$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec8e23bf-c8d6-4a69-9151-124b795d815a.roa File: ec8e23bf-c8d6-4a69-9151-124b795d815a.roa (raw, json) Hash identifier: kQj8XaZvXgXX81H1eV1VNQZrupkxsjo+5X/gjIHuF74= Subject key identifier: D2:4F:81:76:50:AD:20:C8:C9:02:EC:C8:87:0C:8F:4A:A6:64:AE:39 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 28D2457DDB6BAFD646A518124A5EEED3A9C40C54 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec8e23bf-c8d6-4a69-9151-124b795d815a.roa Signing time: Sat 23 Aug 2025 00:31:08 +0000 ROA not before: Sat 23 Aug 2025 00:31:08 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:6040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:d2:45:7d:db:6b:af:d6:46:a5:18:12:4a:5e:ee:d3:a9:c4:0c:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:31:08 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=3c506c5d8ad55cd00e8d952f476b3cc86e554704b312c10d306eea55df75c85b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:12:f3:e5:30:b9:3d:85:ea:9e:77:35:a6:13: 14:be:c5:06:41:e0:d4:74:39:f9:1e:a8:b7:7a:65: 58:3c:8d:63:5e:46:3c:9b:1e:c3:75:4a:20:a7:a4: a8:41:6b:f3:9e:89:47:11:ae:26:ce:ca:c3:e1:c7: f8:f6:52:a3:d4:a2:ac:42:2f:3b:bd:c5:03:5a:90: 8d:b7:0d:28:13:c1:1a:8f:21:03:19:05:94:2e:e0: 28:45:77:fe:26:3b:80:8a:2f:75:5c:e5:3b:39:15: 94:98:9c:16:36:64:a3:ee:43:90:62:06:e9:67:54: e3:80:23:3e:a4:fa:ac:18:c9:bb:e5:01:32:98:11: 93:64:63:b3:ef:89:a6:b4:c9:07:68:24:1a:e8:43: 64:2f:0c:f3:f0:8a:31:17:e9:74:d4:19:0c:b5:08: 08:4c:97:4a:de:bf:0f:99:c3:a0:49:bc:4e:78:14: 0c:05:83:6f:0d:42:7b:29:a9:e6:78:f4:5b:84:ef: 6e:33:f9:84:20:17:60:00:a5:ea:2c:30:6a:0c:cf: b6:a8:fa:26:d4:4e:5b:e2:f0:be:5b:d3:21:32:00: 0c:1b:78:4a:ea:eb:13:76:79:a7:91:83:7a:7b:da: 45:be:64:a8:d5:4e:d8:9c:9e:1d:ab:c4:10:0c:3d: 02:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:4F:81:76:50:AD:20:C8:C9:02:EC:C8:87:0C:8F:4A:A6:64:AE:39 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec8e23bf-c8d6-4a69-9151-124b795d815a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:6040::/48 Signature Algorithm: sha256WithRSAEncryption 2e:f7:a1:b9:87:6d:2b:49:05:d1:78:40:92:76:7b:24:34:67: 5c:db:6d:a0:8d:83:af:94:f1:c2:ac:91:b9:58:89:ee:b5:df: 52:b2:bf:f9:78:f9:bf:cd:55:d9:fe:a1:5a:fc:ff:10:a5:d6: 92:2d:a7:19:5f:2a:3b:9c:f2:7f:16:ae:7d:ff:79:c4:f3:5d: 14:12:0e:f9:cf:49:6e:1a:8e:54:37:c5:a2:e1:5b:3a:a1:f1: 43:b2:d5:47:72:e4:54:ee:09:27:b0:e9:4a:0a:a0:a3:05:33: ec:1e:11:90:b6:44:09:73:25:22:a2:d5:59:0e:a9:c8:0c:63: 85:06:7e:01:41:2d:b3:86:e2:35:07:8f:a5:9a:7a:e1:bd:88: c1:70:11:96:12:a2:bc:e4:5f:47:dc:dd:0b:27:44:78:27:5e: f8:99:48:c7:f3:8c:5f:7e:e8:76:cc:ad:90:fb:d1:f0:0d:38: fe:fa:5f:0a:df:4c:00:57:72:39:bc:a2:b0:f5:17:8a:f4:51: e6:fe:6a:b1:af:a5:a7:3b:0d:5b:80:05:20:19:86:98:6a:0f: f6:3b:a0:82:bc:7e:16:7a:34:17:c4:93:be:cb:f6:61:1b:e5: 4e:34:a5:66:48:29:fc:59:0b:07:57:f2:71:89:9f:92:93:9a: 97:71:e3:00 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUKNJFfdtrr9ZGpRgSSl7u06nEDFQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMzEwOFoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAM2M1MDZjNWQ4YWQ1NWNkMDBlOGQ5 NTJmNDc2YjNjYzg2ZTU1NDcwNGIzMTJjMTBkMzA2ZWVhNTVkZjc1Yzg1YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BLz5TC5PYXqnnc1phMUvsUGQeDU dDn5Hqi3emVYPI1jXkY8mx7DdUogp6SoQWvznolHEa4mzsrD4cf49lKj1KKsQi87 vcUDWpCNtw0oE8EajyEDGQWULuAoRXf+JjuAii91XOU7ORWUmJwWNmSj7kOQYgbp Z1TjgCM+pPqsGMm75QEymBGTZGOz74mmtMkHaCQa6ENkLwzz8IoxF+l01BkMtQgI TJdK3r8PmcOgSbxOeBQMBYNvDUJ7KanmePRbhO9uM/mEIBdgAKXqLDBqDM+2qPom 1E5b4vC+W9MhMgAMG3hK6usTdnmnkYN6e9pFvmSo1U7YnJ4dq8QQDD0CVwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNJPgXZQrSDIyQLsyIcMj0qmZK45MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VjOGUyM2JmLWM4ZDYtNGE2OS05MTUxLTEyNGI3OTVkODE1YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAGBAMA0GCSqGSIb3DQEBCwUAA4IBAQAu96G5h20rSQXReECS dnskNGdc222gjYOvlPHCrJG5WInutd9Ssr/5ePm/zVXZ/qFa/P8QpdaSLacZXyo7 nPJ/Fq59/3nE810UEg75z0luGo5UN8Wi4Vs6ofFDstVHcuRU7gknsOlKCqCjBTPs HhGQtkQJcyUiotVZDqnIDGOFBn4BQS2zhuI1B4+lmnrhvYjBcBGWEqK85F9H3N0L J0R4J174mUjH84xffuh2zK2Q+9HwDTj++l8K30wAV3I5vKKw9ReK9FHm/mqxr6Wn Ow1bgAUgGYaYag/2O6CCvH4WejQXxJO+y/ZhG+VONKVmSCn8WQsHV/JxiZ+Sk5qX ceMA -----END CERTIFICATE-----Generated at Sat Aug 23 08:07:17 2025 by rpki-client