$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0716d05-e421-4b76-b3d0-5a92c5c93094.roa File: d0716d05-e421-4b76-b3d0-5a92c5c93094.roa (raw, json) Hash identifier: /4wRMyGz0aObVcj+WhnvTze1beUOjQhDRaxN+w9oKiQ= Subject key identifier: E0:BC:0C:94:E7:2A:30:24:A5:A7:7F:76:E3:1E:C8:CA:5E:6A:AE:D5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 161DC0CDC6B5DBB7D86FE6CFE6EC0E2BBC2E0C88 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0716d05-e421-4b76-b3d0-5a92c5c93094.roa Signing time: Fri 22 Aug 2025 00:01:24 +0000 ROA not before: Fri 22 Aug 2025 00:01:24 +0000 ROA not after: Fri 26 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:70c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:1d:c0:cd:c6:b5:db:b7:d8:6f:e6:cf:e6:ec:0e:2b:bc:2e:0c:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 22 00:01:24 2025 GMT Not After : Sep 26 23:59:59 2025 GMT Subject: serialNumber=44cbf28e4a639d155e84841e7c9e3c809552897b6d7d70182708f0cf4b9c3afd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:d2:0e:e0:9e:3c:ce:67:06:70:1b:1e:97:4b: 1e:37:91:00:45:ed:27:b7:83:56:a2:d8:f4:99:08: d1:2e:40:47:f8:2a:09:b4:d4:b7:ff:68:fa:bb:7c: 99:59:3a:88:fc:be:bc:2c:75:2d:69:52:3d:c3:97: 20:ce:1b:01:b0:41:aa:b3:ec:2c:86:92:b2:6b:c8: 7a:c3:2d:50:e8:af:95:c2:4f:ea:2a:7b:1c:08:6f: ae:ed:ce:9c:26:c8:a3:81:9e:81:6b:9d:8f:69:ab: b6:5f:f6:26:b9:87:60:91:bd:63:50:ae:84:f8:85: 8f:3a:73:e3:15:32:bf:82:3b:db:41:29:68:e0:9c: bd:1a:2b:9a:ab:4a:c6:d1:2b:2e:ac:48:44:d6:78: 3e:f2:ac:43:39:5e:f2:f1:ca:ba:10:ff:53:07:aa: 04:e5:f8:92:26:44:3d:2f:15:ab:4b:c5:b4:21:ce: 29:fe:e1:0d:cd:c5:b9:ed:bf:c5:80:3d:bd:c8:73: 28:fb:da:5c:fe:52:b7:27:75:00:d7:97:58:f5:7f: d6:82:0a:1e:30:e9:01:f0:57:9e:83:22:8c:b0:d8: a9:56:14:19:5b:53:f7:ff:9e:76:32:0d:65:87:37: c8:6d:01:ee:8d:79:e8:ae:4c:63:fe:de:6c:2d:74: bd:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:BC:0C:94:E7:2A:30:24:A5:A7:7F:76:E3:1E:C8:CA:5E:6A:AE:D5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0716d05-e421-4b76-b3d0-5a92c5c93094.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:70c0::/48 Signature Algorithm: sha256WithRSAEncryption c8:48:2b:d1:68:43:1f:49:10:e3:9c:bb:ba:08:d2:78:48:2b: 0b:98:ac:4c:62:c4:ae:11:3e:17:62:b0:d6:76:df:e2:49:94: f8:32:e4:c2:8c:5b:2b:14:63:d2:bd:d6:11:b8:47:84:a2:c2: 3d:b0:9a:d3:56:cb:39:8c:bf:92:10:16:82:16:8c:2a:d4:a1: 1a:0a:50:7d:d8:11:40:aa:2b:f7:f6:ec:fe:6d:29:83:35:41: 97:b0:50:34:0a:ac:14:31:e2:4a:34:48:fb:1e:e7:a9:2c:7e: 65:8c:79:a2:2a:25:dd:06:00:93:45:78:01:d8:ee:25:25:48: 22:39:21:86:a0:71:92:36:5c:de:be:ab:a8:f7:38:11:ee:43: ff:0d:41:9b:ca:f0:84:c8:10:c8:49:42:4b:24:3b:e3:b1:0b: 02:9c:95:3d:d8:71:31:29:4e:f0:ca:84:5f:92:bc:e0:a1:e6: fb:fd:41:c6:d8:cd:29:1a:be:84:98:99:ed:8c:f6:88:03:06: e5:bc:93:9b:ca:39:48:6a:95:2f:86:f9:1c:9f:bf:a3:b8:bb: d6:ae:1c:b3:0e:02:45:83:74:25:67:e3:2e:f8:70:01:98:59: f3:1b:aa:47:71:f4:05:d4:21:8f:84:09:88:14:05:df:5c:39: d1:9b:c1:5f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUFh3Azca127fYb+bP5uwOK7wuDIgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMjAwMDEyNFoX DTI1MDkyNjIzNTk1OVowejFJMEcGA1UEBRNANDRjYmYyOGU0YTYzOWQxNTVlODQ4 NDFlN2M5ZTNjODA5NTUyODk3YjZkN2Q3MDE4MjcwOGYwY2Y0YjljM2FmZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudIO4J48zmcGcBsel0seN5EARe0n t4NWotj0mQjRLkBH+CoJtNS3/2j6u3yZWTqI/L68LHUtaVI9w5cgzhsBsEGqs+ws hpKya8h6wy1Q6K+Vwk/qKnscCG+u7c6cJsijgZ6Ba52Paau2X/YmuYdgkb1jUK6E +IWPOnPjFTK/gjvbQSlo4Jy9Giuaq0rG0SsurEhE1ng+8qxDOV7y8cq6EP9TB6oE 5fiSJkQ9LxWrS8W0Ic4p/uENzcW57b/FgD29yHMo+9pc/lK3J3UA15dY9X/Wggoe MOkB8FeegyKMsNipVhQZW1P3/552Mg1lhzfIbQHujXnorkxj/t5sLXS9vwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOC8DJTnKjAkpad/duMeyMpeaq7VMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QwNzE2ZDA1LWU0MjEtNGI3Ni1iM2QwLTVhOTJjNWM5MzA5NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/3DAMA0GCSqGSIb3DQEBCwUAA4IBAQDISCvRaEMfSRDjnLu6 CNJ4SCsLmKxMYsSuET4XYrDWdt/iSZT4MuTCjFsrFGPSvdYRuEeEosI9sJrTVss5 jL+SEBaCFowq1KEaClB92BFAqiv39uz+bSmDNUGXsFA0CqwUMeJKNEj7HuepLH5l jHmiKiXdBgCTRXgB2O4lJUgiOSGGoHGSNlzevquo9zgR7kP/DUGbyvCEyBDISUJL JDvjsQsCnJU92HExKU7wyoRfkrzgoeb7/UHG2M0pGr6EmJntjPaIAwblvJObyjlI apUvhvkcn7+juLvWrhyzDgJFg3QlZ+Mu+HABmFnzG6pHcfQF1CGPhAmIFAXfXDnR m8Ff -----END CERTIFICATE-----Generated at Sat Aug 23 06:38:10 2025 by rpki-client