$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/66d9e388-aa28-4860-9a9f-792c475c3583.roa File: 66d9e388-aa28-4860-9a9f-792c475c3583.roa (raw, json) Hash identifier: JSdYmcvY2iw9+7c4tVAsVh68mwQ9ynow8gfiR/hCv10= Subject key identifier: 16:DC:A0:54:9E:9E:16:73:9B:E7:05:0E:B3:7F:30:19:9F:BE:0D:25 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 02AE9D5B5EA003F06E274A538DFE50394CEF6232 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/66d9e388-aa28-4860-9a9f-792c475c3583.roa Signing time: Mon 21 Jul 2025 15:10:16 +0000 ROA not before: Mon 21 Jul 2025 15:10:16 +0000 ROA not after: Mon 25 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:c080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 10 Aug 2025 00:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:ae:9d:5b:5e:a0:03:f0:6e:27:4a:53:8d:fe:50:39:4c:ef:62:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 21 15:10:16 2025 GMT Not After : Aug 25 23:59:59 2025 GMT Subject: serialNumber=eeb6385fb7928912115a752c258e8668c0b5f3072f28b509318fdd121f7efaae, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:e2:e2:be:2b:ac:71:74:1e:f5:37:d6:56:1e: 4d:f6:f7:9f:70:2f:74:a0:c9:7e:48:91:41:e3:25: e1:cf:1b:33:d0:a7:f7:61:d3:63:d7:cc:56:60:67: 96:a1:09:42:89:d9:25:9d:45:ed:b2:cc:be:b1:07: c9:01:ee:6e:df:0b:98:81:f5:08:e9:5e:d1:80:b9: ba:68:6c:86:47:5d:a8:57:f0:1e:c1:4d:4a:fa:11: 8b:bb:db:d4:ad:92:1d:27:57:34:75:77:f3:6d:5a: ed:98:9e:04:49:3b:42:1a:ec:4a:d4:17:30:ca:dd: 70:7c:0e:c6:d3:a7:ce:31:b2:7a:de:97:ef:fc:19: 7b:f3:fd:1e:64:f9:b8:27:66:8d:21:91:5b:a6:ae: 8c:74:d2:cc:96:73:4e:a2:f1:13:11:52:93:bc:15: 7e:3a:c6:0c:a0:d6:d4:08:9d:00:78:e2:94:ab:ea: f0:a4:9c:85:06:b9:e5:f7:1f:48:05:35:45:e7:89: 20:a8:ef:ae:b7:52:ca:9f:70:51:42:ad:f5:cc:ac: 53:87:f4:1e:d8:9b:40:2a:c2:7e:5e:16:0a:16:ce: 41:cc:be:91:31:03:d5:31:59:be:b1:cf:f6:51:06: cd:e5:7e:1a:2e:14:58:7c:fb:7a:a2:21:5f:67:28: 37:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:DC:A0:54:9E:9E:16:73:9B:E7:05:0E:B3:7F:30:19:9F:BE:0D:25 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/66d9e388-aa28-4860-9a9f-792c475c3583.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:c080::/46 Signature Algorithm: sha256WithRSAEncryption 14:ba:53:a8:59:b1:e1:88:7c:19:a7:6b:39:f5:f9:c1:4e:ef: 6f:44:b8:26:f6:3d:fd:cd:ef:5c:9d:36:bb:60:26:86:68:a8: 5e:41:f3:23:99:2a:5f:80:bf:b4:3a:6e:65:fe:79:67:0d:49: 6b:dd:eb:2e:76:c4:e7:4a:25:92:90:d7:23:d4:53:7e:6f:12: e8:a0:ef:0b:55:10:8f:30:fd:63:05:eb:9f:1b:f7:2c:20:a8: 64:c9:22:c5:b2:e6:b6:87:72:53:45:dd:4a:4f:ac:32:7b:38: f8:2a:6b:78:46:22:3d:3b:21:35:6a:e7:88:5b:99:c8:94:bc: e7:d0:0e:01:e0:ea:0f:8b:74:d9:97:6d:40:91:c8:f8:42:fc: 63:88:c5:07:be:67:10:0a:67:ad:06:3c:84:39:0c:81:6b:f5: d2:84:36:f3:46:bb:79:11:c0:0c:94:63:37:85:05:c4:a7:94: f7:19:87:8a:28:03:6e:f5:f1:3b:df:28:1b:9f:ee:4a:f2:85: 7f:bc:15:d1:18:81:7c:a8:b5:e8:af:4a:cc:96:2f:9d:fa:ee: aa:d8:56:49:1b:fc:e4:cc:c7:7d:16:1f:f2:58:94:a6:38:4e: be:af:37:d6:7e:54:75:10:98:cd:9f:86:a9:78:73:34:3a:2d: 40:99:2d:ae -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUAq6dW16gA/BuJ0pTjf5QOUzvYjIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMTE1MTAxNloX DTI1MDgyNTIzNTk1OVowejFJMEcGA1UEBRNAZWViNjM4NWZiNzkyODkxMjExNWE3 NTJjMjU4ZTg2NjhjMGI1ZjMwNzJmMjhiNTA5MzE4ZmRkMTIxZjdlZmFhZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuLiviuscXQe9TfWVh5N9vefcC90 oMl+SJFB4yXhzxsz0Kf3YdNj18xWYGeWoQlCidklnUXtssy+sQfJAe5u3wuYgfUI 6V7RgLm6aGyGR12oV/AewU1K+hGLu9vUrZIdJ1c0dXfzbVrtmJ4ESTtCGuxK1Bcw yt1wfA7G06fOMbJ63pfv/Bl78/0eZPm4J2aNIZFbpq6MdNLMlnNOovETEVKTvBV+ OsYMoNbUCJ0AeOKUq+rwpJyFBrnl9x9IBTVF54kgqO+ut1LKn3BRQq31zKxTh/Qe 2JtAKsJ+XhYKFs5BzL6RMQPVMVm+sc/2UQbN5X4aLhRYfPt6oiFfZyg3gwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBbcoFSenhZzm+cFDrN/MBmfvg0lMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY2ZDllMzg4LWFhMjgtNDg2MC05YTlmLTc5MmM0NzVjMzU4My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba88CAMA0GCSqGSIb3DQEBCwUAA4IBAQAUulOoWbHhiHwZp2s5 9fnBTu9vRLgm9j39ze9cnTa7YCaGaKheQfMjmSpfgL+0Om5l/nlnDUlr3esudsTn SiWSkNcj1FN+bxLooO8LVRCPMP1jBeufG/csIKhkySLFsua2h3JTRd1KT6wyezj4 Kmt4RiI9OyE1aueIW5nIlLzn0A4B4OoPi3TZl21Akcj4QvxjiMUHvmcQCmetBjyE OQyBa/XShDbzRrt5EcAMlGM3hQXEp5T3GYeKKANu9fE73ygbn+5K8oV/vBXRGIF8 qLXor0rMli+d+u6q2FZJG/zkzMd9Fh/yWJSmOE6+rzfWflR1EJjNn4apeHM0Oi1A mS2u -----END CERTIFICATE-----Generated at Wed Aug 6 04:16:43 2025 by rpki-client