$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/52887821-8ea1-4c00-aade-d864665119f4.roa File: 52887821-8ea1-4c00-aade-d864665119f4.roa (raw, json) Hash identifier: LO0vZOvNoqzddFZL8N8fvJFL8VNVuFnrIfXn06lnYYs= Subject key identifier: 92:F5:C0:58:11:FA:25:DA:27:A1:01:83:1E:69:A6:EE:83:74:46:A5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 15ABBC70047998AE3823C60BE2DC560004A0B3EE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/52887821-8ea1-4c00-aade-d864665119f4.roa Signing time: Fri 01 Aug 2025 00:41:16 +0000 ROA not before: Fri 01 Aug 2025 00:41:16 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da11:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 10 Aug 2025 00:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:ab:bc:70:04:79:98:ae:38:23:c6:0b:e2:dc:56:00:04:a0:b3:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:41:16 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=d61e261273efb02e18fbcdaf300ac71cc07fbf589b630b4c200146fbe63349ee, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:5a:2b:46:7d:55:e1:6f:4a:16:4d:17:c8:0a: db:f8:8b:ee:d9:79:63:15:2c:26:07:8c:a8:a4:ee: 09:01:47:af:84:72:38:37:95:c7:5a:f7:bf:e9:ad: 25:52:52:72:a8:93:0c:12:0e:d7:f6:6c:30:40:29: d4:07:36:6b:6a:88:09:a7:7d:26:1a:13:bd:62:90: 6d:6f:3e:35:a9:e6:d2:45:cc:1d:80:9d:aa:55:4c: 94:7f:e0:f6:52:61:d2:0d:31:91:f6:65:64:7a:2c: 57:53:0b:ae:a2:ba:a3:fb:cf:c4:8b:7b:d8:5f:46: a4:a4:84:94:e0:aa:19:7f:fa:f6:6a:cb:ab:f1:2b: 1d:b7:57:f1:ca:d2:7a:81:86:14:7d:7e:db:99:4b: bc:6c:9a:4e:fb:16:3d:00:40:c6:bf:5a:1a:9c:42: 84:78:1f:f9:96:91:18:6f:5e:af:03:f9:b3:1a:09: 72:32:01:32:f4:e2:7e:de:7e:6d:24:d1:94:9c:5e: 4a:b5:80:46:50:83:6e:9f:2d:94:93:cf:c7:4e:de: 80:d8:a2:e0:9f:06:4c:01:10:53:8e:47:77:b6:95: 96:b4:0e:0b:b2:b5:b7:13:ff:db:8f:fa:55:8c:80: 2d:d4:39:bc:81:91:4e:98:9f:3c:46:ed:a0:35:45: 3c:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:F5:C0:58:11:FA:25:DA:27:A1:01:83:1E:69:A6:EE:83:74:46:A5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/52887821-8ea1-4c00-aade-d864665119f4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da11:400::/38 Signature Algorithm: sha256WithRSAEncryption b6:5a:4d:f3:c6:42:c1:53:e7:c3:6a:40:42:e5:b5:2b:9d:28: 38:c2:15:cc:f1:90:10:ca:8c:09:6c:33:a8:cc:da:06:67:e5: 0a:eb:bd:4b:18:85:e4:87:3b:32:5d:01:04:84:75:fb:59:f5: 6b:95:48:27:8d:73:52:e9:6d:24:ae:1b:cb:31:7a:66:e9:85: de:43:39:ec:99:48:cb:5b:9d:d3:8a:e6:13:96:2d:fb:ed:a1: 21:5e:4a:25:1f:ab:ff:d2:ac:41:67:70:a7:a1:97:a1:c3:0e: 8e:23:8a:46:9b:1f:f4:dd:a8:bc:44:9f:d5:c7:2c:c1:ac:70: 2a:87:a4:5b:c3:f5:4b:2c:d7:82:9e:68:67:73:3d:56:03:3f: 71:b9:19:36:94:d1:c0:13:42:75:17:5a:9f:88:24:c6:ad:0d: 38:0e:ff:ef:a1:e7:92:10:8e:5c:cf:a4:eb:cf:e1:3b:a0:d2: 02:a3:b5:00:86:98:71:f0:17:ce:08:14:dd:81:78:25:a6:2c: e1:97:3f:e4:50:42:b6:f3:33:8a:f9:2f:4e:59:ec:fb:8c:fd: d5:df:c2:a8:9a:16:fe:c0:62:1f:28:0b:b7:4a:c8:00:42:b8: d7:29:95:59:64:db:52:df:33:58:e3:02:b5:dc:12:50:f2:5a: 40:71:92:ca -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFau8cAR5mK44I8YL4txWAASgs+4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwNDExNloX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAZDYxZTI2MTI3M2VmYjAyZTE4ZmJj ZGFmMzAwYWM3MWNjMDdmYmY1ODliNjMwYjRjMjAwMTQ2ZmJlNjMzNDllZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVorRn1V4W9KFk0XyArb+Ivu2Xlj FSwmB4yopO4JAUevhHI4N5XHWve/6a0lUlJyqJMMEg7X9mwwQCnUBzZraogJp30m GhO9YpBtbz41qebSRcwdgJ2qVUyUf+D2UmHSDTGR9mVkeixXUwuuorqj+8/Ei3vY X0akpISU4KoZf/r2asur8Ssdt1fxytJ6gYYUfX7bmUu8bJpO+xY9AEDGv1oanEKE eB/5lpEYb16vA/mzGglyMgEy9OJ+3n5tJNGUnF5KtYBGUINuny2Uk8/HTt6A2KLg nwZMARBTjkd3tpWWtA4LsrW3E//bj/pVjIAt1Dm8gZFOmJ88Ru2gNUU8RwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJL1wFgR+iXaJ6EBgx5ppu6DdEalMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzUyODg3ODIxLThlYTEtNGMwMC1hYWRlLWQ4NjQ2NjUxMTlmNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaEQQwDQYJKoZIhvcNAQELBQADggEBALZaTfPGQsFT58NqQELl tSudKDjCFczxkBDKjAlsM6jM2gZn5QrrvUsYheSHOzJdAQSEdftZ9WuVSCeNc1Lp bSSuG8sxembphd5DOeyZSMtbndOK5hOWLfvtoSFeSiUfq//SrEFncKehl6HDDo4j ikabH/TdqLxEn9XHLMGscCqHpFvD9Uss14KeaGdzPVYDP3G5GTaU0cATQnUXWp+I JMatDTgO/++h55IQjlzPpOvP4Tug0gKjtQCGmHHwF84IFN2BeCWmLOGXP+RQQrbz M4r5L05Z7PuM/dXfwqiaFv7AYh8oC7dKyABCuNcplVlk21LfM1jjArXcElDyWkBx kso= -----END CERTIFICATE-----Generated at Wed Aug 6 13:09:16 2025 by rpki-client