$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d8ebfb4d-f771-4efb-821c-cd11d5a24a47.roa File: d8ebfb4d-f771-4efb-821c-cd11d5a24a47.roa (raw, json) Hash identifier: 2CMGJ/e75VqNp2CtOkf23CQe6y05Q6M4znMAidmpbW4= Subject key identifier: 2D:69:D5:A0:F7:EF:57:23:9F:26:88:0D:AB:13:59:C4:97:29:7C:32 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3DF8B93167C2FF9DD700942362B12DD6DC66C081 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d8ebfb4d-f771-4efb-821c-cd11d5a24a47.roa Signing time: Fri 22 Aug 2025 00:00:56 +0000 ROA not before: Fri 22 Aug 2025 00:00:56 +0000 ROA not after: Fri 26 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:c080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:f8:b9:31:67:c2:ff:9d:d7:00:94:23:62:b1:2d:d6:dc:66:c0:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 22 00:00:56 2025 GMT Not After : Sep 26 23:59:59 2025 GMT Subject: serialNumber=4756e37bdffc1f683acc42c9ed4fd4f36665ea62053db012587173f0e00347e5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:76:90:14:af:c3:59:02:ba:06:01:46:27:a9: d2:a4:50:d4:ca:8a:7a:d7:06:be:51:bf:07:1a:bb: 32:a9:bd:79:80:ed:a5:20:0f:aa:1d:8a:a6:ee:2a: 3d:22:f3:70:f7:23:24:5f:1a:34:6e:aa:55:df:8a: eb:a6:5c:9c:a3:e2:bf:ea:ba:53:ac:19:9a:56:4f: fd:7a:b5:6b:12:57:87:ed:d4:8e:92:3d:b7:46:32: 2c:7e:e3:a8:31:51:72:70:c2:50:dc:fe:80:a9:0b: 0c:91:a3:13:45:7c:fc:2b:a5:b4:d3:39:ca:e4:69: be:61:f7:ac:8c:ed:41:dd:cb:da:77:79:70:02:0f: 46:07:44:97:21:7d:f5:c4:4a:95:4d:a2:5b:c1:14: d2:c2:5e:f2:1c:07:cc:4e:21:bd:1e:39:08:1a:86: 48:b3:78:86:11:e1:d5:b0:75:70:ce:4f:d3:49:96: 76:ec:dc:26:de:40:da:f4:a9:16:bd:7b:bb:bb:6a: 32:41:19:34:8d:fc:92:f7:f2:f7:df:f6:2a:9a:3c: 18:90:6f:b8:7b:ff:d6:f6:7a:b7:49:9a:05:5a:e7: 88:6a:e7:3a:88:e2:6e:6c:61:df:ac:d8:ae:94:97: 59:c5:8c:14:14:16:60:f2:02:8d:6f:ba:60:1b:1a: b9:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:69:D5:A0:F7:EF:57:23:9F:26:88:0D:AB:13:59:C4:97:29:7C:32 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d8ebfb4d-f771-4efb-821c-cd11d5a24a47.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:c080::/48 Signature Algorithm: sha256WithRSAEncryption 26:01:0b:10:bb:25:35:30:35:4a:1e:95:5d:d9:3b:1a:e8:58: 52:16:e1:a0:2c:78:e0:92:87:ad:33:50:e7:4a:90:8b:82:22: f3:4a:ef:9a:42:2b:cf:97:d0:79:ef:c7:37:30:3b:72:c0:26: 5e:62:a3:61:49:b1:45:4c:6f:9f:98:09:9a:a2:9c:5e:2f:11: 1d:03:c5:ff:b3:c8:d1:c3:21:be:b1:c4:08:30:92:d1:17:a3: e6:44:c2:7f:e4:25:f7:f1:1b:ce:9e:fc:82:3e:e9:37:2a:02: 91:14:be:1d:de:8b:21:a5:66:ae:20:ec:56:6c:d3:e7:98:d5: a2:bf:89:05:de:b2:28:49:73:d4:59:9a:db:05:63:3b:55:06: 09:2c:b6:a8:3a:ab:52:de:d4:ab:ba:c5:29:ee:3c:39:4c:f3: c4:3b:ee:8a:3e:d8:23:d5:20:08:80:42:24:1d:ab:5e:80:b5: 8c:7a:6a:ce:6b:30:cd:92:7a:f4:d2:33:7d:fb:54:db:08:d7: 25:a0:eb:4f:1b:f6:87:2c:f1:0d:87:b5:f5:46:e5:75:d2:7d: a2:37:53:ee:56:48:70:b0:64:bf:2a:ec:97:ea:4d:6e:12:ad: be:4a:38:ca:d7:60:2a:5c:ae:67:52:e8:6d:4f:21:64:bc:ab: a8:a1:f4:66 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUPfi5MWfC/53XAJQjYrEt1txmwIEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMjAwMDA1NloX DTI1MDkyNjIzNTk1OVowejFJMEcGA1UEBRNANDc1NmUzN2JkZmZjMWY2ODNhY2M0 MmM5ZWQ0ZmQ0ZjM2NjY1ZWE2MjA1M2RiMDEyNTg3MTczZjBlMDAzNDdlNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnaQFK/DWQK6BgFGJ6nSpFDUyop6 1wa+Ub8HGrsyqb15gO2lIA+qHYqm7io9IvNw9yMkXxo0bqpV34rrplyco+K/6rpT rBmaVk/9erVrEleH7dSOkj23RjIsfuOoMVFycMJQ3P6AqQsMkaMTRXz8K6W00znK 5Gm+YfesjO1B3cvad3lwAg9GB0SXIX31xEqVTaJbwRTSwl7yHAfMTiG9HjkIGoZI s3iGEeHVsHVwzk/TSZZ27Nwm3kDa9KkWvXu7u2oyQRk0jfyS9/L33/YqmjwYkG+4 e//W9nq3SZoFWueIauc6iOJubGHfrNiulJdZxYwUFBZg8gKNb7pgGxq5jwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFC1p1aD371cjnyaIDasTWcSXKXwyMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q4ZWJmYjRkLWY3NzEtNGVmYi04MjFjLWNkMTFkNWEyNGE0Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYcCAMA0GCSqGSIb3DQEBCwUAA4IBAQAmAQsQuyU1MDVKHpVd 2Tsa6FhSFuGgLHjgkoetM1DnSpCLgiLzSu+aQivPl9B578c3MDtywCZeYqNhSbFF TG+fmAmaopxeLxEdA8X/s8jRwyG+scQIMJLRF6PmRMJ/5CX38RvOnvyCPuk3KgKR FL4d3oshpWauIOxWbNPnmNWiv4kF3rIoSXPUWZrbBWM7VQYJLLaoOqtS3tSrusUp 7jw5TPPEO+6KPtgj1SAIgEIkHategLWMemrOazDNknr00jN9+1TbCNcloOtPG/aH LPENh7X1RuV10n2iN1PuVkhwsGS/KuyX6k1uEq2+SjjK12AqXK5nUuhtTyFkvKuo ofRm -----END CERTIFICATE-----Generated at Sat Aug 23 06:44:59 2025 by rpki-client