$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa File: d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa (raw, json) Hash identifier: xIbSnVLrZ0xBaSAXSLtvDw8ti5YmI2Y51anV5vWe3AI= Subject key identifier: FD:CE:DA:52:56:0D:1B:27:1E:F0:A0:12:99:0C:A2:B1:33:E1:4F:7B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4759A399ABB14EF3462733E14E36067CDCB95519 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa Signing time: Sat 23 Aug 2025 00:41:15 +0000 ROA not before: Sat 23 Aug 2025 00:41:15 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:59:a3:99:ab:b1:4e:f3:46:27:33:e1:4e:36:06:7c:dc:b9:55:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:41:15 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=271f6d84420e1aa34935d6a171dc08cb7004afbc77ab3e2fb1f9eb46bf62673a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:1b:79:8e:d4:e1:60:fb:f3:7f:b8:11:c0:f3: 85:5d:52:9f:62:0b:7a:f1:bf:cb:c7:e2:f7:91:0d: f8:23:f5:a7:6b:34:9e:82:92:68:54:5f:09:51:b2: bf:66:f3:9f:9a:ad:a5:90:29:e6:41:e4:f5:be:c0: de:31:a6:8d:41:8d:8c:5d:25:fd:4e:9e:ea:c5:e7: 61:c9:49:b0:b0:4d:70:f4:4e:97:43:4b:f4:38:7b: 30:1a:44:20:86:60:f7:5a:3d:8a:65:ff:2f:0e:31: 9d:03:cd:6c:a3:17:07:4d:78:c5:56:5a:6b:c7:de: 1a:e9:08:d7:c1:8e:a6:31:58:e3:fe:9d:84:4e:16: e3:08:61:aa:b7:0a:78:4e:1a:25:23:d0:71:ae:b7: 57:ee:05:24:c6:be:1d:15:bb:de:4c:e5:46:fd:0e: 5c:4b:da:21:41:73:2b:28:a0:fa:9c:9d:de:a2:aa: 27:8e:0b:66:d9:57:db:1b:b8:8d:60:e4:7a:25:4e: 6f:49:2b:bb:cf:bd:6f:af:67:b3:0a:2d:89:14:1a: f6:4f:47:6c:49:e7:d0:86:66:fb:96:1e:55:3a:63: 01:41:fe:ae:7c:e8:3b:54:15:6a:6a:47:02:7c:b2: e3:e0:95:4e:54:e6:c2:ea:02:76:7e:67:34:fc:65: 25:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:CE:DA:52:56:0D:1B:27:1E:F0:A0:12:99:0C:A2:B1:33:E1:4F:7B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:4000::/40 Signature Algorithm: sha256WithRSAEncryption 27:a3:b0:c8:f0:a4:a4:b6:50:0d:0d:c3:f0:07:e1:d2:40:bd: 74:43:23:e3:c8:7e:72:23:02:47:83:9c:af:ac:76:60:a4:1e: d1:a1:66:33:2c:e5:ca:84:6b:2f:10:ed:66:a6:a7:9d:a7:58: 7c:cb:f8:a1:a1:41:e6:42:a7:96:7c:9e:18:c4:73:31:ff:76: 51:3e:91:6a:7d:e0:3c:ac:8e:ec:18:6d:58:94:0f:1d:4e:54: 3c:6a:8e:1c:70:25:b4:4f:3f:1a:37:e1:6c:39:78:97:5a:fc: f4:2c:6e:f5:66:b9:ed:a6:b2:88:7c:0a:96:6b:a9:ad:54:3b: c8:cd:27:31:46:8f:d4:1f:81:46:0b:e2:10:32:5c:19:c7:52: 58:87:64:2e:9b:36:c9:08:30:06:5b:95:14:8d:5e:ad:f0:5b: 21:dc:83:0b:e4:99:c6:21:90:3d:df:ef:f1:7b:e1:44:70:5f: eb:46:c1:16:af:f1:5f:14:e6:cf:94:73:e9:31:46:1b:b1:ae: 4e:5c:0e:f5:e1:ec:ec:23:77:fd:16:7f:3e:88:cd:16:0b:44: 22:49:61:7a:d9:9a:d3:1b:51:98:ba:41:77:84:67:71:5b:1e: 12:6e:bb:95:96:d8:ba:46:ab:26:46:3f:18:e7:15:85:21:6a: 36:8e:a9:8d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUR1mjmauxTvNGJzPhTjYGfNy5VRkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwNDExNVoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAMjcxZjZkODQ0MjBlMWFhMzQ5MzVk NmExNzFkYzA4Y2I3MDA0YWZiYzc3YWIzZTJmYjFmOWViNDZiZjYyNjczYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Rt5jtThYPvzf7gRwPOFXVKfYgt6 8b/Lx+L3kQ34I/WnazSegpJoVF8JUbK/ZvOfmq2lkCnmQeT1vsDeMaaNQY2MXSX9 Tp7qxedhyUmwsE1w9E6XQ0v0OHswGkQghmD3Wj2KZf8vDjGdA81soxcHTXjFVlpr x94a6QjXwY6mMVjj/p2EThbjCGGqtwp4TholI9BxrrdX7gUkxr4dFbveTOVG/Q5c S9ohQXMrKKD6nJ3eoqonjgtm2VfbG7iNYOR6JU5vSSu7z71vr2ezCi2JFBr2T0ds SefQhmb7lh5VOmMBQf6ufOg7VBVqakcCfLLj4JVOVObC6gJ2fmc0/GUlQQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFP3O2lJWDRsnHvCgEpkMorEz4U97MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QzYmFlNzkwLTAxZDctNGI2ZS1hMGYwLTkzMDViY2JkNGEzNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAEAwDQYJKoZIhvcNAQELBQADggEBACejsMjwpKS2UA0Nw/AH 4dJAvXRDI+PIfnIjAkeDnK+sdmCkHtGhZjMs5cqEay8Q7Wamp52nWHzL+KGhQeZC p5Z8nhjEczH/dlE+kWp94DysjuwYbViUDx1OVDxqjhxwJbRPPxo34Ww5eJda/PQs bvVmue2msoh8CpZrqa1UO8jNJzFGj9QfgUYL4hAyXBnHUliHZC6bNskIMAZblRSN Xq3wWyHcgwvkmcYhkD3f7/F74URwX+tGwRav8V8U5s+Uc+kxRhuxrk5cDvXh7Owj d/0Wfz6IzRYLRCJJYXrZmtMbUZi6QXeEZ3FbHhJuu5WW2LpGqyZGPxjnFYUhajaO qY0= -----END CERTIFICATE-----Generated at Sat Aug 23 12:01:27 2025 by rpki-client