$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0a4856e0-f127-4ba4-95a7-4efde8ba42b2.roa File: 0a4856e0-f127-4ba4-95a7-4efde8ba42b2.roa (raw, json) Hash identifier: uSwGLKqXW88dGrsiHpyBzyK+MIlbKJ2TbXU8kbebqQg= Subject key identifier: 0D:51:F4:2B:E3:D6:7E:D7:F3:85:88:4F:4C:0E:84:96:49:D2:69:57 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7B083805150366B9402F97D0B0D9C49428796DD4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0a4856e0-f127-4ba4-95a7-4efde8ba42b2.roa Signing time: Thu 31 Jul 2025 16:53:05 +0000 ROA not before: Thu 31 Jul 2025 16:53:05 +0000 ROA not after: Thu 04 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 126.226.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:08:38:05:15:03:66:b9:40:2f:97:d0:b0:d9:c4:94:28:79:6d:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 31 16:53:05 2025 GMT Not After : Sep 4 23:59:59 2025 GMT Subject: serialNumber=68a7f066ce1e36119704fea3693eeae47395805f173ebd766252fab1e965911d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:71:1c:24:52:0f:88:8d:1e:ac:f2:56:fc:5f: 4e:ad:31:f9:b9:46:d3:7b:c1:d5:cc:b9:c6:23:5e: 46:cf:0c:f3:b4:fc:53:6e:d0:a2:d1:94:b1:0f:72: e1:78:ef:0f:fb:75:5d:72:54:a7:1e:dc:76:67:0c: 10:34:1e:6c:6e:8a:4c:ca:4d:9f:cc:96:30:3a:f7: d6:de:91:07:fd:9e:ab:de:59:be:0b:01:6d:2d:22: 1a:e7:c1:c8:62:ca:88:e2:1e:14:28:0f:b5:54:6c: 7d:51:90:30:6c:e2:ba:e1:c9:16:f9:49:21:bc:a4: cd:4e:7b:85:0c:ec:5b:48:10:71:0e:6a:77:06:68: b2:fb:75:75:72:9b:7b:34:00:1e:25:40:10:11:24: c4:03:5c:95:b9:a8:3e:b8:3d:d5:5b:35:04:55:27: e3:13:e2:fa:21:cb:a7:fd:11:1a:52:61:7d:5b:d8: 66:ff:f7:38:30:3b:1e:b3:c7:84:b0:23:96:4c:b4: b2:3e:4b:84:43:72:5c:f0:1a:0a:76:b1:05:7e:c3: 51:e9:5e:d3:d9:f2:fd:c2:b5:e9:91:74:92:1e:10: 63:63:1b:6c:2c:07:c4:b9:c3:a2:bf:6c:16:a8:9a: 2b:69:14:5f:0d:41:4e:51:53:11:d2:d8:e9:0a:64: 3f:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:51:F4:2B:E3:D6:7E:D7:F3:85:88:4F:4C:0E:84:96:49:D2:69:57 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0a4856e0-f127-4ba4-95a7-4efde8ba42b2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 126.226.0.0/16 Signature Algorithm: sha256WithRSAEncryption 9e:27:c2:db:dc:97:59:08:5c:5e:0c:12:b6:79:dc:14:81:b2: 67:68:5f:9e:a9:da:91:ed:1f:fe:f4:ae:65:76:0c:19:c9:e3: 87:bd:3d:60:54:43:50:d3:2f:24:8f:7c:3f:97:aa:a0:8e:87: d6:55:e3:20:3b:f0:6a:d4:3e:b2:04:9c:d8:de:28:59:f7:7f: bd:08:91:4b:40:84:37:d4:52:a8:1b:42:f8:40:ae:7f:b1:58: 34:42:a2:5d:e9:8b:f0:2e:b7:8c:49:b1:60:5a:99:f0:3e:f7: 41:8c:04:f1:f3:22:c2:b8:26:e9:b8:9c:3f:8e:bc:e2:d9:e8: 1a:72:00:2c:1d:c7:6b:ad:4b:81:d0:68:b1:ca:4e:ab:72:02: f3:f9:0a:55:1c:eb:c8:99:02:d8:d4:75:b7:95:31:7c:bd:b9: 65:b5:dd:54:1c:89:96:98:32:27:5d:33:0b:ff:47:cb:9c:bd: b1:89:f2:ca:6a:e3:9b:03:a9:de:e7:2d:42:6b:07:68:97:51: cc:72:67:05:61:93:f9:b3:30:db:03:9c:af:d3:c2:25:db:ca: e4:74:12:1c:0a:5e:32:84:8e:f9:28:1d:ec:50:95:4c:7b:eb: 23:6d:e3:0b:44:98:0a:b9:d9:d5:4e:ef:26:0c:f9:59:07:a5: 7a:2f:88:82 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUewg4BRUDZrlAL5fQsNnElCh5bdQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMTE2NTMwNVoX DTI1MDkwNDIzNTk1OVowejFJMEcGA1UEBRNANjhhN2YwNjZjZTFlMzYxMTk3MDRm ZWEzNjkzZWVhZTQ3Mzk1ODA1ZjE3M2ViZDc2NjI1MmZhYjFlOTY1OTExZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3EcJFIPiI0erPJW/F9OrTH5uUbT e8HVzLnGI15GzwzztPxTbtCi0ZSxD3LheO8P+3VdclSnHtx2ZwwQNB5sbopMyk2f zJYwOvfW3pEH/Z6r3lm+CwFtLSIa58HIYsqI4h4UKA+1VGx9UZAwbOK64ckW+Ukh vKTNTnuFDOxbSBBxDmp3Bmiy+3V1cpt7NAAeJUAQESTEA1yVuag+uD3VWzUEVSfj E+L6Icun/REaUmF9W9hm//c4MDses8eEsCOWTLSyPkuEQ3Jc8BoKdrEFfsNR6V7T 2fL9wrXpkXSSHhBjYxtsLAfEucOiv2wWqJoraRRfDUFOUVMR0tjpCmQ/FQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFA1R9Cvj1n7X84WIT0wOhJZJ0mlXMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBhNDg1NmUwLWYxMjctNGJhNC05NWE3LTRlZmRlOGJhNDJiMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMAfuIwDQYJKoZIhvcNAQELBQADggEBAJ4nwtvcl1kIXF4MErZ53BSB smdoX56p2pHtH/70rmV2DBnJ44e9PWBUQ1DTLySPfD+XqqCOh9ZV4yA78GrUPrIE nNjeKFn3f70IkUtAhDfUUqgbQvhArn+xWDRCol3pi/Aut4xJsWBamfA+90GMBPHz IsK4Jum4nD+OvOLZ6BpyACwdx2utS4HQaLHKTqtyAvP5ClUc68iZAtjUdbeVMXy9 uWW13VQciZaYMiddMwv/R8ucvbGJ8spq45sDqd7nLUJrB2iXUcxyZwVhk/mzMNsD nK/TwiXbyuR0EhwKXjKEjvkoHexQlUx76yNt4wtEmAq52dVO7yYM+VkHpXoviII= -----END CERTIFICATE-----Generated at Mon Aug 4 14:16:31 2025 by rpki-client