$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0ae0175-f350-4493-ae35-4deb479e034e.roa File: e0ae0175-f350-4493-ae35-4deb479e034e.roa (raw, json) Hash identifier: JzgdLXVRBj6/l/sR9rmmu+RMc7geP0xvOTzJ9MxzWDA= Subject key identifier: D2:66:5A:90:0B:A6:7B:4A:48:B6:64:1B:DA:27:17:DA:F1:C5:57:7A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 701A45B4D7867707F1EA40B39663613638ED47F3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0ae0175-f350-4493-ae35-4deb479e034e.roa Signing time: Mon 11 Aug 2025 15:00:05 +0000 ROA not before: Mon 11 Aug 2025 15:00:05 +0000 ROA not after: Mon 15 Sep 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da24:8000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:1a:45:b4:d7:86:77:07:f1:ea:40:b3:96:63:61:36:38:ed:47:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 11 15:00:05 2025 GMT Not After : Sep 15 23:59:59 2025 GMT Subject: serialNumber=3257ce6f1d1adc1d80c3ab339702d570a59824bf7c6acbca3750e54a865c38ea, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:33:45:bb:c7:c5:d5:db:e1:13:70:78:d5:e4: 29:81:ff:b2:a0:7a:e2:87:8b:6e:b3:78:ae:36:21: 58:f2:b9:72:7a:57:ac:59:d2:fc:7b:20:ab:e5:fb: b2:88:86:5b:a3:82:0a:4c:2f:af:18:1a:5f:0f:f2: 63:8a:37:3b:0e:2a:d6:f8:07:6f:91:b8:28:ee:49: a2:9a:b4:5b:17:7f:6f:ce:bb:68:fd:6a:c9:53:f5: 3d:81:c6:58:d3:04:b5:bd:15:26:f0:25:2a:62:2f: 2e:de:94:2b:34:d4:ae:ef:0c:86:2d:d1:9c:33:a2: 31:10:d8:80:d0:74:56:b3:ac:d3:f9:22:7f:a9:82: e6:26:2f:68:bf:e8:cc:2f:c8:b3:30:64:f3:86:0d: 74:a7:42:7a:47:d6:b1:80:35:cc:a9:36:58:6d:5d: e7:e2:64:6d:2b:fb:71:59:fd:cd:b2:43:d2:9a:49: 42:1d:e1:be:a0:b5:db:00:ef:ee:16:a0:c3:f8:67: 35:42:2c:cc:f5:7e:28:d8:97:75:e3:fc:0a:eb:0f: f0:35:ee:71:1f:6a:40:aa:0e:00:74:87:b7:0a:ca: 9f:d5:82:b0:73:1b:1c:cf:71:f6:2a:7e:ec:70:3e: a5:f9:8b:03:c0:a2:c0:da:39:8f:bc:0c:58:3f:b2: de:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:66:5A:90:0B:A6:7B:4A:48:B6:64:1B:DA:27:17:DA:F1:C5:57:7A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0ae0175-f350-4493-ae35-4deb479e034e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da24:8000::/36 Signature Algorithm: sha256WithRSAEncryption 83:4a:6a:cd:10:94:62:50:94:9d:a5:b9:b9:eb:1f:8c:a3:24: b3:09:3b:c8:44:e3:1e:17:32:f3:13:78:4a:11:06:20:5e:a3: 55:e1:4b:56:4f:11:d5:be:f8:5e:1c:9e:30:47:64:bf:99:38: d8:78:09:c8:38:77:e7:d7:ee:0e:c2:e4:cd:97:9b:c7:51:49: a9:0a:bd:b2:fc:0c:5b:b2:ea:af:9d:32:4f:51:24:e0:7b:57: dd:7b:9d:43:e0:3c:a7:00:4d:7c:2e:e2:e3:de:7e:f6:72:c0: ac:21:80:2e:44:a7:63:7f:e6:a1:06:03:a4:92:74:90:83:cd: 2c:81:ce:cb:5d:13:9f:10:7f:c5:3c:9f:34:d2:b0:40:55:7c: ff:ac:3b:d2:fe:b2:2b:d7:cc:e9:37:0e:e4:8d:5a:d4:2b:fd: ab:91:2a:2a:6a:ea:5e:4f:13:af:2f:43:45:67:5e:41:1f:1d: 6a:d4:19:e8:6a:ca:3f:fa:16:af:8c:ea:8b:18:5f:2b:19:e6: b1:9d:7c:35:e0:e7:10:01:56:cb:27:43:4a:bf:e6:6c:e6:af: ec:ec:12:84:40:7c:67:11:53:17:c9:3e:4b:6e:51:3f:07:42: 9c:88:8f:46:d4:5f:74:75:4a:60:e3:34:f5:6a:f8:fa:e4:ad: 98:08:e3:e3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcBpFtNeGdwfx6kCzlmNhNjjtR/MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxMTE1MDAwNVoX DTI1MDkxNTIzNTk1OVowejFJMEcGA1UEBRNAMzI1N2NlNmYxZDFhZGMxZDgwYzNh YjMzOTcwMmQ1NzBhNTk4MjRiZjdjNmFjYmNhMzc1MGU1NGE4NjVjMzhlYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDNFu8fF1dvhE3B41eQpgf+yoHri h4tus3iuNiFY8rlyelesWdL8eyCr5fuyiIZbo4IKTC+vGBpfD/Jjijc7DirW+Adv kbgo7kmimrRbF39vzrto/WrJU/U9gcZY0wS1vRUm8CUqYi8u3pQrNNSu7wyGLdGc M6IxENiA0HRWs6zT+SJ/qYLmJi9ov+jML8izMGTzhg10p0J6R9axgDXMqTZYbV3n 4mRtK/txWf3NskPSmklCHeG+oLXbAO/uFqDD+Gc1QizM9X4o2Jd14/wK6w/wNe5x H2pAqg4AdIe3Csqf1YKwcxscz3H2Kn7scD6l+YsDwKLA2jmPvAxYP7LefwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNJmWpALpntKSLZkG9onF9rxxVd6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UwYWUwMTc1LWYzNTAtNDQ5My1hZTM1LTRkZWI0NzllMDM0ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaJIAwDQYJKoZIhvcNAQELBQADggEBAINKas0QlGJQlJ2lubnr H4yjJLMJO8hE4x4XMvMTeEoRBiBeo1XhS1ZPEdW++F4cnjBHZL+ZONh4Ccg4d+fX 7g7C5M2Xm8dRSakKvbL8DFuy6q+dMk9RJOB7V917nUPgPKcATXwu4uPefvZywKwh gC5Ep2N/5qEGA6SSdJCDzSyBzstdE58Qf8U8nzTSsEBVfP+sO9L+sivXzOk3DuSN WtQr/auRKipq6l5PE68vQ0VnXkEfHWrUGehqyj/6Fq+M6osYXysZ5rGdfDXg5xAB VssnQ0q/5mzmr+zsEoRAfGcRUxfJPktuUT8HQpyIj0bUX3R1SmDjNPVq+PrkrZgI 4+M= -----END CERTIFICATE-----Generated at Sat Aug 23 06:56:36 2025 by rpki-client