$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d6d439a9-d0b0-44a2-b326-95d1592e6156.roa File: d6d439a9-d0b0-44a2-b326-95d1592e6156.roa (raw, json) Hash identifier: A+aPvozC1W/3UGv3kT8WzYEp36X4d2odZ52Fxm8e5kw= Subject key identifier: 45:D8:D8:43:D5:3D:70:AA:E5:C6:1E:30:4F:A5:63:C9:24:48:20:04 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7B16BF405C9153E4B21B59E4FF0AF15041D5A069 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d6d439a9-d0b0-44a2-b326-95d1592e6156.roa Signing time: Tue 19 Aug 2025 00:01:05 +0000 ROA not before: Tue 19 Aug 2025 00:01:05 +0000 ROA not after: Tue 23 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:16:bf:40:5c:91:53:e4:b2:1b:59:e4:ff:0a:f1:50:41:d5:a0:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 19 00:01:05 2025 GMT Not After : Sep 23 23:59:59 2025 GMT Subject: serialNumber=9272e70cbf82ceb8b5613d48ab3919a962f3e06def98bd4d95ce736381490d59, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:4c:e6:61:bd:e8:81:8b:39:e6:75:08:55:da: 96:c3:ee:70:47:ea:83:9f:c1:da:ff:6d:ee:13:6a: 1d:ca:f4:90:16:4a:89:18:a5:19:1b:ae:d9:56:0d: 56:06:65:d1:98:21:73:46:33:fb:3c:ff:36:5a:cb: b7:5d:fe:fd:1d:0f:5f:fc:60:53:0a:d3:ad:ad:c6: d9:e2:74:08:f5:c1:75:0d:f4:22:e3:87:4b:c3:57: 02:6a:fc:30:ca:75:73:50:54:99:c5:83:68:87:97: 4d:93:8f:3d:f3:b8:f2:19:c8:fe:7f:f7:17:cd:69: 52:47:82:40:38:7b:84:49:6f:03:4e:6a:bc:28:66: d2:97:29:91:1b:36:54:a1:2f:b9:0d:8d:a1:af:c4: 77:dd:4b:ca:46:8b:40:ac:15:30:ab:44:61:8b:a5: f9:ec:6d:6d:fb:b7:14:4c:68:45:6f:7a:47:a8:e3: e6:61:17:b0:88:86:8f:c1:3a:d7:9a:ab:91:04:be: 0d:46:f4:d2:34:47:54:43:fd:78:82:e3:08:6a:66: d1:7c:3e:11:c5:4c:68:7a:39:a5:df:d3:31:d6:8a: c1:2e:95:7d:d3:7a:14:17:2b:b0:22:f4:0d:8b:d8: c0:e1:a7:86:c3:01:87:2e:1e:28:3e:8a:38:b3:a0: 15:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:D8:D8:43:D5:3D:70:AA:E5:C6:1E:30:4F:A5:63:C9:24:48:20:04 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d6d439a9-d0b0-44a2-b326-95d1592e6156.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:e000::/40 Signature Algorithm: sha256WithRSAEncryption 25:70:3e:52:62:33:de:a3:00:4a:65:3a:77:49:b0:9e:11:71: 36:39:6b:84:76:4e:42:3e:15:e9:07:58:55:05:de:7b:fa:72: 3a:36:96:0d:75:4a:ca:48:92:b6:3d:fb:ee:57:f5:0b:bf:c9: 5a:17:7b:43:c3:da:de:01:25:c2:de:5d:31:ec:45:30:ac:a4: eb:30:4a:a1:38:08:a6:bc:12:eb:22:d2:12:4f:f7:96:34:47: 26:51:d7:fa:4a:70:76:dc:f5:04:c4:65:67:e3:51:9a:b4:7e: 4e:dd:65:fe:69:c6:b2:e8:49:59:1f:95:c0:58:57:7b:15:4c: ba:4f:45:ac:3d:36:0b:b0:68:b0:b0:41:7d:7f:f6:15:74:b5: 66:a3:b5:1f:62:36:5d:31:89:18:02:bc:2a:e8:d1:28:58:a7: 0d:3d:0d:d4:43:a4:26:3a:5e:67:27:00:67:53:33:90:e6:d9: d4:50:e4:db:df:13:22:5b:9b:db:77:b2:7f:6e:24:fc:eb:b3: 05:74:c1:58:58:d4:e2:dd:42:a7:8b:ea:53:9c:f4:5f:d5:43: 88:ae:4c:94:03:9d:78:16:1c:01:29:de:8f:4e:15:27:78:51: 98:a3:29:ae:18:52:db:52:c9:d9:fa:57:4f:28:1d:04:59:7c: 4d:a8:cd:41 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUexa/QFyRU+SyG1nk/wrxUEHVoGkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxOTAwMDEwNVoX DTI1MDkyMzIzNTk1OVowejFJMEcGA1UEBRNAOTI3MmU3MGNiZjgyY2ViOGI1NjEz ZDQ4YWIzOTE5YTk2MmYzZTA2ZGVmOThiZDRkOTVjZTczNjM4MTQ5MGQ1OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEzmYb3ogYs55nUIVdqWw+5wR+qD n8Ha/23uE2odyvSQFkqJGKUZG67ZVg1WBmXRmCFzRjP7PP82Wsu3Xf79HQ9f/GBT CtOtrcbZ4nQI9cF1DfQi44dLw1cCavwwynVzUFSZxYNoh5dNk48987jyGcj+f/cX zWlSR4JAOHuESW8DTmq8KGbSlymRGzZUoS+5DY2hr8R33UvKRotArBUwq0Rhi6X5 7G1t+7cUTGhFb3pHqOPmYRewiIaPwTrXmquRBL4NRvTSNEdUQ/14guMIambRfD4R xUxoejml39Mx1orBLpV903oUFyuwIvQNi9jA4aeGwwGHLh4oPoo4s6AVdQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEXY2EPVPXCq5cYeME+lY8kkSCAEMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q2ZDQzOWE5LWQwYjAtNDRhMi1iMzI2LTk1ZDE1OTJlNjE1Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYOAwDQYJKoZIhvcNAQELBQADggEBACVwPlJiM96jAEplOndJ sJ4RcTY5a4R2TkI+FekHWFUF3nv6cjo2lg11SspIkrY9++5X9Qu/yVoXe0PD2t4B JcLeXTHsRTCspOswSqE4CKa8Eusi0hJP95Y0RyZR1/pKcHbc9QTEZWfjUZq0fk7d Zf5pxrLoSVkflcBYV3sVTLpPRaw9NguwaLCwQX1/9hV0tWajtR9iNl0xiRgCvCro 0ShYpw09DdRDpCY6XmcnAGdTM5Dm2dRQ5NvfEyJbm9t3sn9uJPzrswV0wVhY1OLd QqeL6lOc9F/VQ4iuTJQDnXgWHAEp3o9OFSd4UZijKa4YUttSydn6V08oHQRZfE2o zUE= -----END CERTIFICATE-----Generated at Sat Aug 23 08:11:14 2025 by rpki-client