$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa File: e1567509-f31d-4739-a7a6-ed24530c598b.roa (raw, json) Hash identifier: BAWcqu84tuH4CYm2MD/an7LTWl5eLqOKYfzCvHurN/o= Subject key identifier: 12:45:55:D6:3F:0E:9D:B2:82:0A:3C:6E:31:CC:75:52:20:67:B0:9D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 643573975A7705E6293095CA8D4821255D861705 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa Signing time: Sat 16 Aug 2025 00:00:34 +0000 ROA not before: Sat 16 Aug 2025 00:00:34 +0000 ROA not after: Sat 20 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:35:73:97:5a:77:05:e6:29:30:95:ca:8d:48:21:25:5d:86:17:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 16 00:00:34 2025 GMT Not After : Sep 20 23:59:59 2025 GMT Subject: serialNumber=41a4187b6829bfbb4c183ac46c324e3a747b03eb58adfc8fac8b328208ea8c47, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:23:4f:7d:08:b6:2a:2f:a8:32:21:36:f3:de: 24:95:fa:15:26:52:4b:eb:f4:92:32:83:14:0f:21: da:ae:c7:62:3d:ea:66:58:de:78:ce:b0:d6:d8:20: 45:50:45:c2:05:cf:13:be:b4:e0:e3:d5:fd:35:1a: 0b:c7:82:43:51:c0:cd:fb:b2:fa:b4:c6:6c:92:2c: 98:b9:bd:db:f5:fd:a5:fc:e4:cb:7c:01:fc:8f:fa: 85:9c:2d:20:fd:1d:38:fc:9a:f7:4d:14:ea:2c:a6: d6:ee:36:c7:aa:d7:17:21:af:45:b7:d3:74:b7:d5: 77:45:44:2d:2f:08:58:02:51:22:3d:df:59:f1:48: 4d:51:84:f4:da:89:33:6e:c0:df:35:83:d6:f1:40: 4b:f9:06:7a:19:03:8e:e2:26:61:d7:d1:a7:12:76: ff:f7:f3:a5:a2:ae:c3:ee:b2:f3:d9:b6:29:45:b8: ed:4b:b2:19:c4:cb:dc:c1:18:87:7b:3f:c4:d5:a4: 25:c2:12:c1:23:a2:dd:43:2f:6c:9a:a8:36:1b:46: 94:91:0c:71:35:00:97:6d:14:f5:7a:b9:9a:8d:a9: 08:59:ad:54:eb:81:aa:4f:0e:a3:88:d1:85:3b:86: 9a:92:53:b9:a7:31:88:b5:27:cd:83:e0:5f:43:e8: 47:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:45:55:D6:3F:0E:9D:B2:82:0A:3C:6E:31:CC:75:52:20:67:B0:9D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1567509-f31d-4739-a7a6-ed24530c598b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:c000::/40 Signature Algorithm: sha256WithRSAEncryption 72:ba:bf:ae:fe:58:5a:0c:6d:96:3b:af:43:50:77:b8:63:cf: b8:60:16:4d:0e:e7:08:30:b8:7d:b9:87:33:87:87:94:78:48: 6f:06:1e:c4:54:e0:73:5a:e8:fa:d4:d2:dd:8d:76:6a:18:1d: 28:a7:73:00:87:a2:86:a6:20:7c:c4:19:81:be:7f:b5:80:13: f4:2a:66:c8:2b:9c:7e:ae:be:e1:af:df:2e:ec:a0:b5:a8:f4: 4f:19:78:f7:e5:74:3c:61:41:2f:30:dc:81:da:93:c0:2a:94: 6d:e2:3f:ff:cf:29:20:b0:28:8f:b8:38:41:13:99:5d:9a:a2: 82:d2:36:42:3e:23:ee:c2:e3:c1:3e:6d:ce:68:ab:82:91:2f: d0:b6:56:7f:48:ba:f0:6a:44:85:06:f4:9f:70:38:31:ba:cd: 84:a3:46:32:71:4d:83:08:0a:0e:8d:45:a1:ed:57:58:b0:5d: 15:e7:ff:aa:71:47:e4:0f:bc:4e:36:87:95:4e:49:ae:c4:82: 81:99:5b:c9:d5:eb:10:af:b6:6f:2a:8d:00:50:85:7f:99:15: 28:ee:f7:5b:1b:77:64:3a:58:09:b5:dd:81:5b:03:72:62:17: 73:68:3a:e7:9a:19:b5:86:b8:8c:0b:ac:63:36:8b:89:a2:b7: da:9d:fb:70 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZDVzl1p3BeYpMJXKjUghJV2GFwUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxNjAwMDAzNFoX DTI1MDkyMDIzNTk1OVowejFJMEcGA1UEBRNANDFhNDE4N2I2ODI5YmZiYjRjMTgz YWM0NmMzMjRlM2E3NDdiMDNlYjU4YWRmYzhmYWM4YjMyODIwOGVhOGM0NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiNPfQi2Ki+oMiE2894klfoVJlJL 6/SSMoMUDyHarsdiPepmWN54zrDW2CBFUEXCBc8TvrTg49X9NRoLx4JDUcDN+7L6 tMZskiyYub3b9f2l/OTLfAH8j/qFnC0g/R04/Jr3TRTqLKbW7jbHqtcXIa9Ft9N0 t9V3RUQtLwhYAlEiPd9Z8UhNUYT02okzbsDfNYPW8UBL+QZ6GQOO4iZh19GnEnb/ 9/Oloq7D7rLz2bYpRbjtS7IZxMvcwRiHez/E1aQlwhLBI6LdQy9smqg2G0aUkQxx NQCXbRT1ermajakIWa1U64GqTw6jiNGFO4aaklO5pzGItSfNg+BfQ+hHEQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBJFVdY/Dp2yggo8bjHMdVIgZ7CdMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UxNTY3NTA5LWYzMWQtNDczOS1hN2E2LWVkMjQ1MzBjNTk4Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9cAwDQYJKoZIhvcNAQELBQADggEBAHK6v67+WFoMbZY7r0NQ d7hjz7hgFk0O5wgwuH25hzOHh5R4SG8GHsRU4HNa6PrU0t2NdmoYHSincwCHooam IHzEGYG+f7WAE/QqZsgrnH6uvuGv3y7soLWo9E8ZePfldDxhQS8w3IHak8AqlG3i P//PKSCwKI+4OEETmV2aooLSNkI+I+7C48E+bc5oq4KRL9C2Vn9IuvBqRIUG9J9w ODG6zYSjRjJxTYMICg6NRaHtV1iwXRXn/6pxR+QPvE42h5VOSa7EgoGZW8nV6xCv tm8qjQBQhX+ZFSju91sbd2Q6WAm13YFbA3JiF3NoOueaGbWGuIwLrGM2i4mit9qd +3A= -----END CERTIFICATE-----Generated at Sat Aug 23 08:07:23 2025 by rpki-client