$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c8ec6c99-ca91-484d-ab88-05d1d618b206.roa File: c8ec6c99-ca91-484d-ab88-05d1d618b206.roa (raw, json) Hash identifier: fNiU/tdn3jZmVblH5lDMTTooxKuN6VUCD3BolGvEabI= Subject key identifier: A2:E2:51:91:47:BE:6D:17:7B:41:E3:D2:1D:3E:D5:09:05:AA:88:F9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6BC6FB4739519CC9CCE3913B10DDC688229B6842 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c8ec6c99-ca91-484d-ab88-05d1d618b206.roa Signing time: Fri 22 Aug 2025 00:20:43 +0000 ROA not before: Fri 22 Aug 2025 00:20:43 +0000 ROA not after: Fri 26 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:6080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:c6:fb:47:39:51:9c:c9:cc:e3:91:3b:10:dd:c6:88:22:9b:68:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 22 00:20:43 2025 GMT Not After : Sep 26 23:59:59 2025 GMT Subject: serialNumber=dd5946a54b71502e89e57e7cb74833efd3bb54f4c0fa51a1cfb4a626f70e46b8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:16:44:75:2d:2c:9f:1d:e4:f3:25:91:70:60: 41:4e:1d:d8:82:cb:6f:28:e2:88:3d:98:d7:20:fe: 0a:ef:61:a2:db:2d:b1:b6:d8:93:90:ac:02:96:29: 1b:85:f5:76:45:d8:d9:0c:17:c5:a0:05:0d:8e:39: ef:b1:fc:45:55:fd:f7:bf:8c:e6:97:cc:46:0d:e9: 23:19:f5:7e:87:bb:e5:15:78:57:cc:2f:45:1a:8c: 09:e7:c2:5d:23:70:a4:29:ab:e7:ed:38:84:3a:9d: cd:45:89:25:d7:ae:52:be:45:47:81:0a:33:52:51: 9f:72:f8:75:e5:b4:fb:b3:6a:66:ba:55:30:1a:50: 47:83:14:62:37:99:fe:29:3b:12:09:a4:e3:13:be: 70:61:68:2e:3a:c6:9d:90:fe:71:41:c5:1a:e4:0a: 56:fd:c8:65:0d:b6:d6:f9:d7:d9:02:e9:ad:e3:d9: cd:d8:43:03:3d:db:39:f8:88:3b:15:ca:9c:75:6e: ec:a4:b3:b9:24:ca:9b:01:ab:b8:18:9f:f9:0d:5a: f1:e7:3d:6c:fc:e6:71:6d:42:28:7e:22:bb:ce:14: af:f8:47:13:dc:09:36:2e:97:f6:8f:5b:2c:73:1a: 55:14:78:c2:f0:61:8c:f7:8f:de:dd:27:50:4f:70: 08:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:E2:51:91:47:BE:6D:17:7B:41:E3:D2:1D:3E:D5:09:05:AA:88:F9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c8ec6c99-ca91-484d-ab88-05d1d618b206.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:6080::/48 Signature Algorithm: sha256WithRSAEncryption 86:4e:03:5f:1d:c2:f6:24:55:9b:ee:f2:73:95:31:17:9e:34: f7:36:9b:4f:53:3f:83:44:19:40:c5:76:a7:da:56:5d:56:37: 2e:a4:d7:68:7b:ad:6a:af:2d:4d:5a:71:dd:93:83:98:ad:8e: c8:ed:24:1f:e7:1f:b8:61:98:3e:46:2f:14:14:48:5a:ce:50: fc:7c:c7:c8:aa:8c:7e:6d:80:70:92:5b:09:46:e0:c0:da:b4: 44:e0:96:fe:33:50:32:7e:27:b4:43:66:e7:ca:27:1c:3f:c3: 8a:7e:7c:8e:ed:18:0f:f5:8b:c2:5b:8f:97:d6:24:27:4b:01: d3:df:a8:7b:ed:05:90:19:a6:90:0d:00:45:f0:ad:43:6d:a3: 35:bc:76:a4:b9:12:50:73:e6:f9:7b:5f:6a:89:6e:c0:c6:aa: 4e:ce:99:b3:7a:1c:1a:39:89:d7:34:c7:8e:2d:ba:33:11:53: ed:a4:a6:2c:e5:0a:01:2d:37:60:e0:20:a2:1f:d1:ed:51:5e: d9:b0:90:08:63:96:2f:72:0f:e5:93:2e:c5:77:73:85:09:d0: 14:7f:40:4d:17:31:96:7e:8c:9b:b4:02:8d:8f:b9:d2:4f:35: 6a:21:cc:2a:44:51:68:40:01:85:74:d0:63:f7:a9:a1:6f:d3: fb:0d:58:32 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUa8b7RzlRnMnM45E7EN3GiCKbaEIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMjAwMjA0M1oX DTI1MDkyNjIzNTk1OVowejFJMEcGA1UEBRNAZGQ1OTQ2YTU0YjcxNTAyZTg5ZTU3 ZTdjYjc0ODMzZWZkM2JiNTRmNGMwZmE1MWExY2ZiNGE2MjZmNzBlNDZiODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRZEdS0snx3k8yWRcGBBTh3Ygstv KOKIPZjXIP4K72Gi2y2xttiTkKwClikbhfV2RdjZDBfFoAUNjjnvsfxFVf33v4zm l8xGDekjGfV+h7vlFXhXzC9FGowJ58JdI3CkKavn7TiEOp3NRYkl165SvkVHgQoz UlGfcvh15bT7s2pmulUwGlBHgxRiN5n+KTsSCaTjE75wYWguOsadkP5xQcUa5ApW /chlDbbW+dfZAumt49nN2EMDPds5+Ig7FcqcdW7spLO5JMqbAau4GJ/5DVrx5z1s /OZxbUIofiK7zhSv+EcT3Ak2Lpf2j1sscxpVFHjC8GGM94/e3SdQT3AIRQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKLiUZFHvm0Xe0Hj0h0+1QkFqoj5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M4ZWM2Yzk5LWNhOTEtNDg0ZC1hYjg4LTA1ZDFkNjE4YjIwNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYWCAMA0GCSqGSIb3DQEBCwUAA4IBAQCGTgNfHcL2JFWb7vJz lTEXnjT3NptPUz+DRBlAxXan2lZdVjcupNdoe61qry1NWnHdk4OYrY7I7SQf5x+4 YZg+Ri8UFEhazlD8fMfIqox+bYBwklsJRuDA2rRE4Jb+M1Ayfie0Q2bnyiccP8OK fnyO7RgP9YvCW4+X1iQnSwHT36h77QWQGaaQDQBF8K1DbaM1vHakuRJQc+b5e19q iW7AxqpOzpmzehwaOYnXNMeOLbozEVPtpKYs5QoBLTdg4CCiH9HtUV7ZsJAIY5Yv cg/lky7Fd3OFCdAUf0BNFzGWfoybtAKNj7nSTzVqIcwqRFFoQAGFdNBj96mhb9P7 DVgy -----END CERTIFICATE-----Generated at Sat Aug 23 08:10:34 2025 by rpki-client