$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f695f86c-1862-4357-8961-1e5b809c4811.roa File: f695f86c-1862-4357-8961-1e5b809c4811.roa (raw, json) Hash identifier: Q6wtQ6D9tgjNZY9Seh7XVUKYAc3OZ98GLazOuWMGvRI= Subject key identifier: 84:7B:A3:18:64:93:C7:83:4E:C4:E8:F7:4D:66:B5:17:64:9C:65:4C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 092251F51C5592F2B86B1773679C63FAB5C827A6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f695f86c-1862-4357-8961-1e5b809c4811.roa Signing time: Sat 23 Aug 2025 00:40:24 +0000 ROA not before: Sat 23 Aug 2025 00:40:24 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:22:51:f5:1c:55:92:f2:b8:6b:17:73:67:9c:63:fa:b5:c8:27:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:40:24 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=2436fa275b11efbf807c0273468a76fa4ac2e10894cc26d2949e19f2b796dd8b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:e0:e2:04:76:ee:b0:1c:33:33:3f:77:91:ea: da:68:72:28:14:74:cd:95:bb:00:a2:79:44:a9:3b: d3:16:57:98:fe:96:e4:64:12:8d:fc:61:72:b1:3c: c9:13:11:4a:b4:d5:1a:fe:bb:fa:b7:bd:d7:0d:57: 2c:66:81:4f:fd:74:96:4e:cd:4a:1b:00:95:0a:4c: 72:c2:4e:a3:b4:31:35:09:91:1c:56:29:73:16:ee: 9f:a0:ba:b8:07:4d:f4:42:0c:ff:e4:44:d3:f0:c7: 4a:45:62:9b:f0:32:e9:d7:62:44:35:e0:d4:fa:f7: d4:80:f9:22:a4:9c:a1:cb:dd:62:59:f7:4c:c8:33: 85:aa:e1:58:10:e2:77:54:25:c3:6b:ea:63:66:65: 71:73:d3:00:4b:13:fe:ce:00:0b:fc:a6:d5:69:59: f6:d2:3c:e9:a8:3e:7c:60:da:66:99:32:99:58:be: 36:4b:98:50:65:be:0a:f3:52:6d:69:a4:f4:51:fc: b4:cf:ce:f0:3c:78:53:6e:5d:45:eb:50:c8:7f:41: 4e:13:56:3e:dd:ba:e7:3e:41:8e:0f:c5:b3:21:87: d3:73:e5:39:6e:15:5b:84:1c:43:8f:d8:4d:f7:ad: f9:1f:4a:03:af:0c:69:96:d9:54:b1:30:5d:cc:9e: 15:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:7B:A3:18:64:93:C7:83:4E:C4:E8:F7:4D:66:B5:17:64:9C:65:4C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f695f86c-1862-4357-8961-1e5b809c4811.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:a000::/40 Signature Algorithm: sha256WithRSAEncryption ba:a4:a6:dc:55:e7:f3:1c:7b:86:37:aa:64:60:67:e8:18:31: e4:43:90:11:47:dc:00:a9:7e:92:ef:be:87:e7:61:f0:fe:c8: bc:f1:a0:d4:ec:a5:ba:4c:0f:23:c0:1f:bd:3f:a0:fc:77:bd: 2f:b8:dd:03:69:68:24:e1:14:66:57:e2:00:53:f9:bf:ce:c4: 5a:03:66:0f:ab:b3:6c:a6:91:60:e2:3d:4c:b2:5b:42:bc:97: 2b:8d:d0:84:15:bb:2e:f6:cf:1b:c8:6b:04:b5:99:f5:8a:34: b5:be:ec:81:13:18:70:f8:09:66:cd:94:8a:15:ec:c5:78:2e: 0a:ff:c0:ea:95:83:32:c9:22:bc:21:65:4e:ac:ab:67:d9:cf: e2:9d:43:f0:34:26:10:c1:bf:53:1d:53:48:86:3e:b5:6e:51: ce:d7:dc:45:76:61:09:1d:8e:ba:d2:f3:79:c2:df:50:06:87: f4:a0:b2:7d:6d:5e:2f:21:83:5c:4b:11:8e:35:5e:2b:78:0a: ab:73:88:b3:a6:df:ec:87:85:f0:72:4b:db:18:f7:f3:76:65: 9c:39:b7:7e:ae:65:01:10:72:bf:8c:7e:40:4a:ea:38:77:9f: 13:ff:3e:e1:9a:22:ac:8b:95:5b:d1:54:f7:e0:67:32:1c:26: 7a:fa:9e:3b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCSJR9RxVkvK4axdzZ5xj+rXIJ6YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwNDAyNFoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAMjQzNmZhMjc1YjExZWZiZjgwN2Mw MjczNDY4YTc2ZmE0YWMyZTEwODk0Y2MyNmQyOTQ5ZTE5ZjJiNzk2ZGQ4YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkODiBHbusBwzMz93keraaHIoFHTN lbsAonlEqTvTFleY/pbkZBKN/GFysTzJExFKtNUa/rv6t73XDVcsZoFP/XSWTs1K GwCVCkxywk6jtDE1CZEcVilzFu6foLq4B030Qgz/5ETT8MdKRWKb8DLp12JENeDU +vfUgPkipJyhy91iWfdMyDOFquFYEOJ3VCXDa+pjZmVxc9MASxP+zgAL/KbVaVn2 0jzpqD58YNpmmTKZWL42S5hQZb4K81JtaaT0Ufy0z87wPHhTbl1F61DIf0FOE1Y+ 3brnPkGOD8WzIYfTc+U5bhVbhBxDj9hN9635H0oDrwxpltlUsTBdzJ4VtwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIR7oxhkk8eDTsTo901mtRdknGVMMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y2OTVmODZjLTE4NjItNDM1Ny04OTYxLTFlNWI4MDljNDgxMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAKAwDQYJKoZIhvcNAQELBQADggEBALqkptxV5/Mce4Y3qmRg Z+gYMeRDkBFH3ACpfpLvvofnYfD+yLzxoNTspbpMDyPAH70/oPx3vS+43QNpaCTh FGZX4gBT+b/OxFoDZg+rs2ymkWDiPUyyW0K8lyuN0IQVuy72zxvIawS1mfWKNLW+ 7IETGHD4CWbNlIoV7MV4Lgr/wOqVgzLJIrwhZU6sq2fZz+KdQ/A0JhDBv1MdU0iG PrVuUc7X3EV2YQkdjrrS83nC31AGh/Sgsn1tXi8hg1xLEY41Xit4CqtziLOm3+yH hfByS9sY9/N2ZZw5t36uZQEQcr+MfkBK6jh3nxP/PuGaIqyLlVvRVPfgZzIcJnr6 njs= -----END CERTIFICATE-----Generated at Sat Aug 23 08:11:24 2025 by rpki-client