$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cebc5290-288e-4f33-9035-a2d651433cdd.roa File: cebc5290-288e-4f33-9035-a2d651433cdd.roa (raw, json) Hash identifier: rMod8C/vQdrixh10sUsCLynpOmPlWofrOc1uvZ+q6+w= Subject key identifier: BC:F8:9E:E7:E5:0A:99:D6:F4:CD:48:06:E1:15:E0:1F:7B:FC:24:AC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4792E5935D5BDE235A1D351F4E89FA61EA52DD8C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cebc5290-288e-4f33-9035-a2d651433cdd.roa Signing time: Sat 23 Aug 2025 00:30:13 +0000 ROA not before: Sat 23 Aug 2025 00:30:13 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:c000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:92:e5:93:5d:5b:de:23:5a:1d:35:1f:4e:89:fa:61:ea:52:dd:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:30:13 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=d4225f04a2131a68f2fb19bf7feae7de2c960248ae7459e4f6617b576d1f9a1c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:19:50:ea:99:24:f5:67:1b:42:6f:be:6b:57: 4e:00:d7:ec:5b:3a:b2:d1:70:46:c7:c8:8e:ee:60: 5b:cb:09:35:be:e8:ad:08:5e:fb:1a:bd:ae:ac:82: 90:ff:ec:af:c7:c5:bb:a9:59:0d:1b:cd:77:da:00: fa:d2:73:05:58:bd:de:7d:70:58:81:9a:9a:06:b6: 10:89:69:b7:49:e7:23:bf:6a:e4:5a:4e:5d:92:7b: 38:56:32:c4:bb:49:68:f5:d5:35:ca:95:18:a7:4b: 8d:f6:df:75:08:35:3e:d6:39:00:f9:d3:f8:7b:e4: 64:0a:03:16:00:31:ae:9c:70:f4:69:a1:57:b7:be: 1f:5d:64:15:cc:0a:a9:5c:f7:fc:76:bf:26:35:12: 37:3c:ea:46:b2:6c:81:cd:d7:c0:28:7d:3d:2e:b1: 5d:a5:27:59:65:87:0d:53:d0:38:68:94:fa:49:2c: 56:1a:51:42:19:d7:52:ce:b0:e8:1c:a5:18:22:44: d8:88:7f:65:ad:aa:6b:21:0c:58:9e:aa:c8:61:45: c4:3f:8b:7c:eb:02:6f:6b:4a:b4:fa:7f:1f:77:63: 71:9a:4a:06:30:a8:86:da:d5:6f:c1:a4:df:76:95: 67:0b:18:37:a5:55:90:49:00:8f:cc:19:e4:51:7f: e9:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:F8:9E:E7:E5:0A:99:D6:F4:CD:48:06:E1:15:E0:1F:7B:FC:24:AC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cebc5290-288e-4f33-9035-a2d651433cdd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:c000::/40 Signature Algorithm: sha256WithRSAEncryption 5b:d0:b6:0c:ca:aa:c7:d6:5a:9d:6c:af:f3:0e:d5:28:26:e8: 70:2a:e0:7d:1f:f4:64:d8:10:da:85:9f:00:65:6c:75:6c:71: e3:ca:26:91:f7:8d:ef:c9:99:f7:f2:73:23:93:bf:9e:84:70: be:c3:dc:c4:bb:0d:fa:40:0a:44:fc:81:87:b4:5d:8f:50:d4: 8e:91:e6:96:9d:d1:49:bb:69:e9:42:9c:e8:71:c2:71:03:b3: 86:6c:73:be:12:ef:ea:86:c3:c0:05:a7:18:73:e5:0a:5f:03: fc:1d:a7:6c:a8:5f:6a:bd:95:29:6a:94:a8:56:c0:e7:f6:6c: a4:c3:6d:d5:97:60:b0:83:53:12:ec:43:ab:21:4e:63:55:78: c8:56:9b:e4:2b:61:5a:49:07:ab:25:9e:ac:33:4b:23:ff:7b: 8b:5b:e2:08:91:40:9e:a9:58:ff:34:57:3a:ad:c4:fc:28:20: d2:e3:12:f7:e7:aa:df:74:2a:b8:5d:04:a1:1d:83:b5:bb:cf: ca:e0:92:1c:6a:e8:1a:25:e6:dc:99:e4:d3:72:a3:1d:67:32: 8d:ac:c5:4b:93:d3:88:71:26:3e:4f:c3:99:16:a2:fa:19:fa: 7a:b7:03:8d:e5:f5:f4:41:97:10:7c:6c:c4:64:ef:d0:5c:c6: 6a:28:1c:20 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUR5Llk11b3iNaHTUfTon6YepS3YwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMzAxM1oX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAZDQyMjVmMDRhMjEzMWE2OGYyZmIx OWJmN2ZlYWU3ZGUyYzk2MDI0OGFlNzQ1OWU0ZjY2MTdiNTc2ZDFmOWExYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7xlQ6pkk9WcbQm++a1dOANfsWzqy 0XBGx8iO7mBbywk1vuitCF77Gr2urIKQ/+yvx8W7qVkNG8132gD60nMFWL3efXBY gZqaBrYQiWm3Secjv2rkWk5dkns4VjLEu0lo9dU1ypUYp0uN9t91CDU+1jkA+dP4 e+RkCgMWADGunHD0aaFXt74fXWQVzAqpXPf8dr8mNRI3POpGsmyBzdfAKH09LrFd pSdZZYcNU9A4aJT6SSxWGlFCGddSzrDoHKUYIkTYiH9lraprIQxYnqrIYUXEP4t8 6wJva0q0+n8fd2NxmkoGMKiG2tVvwaTfdpVnCxg3pVWQSQCPzBnkUX/pEQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLz4nuflCpnW9M1IBuEV4B97/CSsMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NlYmM1MjkwLTI4OGUtNGYzMy05MDM1LWEyZDY1MTQzM2NkZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAMAwDQYJKoZIhvcNAQELBQADggEBAFvQtgzKqsfWWp1sr/MO 1Sgm6HAq4H0f9GTYENqFnwBlbHVscePKJpH3je/JmffycyOTv56EcL7D3MS7DfpA CkT8gYe0XY9Q1I6R5pad0Um7aelCnOhxwnEDs4Zsc74S7+qGw8AFpxhz5QpfA/wd p2yoX2q9lSlqlKhWwOf2bKTDbdWXYLCDUxLsQ6shTmNVeMhWm+QrYVpJB6slnqwz SyP/e4tb4giRQJ6pWP80VzqtxPwoINLjEvfnqt90KrhdBKEdg7W7z8rgkhxq6Bol 5tyZ5NNyox1nMo2sxUuT04hxJj5Pw5kWovoZ+nq3A43l9fRBlxB8bMRk79Bcxmoo HCA= -----END CERTIFICATE-----Generated at Sat Aug 23 15:41:19 2025 by rpki-client