$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f0522006-6063-4b32-b972-6b9c57c75a41.roa File: f0522006-6063-4b32-b972-6b9c57c75a41.roa (raw, json) Hash identifier: 9XXbwuAexJptvopLIZlwpkmLmqvjx4oxfdjyMyKawvc= Subject key identifier: AF:AC:23:C1:B2:65:99:BD:96:57:5E:03:D0:0B:F1:56:43:DB:4C:2D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 31885A2409C4D556CCBC9C8C29A88F1446C63842 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f0522006-6063-4b32-b972-6b9c57c75a41.roa Signing time: Sat 23 Aug 2025 00:10:54 +0000 ROA not before: Sat 23 Aug 2025 00:10:54 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:b080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:88:5a:24:09:c4:d5:56:cc:bc:9c:8c:29:a8:8f:14:46:c6:38:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:10:54 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=432ebf3cd38349c1ae3025d34bbcf81ac2629a0c534ee55805486f48e500715d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:6e:9a:50:1d:83:5b:c5:7f:d8:3a:56:7c:65: 31:a4:1e:41:dd:a9:88:a6:97:19:32:a3:e6:8c:8c: bc:e9:54:01:ad:ee:b1:a5:2d:8c:9b:69:85:15:3d: 89:da:ab:36:25:10:88:2c:ae:41:fc:66:da:5a:63: e1:48:05:0d:b6:f9:f0:28:e1:4b:df:a5:10:64:56: 33:77:59:51:2f:65:9f:a6:78:51:9e:04:fa:db:8a: 96:35:dc:89:68:35:06:ba:66:85:ca:1d:bf:a7:e0: 46:9f:89:a4:11:15:7f:0a:aa:b7:fd:1c:3c:5d:17: 69:80:04:6f:63:23:09:24:e9:d4:af:c2:e5:8d:f0: 43:2d:e1:44:0a:ea:6f:c3:0e:d5:74:f7:ee:7a:10: b3:5c:b3:03:6c:01:29:fd:09:e2:c2:a4:e1:6a:6e: d0:ee:21:db:ce:6e:92:b5:f5:9a:d1:da:b7:72:38: 2a:0a:ff:b5:07:17:f2:c8:d4:2d:90:69:4c:9f:f8: a5:e9:ec:c3:55:b3:35:f8:2b:4b:07:e9:78:34:90: 00:8e:35:d8:60:a1:13:1e:c3:af:50:60:8c:87:29: fa:9d:59:66:56:10:6d:5e:56:a6:fe:34:de:8f:f7: fc:1a:b7:0c:ec:e0:3e:9d:83:a4:77:c0:9a:d6:b8: ed:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:AC:23:C1:B2:65:99:BD:96:57:5E:03:D0:0B:F1:56:43:DB:4C:2D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f0522006-6063-4b32-b972-6b9c57c75a41.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:b080::/48 Signature Algorithm: sha256WithRSAEncryption 63:ee:d4:a3:16:b4:4c:bd:77:25:40:49:7a:91:99:6b:fe:0f: 6c:d7:9e:55:1e:2d:71:67:d9:1a:a8:9c:83:0c:d3:1b:e2:5c: 21:b1:6e:f5:f2:90:15:9c:41:c5:e2:08:01:7c:4f:9c:20:b9: 8e:70:ea:44:35:c1:8f:40:13:e6:c4:cd:2b:39:41:76:80:59: a6:89:d4:b2:24:43:a6:0e:e0:fd:d2:bb:38:0e:87:c0:e7:15: 2e:a4:34:69:08:61:dd:1d:cf:bd:ac:b9:b6:5f:4b:bb:de:70: a7:24:06:81:04:83:11:82:e5:9c:4c:4a:72:ea:2b:15:bc:b1: 5b:1f:66:4d:39:49:86:df:d2:f0:7a:2d:41:4f:0d:a8:d3:5b: 05:ae:87:9b:fc:62:90:5d:6f:e0:5a:a1:7f:8b:82:b8:6a:84: 03:66:f2:02:a5:e1:75:89:68:83:4e:87:5a:dd:88:48:30:09: 1f:73:62:0c:44:cc:5c:fe:d5:cb:d4:ac:32:f2:1f:d9:ed:95: c7:62:fa:02:7b:9b:52:d7:a0:4c:95:6e:7d:af:8b:43:c8:36: 5c:88:29:73:fa:8e:60:70:7b:66:b4:c8:1b:49:f6:20:fe:a1: 8a:ae:e4:07:77:c0:0e:fe:98:f6:95:82:88:e3:90:15:44:f9: 81:08:68:6d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUMYhaJAnE1VbMvJyMKaiPFEbGOEIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMTA1NFoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNANDMyZWJmM2NkMzgzNDljMWFlMzAy NWQzNGJiY2Y4MWFjMjYyOWEwYzUzNGVlNTU4MDU0ODZmNDhlNTAwNzE1ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjm6aUB2DW8V/2DpWfGUxpB5B3amI ppcZMqPmjIy86VQBre6xpS2Mm2mFFT2J2qs2JRCILK5B/GbaWmPhSAUNtvnwKOFL 36UQZFYzd1lRL2WfpnhRngT624qWNdyJaDUGumaFyh2/p+BGn4mkERV/Cqq3/Rw8 XRdpgARvYyMJJOnUr8LljfBDLeFECupvww7VdPfuehCzXLMDbAEp/QniwqTham7Q 7iHbzm6StfWa0dq3cjgqCv+1BxfyyNQtkGlMn/il6ezDVbM1+CtLB+l4NJAAjjXY YKETHsOvUGCMhyn6nVlmVhBtXlam/jTej/f8GrcM7OA+nYOkd8Ca1rjtWwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFK+sI8GyZZm9lldeA9AL8VZD20wtMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YwNTIyMDA2LTYwNjMtNGIzMi1iOTcyLTZiOWM1N2M3NWE0MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaALCAMA0GCSqGSIb3DQEBCwUAA4IBAQBj7tSjFrRMvXclQEl6 kZlr/g9s155VHi1xZ9kaqJyDDNMb4lwhsW718pAVnEHF4ggBfE+cILmOcOpENcGP QBPmxM0rOUF2gFmmidSyJEOmDuD90rs4DofA5xUupDRpCGHdHc+9rLm2X0u73nCn JAaBBIMRguWcTEpy6isVvLFbH2ZNOUmG39Lwei1BTw2o01sFroeb/GKQXW/gWqF/ i4K4aoQDZvICpeF1iWiDToda3YhIMAkfc2IMRMxc/tXL1Kwy8h/Z7ZXHYvoCe5tS 16BMlW59r4tDyDZciClz+o5gcHtmtMgbSfYg/qGKruQHd8AO/pj2lYKI45AVRPmB CGht -----END CERTIFICATE-----Generated at Sat Aug 23 10:14:11 2025 by rpki-client