$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f00ce68a-58da-4964-ae28-394559757448.roa File: f00ce68a-58da-4964-ae28-394559757448.roa (raw, json) Hash identifier: DxmF1hBeS70aI3xPIEEyNa5yz0E3VAwEjw57gMZg188= Subject key identifier: 10:40:52:50:C2:D4:76:D2:DB:99:F4:92:18:B4:E5:3D:5A:6B:CE:C0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 693C83868972405B4041CCB3ACB1C4DF9BA07FA4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f00ce68a-58da-4964-ae28-394559757448.roa Signing time: Sat 23 Aug 2025 00:00:27 +0000 ROA not before: Sat 23 Aug 2025 00:00:27 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:28c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:3c:83:86:89:72:40:5b:40:41:cc:b3:ac:b1:c4:df:9b:a0:7f:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:00:27 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=885b79a05f5a7f8bf31d0ec767a5efca855f180e41f096a307ce4adec8277247, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:16:cc:a5:5d:29:2b:69:1e:99:96:1f:70:ff: 01:18:59:bf:97:f7:16:23:b7:3f:3e:df:21:05:1a: 9d:cd:75:7b:1c:ac:83:32:5b:af:ad:33:ba:80:e8: 62:13:f3:f6:60:5b:bf:da:9b:36:54:6b:91:f3:46: 93:9b:d6:4f:a9:83:e5:64:d2:60:91:a1:32:02:2f: 43:e1:3c:a7:01:16:84:c8:a4:40:e3:ac:b1:cf:64: be:66:70:5d:a0:88:27:62:ad:4c:60:91:d6:92:7f: 57:fa:29:c0:bf:c1:3c:5b:b0:87:56:f9:bf:f6:d0: 67:2d:dc:44:24:55:6b:11:1a:81:5f:96:d4:da:76: f8:29:70:c7:81:2f:2c:ca:65:7d:f0:8a:ef:bf:ad: d3:e9:56:bb:ac:10:46:0b:75:6e:3f:39:1a:c6:33: 26:0d:b8:dd:fb:2c:c6:ab:39:33:fc:52:5c:b8:2c: 99:b5:41:2d:7f:01:77:c3:5a:9e:35:a7:9d:4e:bc: f0:b0:92:53:f7:9a:a2:7c:db:49:cc:8f:98:51:9b: 4f:52:f4:f8:f1:96:3f:71:2a:ed:5d:02:22:b2:12: 81:89:e3:b6:04:dc:7c:b4:90:bd:82:a8:e6:1d:86: 5f:9b:98:14:93:c6:d4:21:eb:4e:af:10:95:36:2e: cb:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:40:52:50:C2:D4:76:D2:DB:99:F4:92:18:B4:E5:3D:5A:6B:CE:C0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f00ce68a-58da-4964-ae28-394559757448.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:28c0::/48 Signature Algorithm: sha256WithRSAEncryption bc:db:e6:8d:a6:2e:cc:ed:25:82:c2:32:4a:a5:ae:56:97:e7: c7:20:7e:b3:e7:73:76:8b:77:15:df:41:b1:48:20:ff:39:83: 9e:83:10:6e:c2:e5:e3:a7:1f:c0:4d:99:40:aa:ac:84:47:67: 4f:16:4a:e7:3f:95:b9:0b:15:76:48:9a:e5:de:44:2f:2a:80: 4d:8e:ea:25:88:19:55:b1:b0:68:34:c1:01:3e:6d:53:69:6d: 97:a6:d3:3f:a6:84:c2:97:6a:3d:b9:84:1b:ff:ae:3c:35:00: c0:57:4e:07:17:3a:27:7d:84:ba:db:6b:17:2e:ae:71:a6:f2: b8:85:71:da:0f:97:c8:d6:25:55:ab:2a:ea:00:d0:e1:a6:a4: 6d:5d:13:08:a5:5d:d8:96:8f:b3:f2:61:21:9a:0b:32:13:75: 83:7d:3e:ce:0b:56:5c:c5:1a:a4:91:e3:78:f1:96:b6:0b:7d: 22:d0:f2:9a:25:c0:e2:c1:5d:a8:b1:47:56:64:80:b2:71:77: 6a:d6:44:27:69:5f:30:b7:90:51:92:08:85:e2:f2:07:f2:75: 6d:b0:dd:9a:b2:f4:5d:ea:47:46:22:f3:28:25:a6:fb:a5:dc: c5:ea:52:83:70:bb:6f:9b:ae:5a:96:88:22:85:a2:a1:69:37: d9:ae:b4:99 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUaTyDholyQFtAQcyzrLHE35ugf6QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMDAyN1oX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAODg1Yjc5YTA1ZjVhN2Y4YmYzMWQw ZWM3NjdhNWVmY2E4NTVmMTgwZTQxZjA5NmEzMDdjZTRhZGVjODI3NzI0NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBbMpV0pK2kemZYfcP8BGFm/l/cW I7c/Pt8hBRqdzXV7HKyDMluvrTO6gOhiE/P2YFu/2ps2VGuR80aTm9ZPqYPlZNJg kaEyAi9D4TynARaEyKRA46yxz2S+ZnBdoIgnYq1MYJHWkn9X+inAv8E8W7CHVvm/ 9tBnLdxEJFVrERqBX5bU2nb4KXDHgS8symV98Irvv63T6Va7rBBGC3VuPzkaxjMm Dbjd+yzGqzkz/FJcuCyZtUEtfwF3w1qeNaedTrzwsJJT95qifNtJzI+YUZtPUvT4 8ZY/cSrtXQIishKBieO2BNx8tJC9gqjmHYZfm5gUk8bUIetOrxCVNi7LvwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBBAUlDC1HbS25n0khi05T1aa87AMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YwMGNlNjhhLTU4ZGEtNDk2NC1hZTI4LTM5NDU1OTc1NzQ0OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYSjAMA0GCSqGSIb3DQEBCwUAA4IBAQC82+aNpi7M7SWCwjJK pa5Wl+fHIH6z53N2i3cV30GxSCD/OYOegxBuwuXjpx/ATZlAqqyER2dPFkrnP5W5 CxV2SJrl3kQvKoBNjuoliBlVsbBoNMEBPm1TaW2XptM/poTCl2o9uYQb/648NQDA V04HFzonfYS622sXLq5xpvK4hXHaD5fI1iVVqyrqANDhpqRtXRMIpV3Ylo+z8mEh mgsyE3WDfT7OC1ZcxRqkkeN48Za2C30i0PKaJcDiwV2osUdWZICycXdq1kQnaV8w t5BRkgiF4vIH8nVtsN2asvRd6kdGIvMoJab7pdzF6lKDcLtvm65alogihaKhaTfZ rrSZ -----END CERTIFICATE-----Generated at Sat Aug 23 06:56:44 2025 by rpki-client