF9LTx+txqJaWCziJ 372iKtqnRlQvP2jqcIxV+Cde3SiTDo7/jt33Ht7Qc+XYhRk1iibKdNlHrRkZGTBf 2iJ5VGlH636rHFVwC4dzZXgozt5Rb0VbSuiY4MP6w+FScy03E5BIPzaQ3K1HV9SP LW4= -----END CERTIFICATE-----Generated at Sat Aug 23 08:07:41 2025 by rpki-client