$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/debc584f-82ae-4052-973f-96282869d7c9.roa File: debc584f-82ae-4052-973f-96282869d7c9.roa (raw, json) Hash identifier: pnD0UGqFWZqssRMOEvL/+Ar/yD6VH7zXrHHYI/yNiwg= Subject key identifier: 1D:B7:D5:44:6D:B3:44:6B:76:3E:84:49:7B:49:A0:32:A3:96:FE:13 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7FA244B1B2EA42CB641895C5E514FDEA8F1D1801 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/debc584f-82ae-4052-973f-96282869d7c9.roa Signing time: Sat 23 Aug 2025 00:11:34 +0000 ROA not before: Sat 23 Aug 2025 00:11:34 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:20c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:a2:44:b1:b2:ea:42:cb:64:18:95:c5:e5:14:fd:ea:8f:1d:18:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:11:34 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=6df86c3c0f6a141a424c9cc5b4f8b9f3bdb1322fefe58a56507f1427025c0d17, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:ed:49:0d:49:97:f8:78:80:d9:f7:9c:fe:84: 64:c7:a4:48:fe:42:f1:3e:49:79:45:a1:fc:7d:9e: 2b:00:61:44:f0:10:66:9d:43:06:1a:2e:90:ce:70: 3b:88:c7:9a:55:d5:21:86:22:4f:12:93:47:9e:d7: 46:8d:02:28:a1:9c:74:d5:7e:d4:5a:f5:3f:7c:20: 79:13:08:74:2b:85:41:67:87:bb:96:09:3b:b6:05: ec:08:1f:a8:b6:f1:70:17:b6:cf:33:a9:a7:9a:d7: 30:78:78:db:2b:c4:87:2a:e1:d9:8f:d7:a8:50:18: 74:bb:d8:19:b4:39:1f:09:97:6e:bd:fe:fc:83:e2: ed:67:39:fe:98:98:d4:15:d2:8e:27:89:9c:d3:63: 96:c3:7b:fc:1b:15:47:cf:08:51:04:75:3f:54:71: c6:10:fa:24:48:a6:68:93:e9:b0:79:56:47:6c:ff: 89:3c:16:65:d0:fe:7b:7b:f3:fb:6f:91:4e:65:ed: b3:6e:e3:b5:70:4e:23:41:94:5d:e4:9b:1d:a1:8a: 86:6d:d7:af:a8:64:4c:1a:36:d5:5e:08:39:e5:58: 27:e6:6b:5f:24:c5:9e:f9:1c:fa:1a:73:3d:07:7f: fb:35:31:60:46:0a:14:e1:3f:89:c7:18:d7:27:52: ea:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:B7:D5:44:6D:B3:44:6B:76:3E:84:49:7B:49:A0:32:A3:96:FE:13 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/debc584f-82ae-4052-973f-96282869d7c9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:20c0::/48 Signature Algorithm: sha256WithRSAEncryption 5e:67:8a:fc:8a:ba:db:0b:9d:9b:af:f9:e4:4e:09:ee:99:08: 44:c3:d8:c4:99:dd:6a:df:cb:fa:fa:77:0f:46:75:9b:d9:9a: 01:9d:b3:6f:d6:c9:08:ed:73:8f:e1:3f:d3:12:96:ca:08:30: 88:da:ed:66:eb:c2:eb:48:ce:5b:1e:0b:3a:86:f2:7d:fe:38: ee:f2:6b:50:e4:67:fe:2a:4a:fa:ae:c6:c0:26:82:85:92:a9: f3:6f:01:32:1a:47:2a:89:a3:39:1a:51:a2:03:f7:fc:7c:d7: d9:65:a1:7a:d1:53:66:b3:c7:30:8d:d9:77:05:f6:5c:92:b9: 8c:b8:49:8b:15:47:d5:c0:9d:09:bd:fb:44:ff:4c:85:a3:b8: f3:1e:c5:c1:6c:6e:86:37:71:ab:30:a0:ba:c2:bd:fc:27:c1: cf:e2:4c:ea:42:f2:c2:4e:89:93:d7:d8:fb:13:77:f2:42:0d: 17:2c:ae:27:1e:f8:ad:77:ae:56:45:48:00:b0:14:c2:a1:72: 8e:d0:08:e3:60:ea:c6:fc:81:e8:ae:0a:ca:0b:52:72:40:4e: 96:11:31:7b:d4:e3:03:bb:0d:69:f1:0a:30:2a:ad:36:d1:c2: b4:e9:a3:93:55:3d:c3:12:a7:36:34:2c:83:7d:22:8f:46:30: 49:67:fd:4e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUf6JEsbLqQstkGJXF5RT96o8dGAEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMTEzNFoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNANmRmODZjM2MwZjZhMTQxYTQyNGM5 Y2M1YjRmOGI5ZjNiZGIxMzIyZmVmZTU4YTU2NTA3ZjE0MjcwMjVjMGQxNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqe1JDUmX+HiA2fec/oRkx6RI/kLx Pkl5RaH8fZ4rAGFE8BBmnUMGGi6QznA7iMeaVdUhhiJPEpNHntdGjQIooZx01X7U WvU/fCB5Ewh0K4VBZ4e7lgk7tgXsCB+otvFwF7bPM6mnmtcweHjbK8SHKuHZj9eo UBh0u9gZtDkfCZduvf78g+LtZzn+mJjUFdKOJ4mc02OWw3v8GxVHzwhRBHU/VHHG EPokSKZok+mweVZHbP+JPBZl0P57e/P7b5FOZe2zbuO1cE4jQZRd5JsdoYqGbdev qGRMGjbVXgg55Vgn5mtfJMWe+Rz6GnM9B3/7NTFgRgoU4T+JxxjXJ1LqMQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFB231URts0Rrdj6ESXtJoDKjlv4TMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RlYmM1ODRmLTgyYWUtNDA1Mi05NzNmLTk2MjgyODY5ZDdjOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYSDAMA0GCSqGSIb3DQEBCwUAA4IBAQBeZ4r8irrbC52br/nk TgnumQhEw9jEmd1q38v6+ncPRnWb2ZoBnbNv1skI7XOP4T/TEpbKCDCI2u1m68Lr SM5bHgs6hvJ9/jju8mtQ5Gf+Kkr6rsbAJoKFkqnzbwEyGkcqiaM5GlGiA/f8fNfZ ZaF60VNms8cwjdl3BfZckrmMuEmLFUfVwJ0JvftE/0yFo7jzHsXBbG6GN3GrMKC6 wr38J8HP4kzqQvLCTomT19j7E3fyQg0XLK4nHvitd65WRUgAsBTCoXKO0AjjYOrG /IHorgrKC1JyQE6WETF71OMDuw1p8QowKq020cK06aOTVT3DEqc2NCyDfSKPRjBJ Z/1O -----END CERTIFICATE-----Generated at Sat Aug 23 06:47:49 2025 by rpki-client