$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/da917d8a-5f87-4b60-9a74-a3a380e8de88.roa File: da917d8a-5f87-4b60-9a74-a3a380e8de88.roa (raw, json) Hash identifier: 1DFqbzQhN3U60MgiWY0U9Kg12wQZQeExuqq2+rntaF0= Subject key identifier: BD:F8:18:8B:EF:3C:57:12:ED:1B:AF:57:6C:2D:7C:0D:93:B9:9D:58 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7D3AFBC14322B7574463F5BA2AD1121FED4A0836 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/da917d8a-5f87-4b60-9a74-a3a380e8de88.roa Signing time: Sat 23 Aug 2025 00:10:13 +0000 ROA not before: Sat 23 Aug 2025 00:10:13 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:c020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:3a:fb:c1:43:22:b7:57:44:63:f5:ba:2a:d1:12:1f:ed:4a:08:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:10:13 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=5d27186b13b575b9d001f3e3c1e3fcec198c66339427477272609da73f1d1ddf, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:e7:7d:2f:f1:5d:ee:1e:71:d5:55:c7:44:8e: f2:46:f1:38:f7:46:23:3b:6c:18:70:8e:66:13:03: e3:9d:13:b9:ed:e6:b7:ff:81:d1:a4:b4:36:d5:af: 4e:98:7e:13:c6:0d:47:0e:88:03:35:fe:ae:14:88: 10:d1:a8:79:96:c5:1f:70:ea:6b:98:b9:57:2e:54: f4:dd:16:88:9f:98:cc:d6:9a:0a:90:6f:d8:5f:22: bc:61:39:aa:36:1b:e1:17:de:8f:4d:d7:be:68:20: 40:16:44:97:8a:fc:e4:0e:2e:f6:6a:71:f8:68:5f: c9:65:58:d1:6f:bf:d6:ee:39:9d:50:8f:1d:cb:0a: c5:5c:b6:1a:27:3e:5b:36:75:43:58:c6:89:ea:e5: 10:9f:2d:8b:75:39:3c:17:2b:b8:79:bf:7d:93:5d: 5b:cd:67:bc:1e:eb:47:de:f2:1d:13:ba:6c:28:63: 87:1c:1e:d8:fb:7e:e5:57:1e:25:92:6b:b2:b9:9c: 89:ab:bc:99:79:e2:23:5d:c2:79:ec:ca:f8:a7:70: e5:25:15:26:c1:dd:75:be:e2:7a:fc:44:0c:0a:af: c5:eb:e4:ee:0a:67:a2:a3:94:38:1c:3b:ec:00:35: 6e:90:fb:32:25:a5:be:a6:ea:06:b2:d5:c4:04:94: ed:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:F8:18:8B:EF:3C:57:12:ED:1B:AF:57:6C:2D:7C:0D:93:B9:9D:58 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/da917d8a-5f87-4b60-9a74-a3a380e8de88.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:c020::/48 Signature Algorithm: sha256WithRSAEncryption 41:7b:81:cb:01:2a:68:f1:59:70:19:a4:d9:d9:cc:48:3b:c1: d5:e4:82:28:43:b2:21:41:ee:42:55:b0:e3:4d:54:3f:8d:b5: d8:2f:e5:2c:7c:17:5f:6c:3d:a8:9c:39:34:35:a3:39:32:92: 51:3a:bc:c5:d0:eb:0c:75:03:6f:05:e8:23:67:70:4e:c0:a3: 92:b4:50:af:dd:e8:d0:a9:8f:3c:06:f0:16:99:39:5d:19:81: 8c:8d:17:82:ca:c3:f2:17:c1:67:2b:66:26:83:f7:5d:41:3a: dd:ef:19:5d:69:61:95:f8:a9:7c:10:06:7d:6b:6d:91:64:57: 2c:c0:1b:35:e7:d3:fd:30:7d:da:a0:54:4f:f3:ee:5a:fd:2a: 1a:77:6d:cf:91:61:55:2a:aa:2c:4f:ab:5b:54:d3:16:8a:c3: e7:32:84:9f:e2:b4:22:33:bb:0e:32:ad:5e:c1:b2:a1:33:e5: f8:18:f4:5a:b4:ca:e4:4c:9e:6f:f6:82:c8:1e:dc:ea:87:c9: 50:f7:07:1a:1e:f8:c8:4a:58:a5:3f:d1:97:d5:77:56:2b:06: ef:cf:7c:ba:ab:c4:f5:d0:76:6f:b5:db:41:cd:d1:03:93:d4: 75:a2:c2:e3:68:cd:67:aa:d5:ca:fe:a8:92:6b:01:46:b2:35: 06:13:22:32 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUfTr7wUMit1dEY/W6KtESH+1KCDYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMTAxM1oX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNANWQyNzE4NmIxM2I1NzViOWQwMDFm M2UzYzFlM2ZjZWMxOThjNjYzMzk0Mjc0NzcyNzI2MDlkYTczZjFkMWRkZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+d9L/Fd7h5x1VXHRI7yRvE490Yj O2wYcI5mEwPjnRO57ea3/4HRpLQ21a9OmH4Txg1HDogDNf6uFIgQ0ah5lsUfcOpr mLlXLlT03RaIn5jM1poKkG/YXyK8YTmqNhvhF96PTde+aCBAFkSXivzkDi72anH4 aF/JZVjRb7/W7jmdUI8dywrFXLYaJz5bNnVDWMaJ6uUQny2LdTk8Fyu4eb99k11b zWe8HutH3vIdE7psKGOHHB7Y+37lVx4lkmuyuZyJq7yZeeIjXcJ57Mr4p3DlJRUm wd11vuJ6/EQMCq/F6+TuCmeio5Q4HDvsADVukPsyJaW+puoGstXEBJTtdwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFL34GIvvPFcS7RuvV2wtfA2TuZ1YMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RhOTE3ZDhhLTVmODctNGI2MC05YTc0LWEzYTM4MGU4ZGU4OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/8AgMA0GCSqGSIb3DQEBCwUAA4IBAQBBe4HLASpo8VlwGaTZ 2cxIO8HV5IIoQ7IhQe5CVbDjTVQ/jbXYL+UsfBdfbD2onDk0NaM5MpJROrzF0OsM dQNvBegjZ3BOwKOStFCv3ejQqY88BvAWmTldGYGMjReCysPyF8FnK2Ymg/ddQTrd 7xldaWGV+Kl8EAZ9a22RZFcswBs159P9MH3aoFRP8+5a/Soad23PkWFVKqosT6tb VNMWisPnMoSf4rQiM7sOMq1ewbKhM+X4GPRatMrkTJ5v9oLIHtzqh8lQ9wcaHvjI SlilP9GX1XdWKwbvz3y6q8T10HZvtdtBzdEDk9R1osLjaM1nqtXK/qiSawFGsjUG EyIy -----END CERTIFICATE-----Generated at Sat Aug 23 08:16:10 2025 by rpki-client