$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8167b956-49b6-4bfc-b015-6dcca357c141.roa File: 8167b956-49b6-4bfc-b015-6dcca357c141.roa (raw, json) Hash identifier: /EBCHFwKPCIeCWrvIlHEqz3fj9mWPDB7/3Q75wlFtHg= Subject key identifier: FC:1B:F3:36:47:F5:A3:C3:75:B6:AB:A4:95:03:B7:0C:21:B7:C3:56 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6876B4F404C5743646AF9F5CD205F246EA3638D7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8167b956-49b6-4bfc-b015-6dcca357c141.roa Signing time: Wed 06 Aug 2025 00:00:13 +0000 ROA not before: Wed 06 Aug 2025 00:00:13 +0000 ROA not after: Wed 10 Sep 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 10 Aug 2025 00:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:76:b4:f4:04:c5:74:36:46:af:9f:5c:d2:05:f2:46:ea:36:38:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 6 00:00:13 2025 GMT Not After : Sep 10 23:59:59 2025 GMT Subject: serialNumber=066c0c2ab14b3185c021b78400cbbf022d8f0b5316987e660326e197155789aa, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:4b:c9:72:c4:d5:36:f3:6a:1f:57:6a:65:53: 2c:4e:1b:12:54:c6:c7:9b:99:31:de:db:13:43:cb: 2c:fc:03:e4:b2:71:a5:4b:aa:07:83:af:4a:7e:19: f9:2a:6d:f2:57:86:ef:86:0a:ad:9c:69:f0:15:cc: 97:c7:d1:9b:61:ef:ad:21:1b:73:d7:c4:67:57:a2: 6e:ea:38:e7:00:00:fd:0e:04:0a:9d:e8:a3:2e:20: 42:8f:01:9c:09:4f:c6:5f:3e:39:35:4d:c9:33:1d: 55:7e:2a:60:e8:37:fc:00:9f:4e:c3:07:f4:7f:d2: f2:00:ac:4b:3a:21:10:19:86:a2:7d:b7:21:12:53: 55:32:a1:b3:59:2a:b2:1b:af:a3:16:a0:24:42:2b: a5:5d:4a:29:f3:f4:c4:8c:27:d2:98:02:c6:e6:ae: 23:70:e9:9b:f5:f5:0f:d1:27:b2:98:77:73:a9:a0: 40:34:91:78:ca:c9:3c:4a:37:1d:36:93:7b:c1:67: e2:13:09:36:4b:fe:5e:06:8b:2b:94:4f:b7:0a:16: 5f:e6:ca:c1:86:33:28:32:a1:2b:d3:05:d8:46:6f: d8:d0:fe:12:3a:9e:bb:f0:52:c6:27:99:86:17:f8: 0e:10:12:02:81:9b:94:53:cd:a2:f9:93:8c:ae:d8: ff:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:1B:F3:36:47:F5:A3:C3:75:B6:AB:A4:95:03:B7:0C:21:B7:C3:56 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8167b956-49b6-4bfc-b015-6dcca357c141.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:7000::/40 Signature Algorithm: sha256WithRSAEncryption a7:87:d8:11:93:27:7b:09:21:cd:fb:60:fc:13:1d:3a:54:8f: 37:15:1f:16:20:4c:0a:2e:93:bc:87:4e:af:b9:40:c9:c7:d9: 68:f2:57:d8:4b:f7:0c:f5:a8:92:18:89:1c:2a:d8:52:40:ea: cb:c0:05:b0:78:b8:a2:4b:af:54:89:a9:8b:3e:b9:66:80:23: 31:58:f6:f3:af:b5:31:21:19:1b:be:60:ff:05:78:71:22:81: 0e:d5:68:09:3a:8e:c6:69:69:a8:aa:46:8c:87:6b:d9:99:b9: c7:ca:8b:7b:92:be:1b:e8:a8:28:cd:7b:84:12:f0:b7:1d:96: 86:79:75:75:a8:05:be:9e:4a:08:1e:c4:94:7d:e3:f4:4f:16: f2:8a:34:ea:6a:f8:0d:04:70:05:06:7f:8c:06:fa:bb:63:db: 7d:fe:b1:5f:37:4f:f4:6a:61:8d:d8:55:bd:0f:1f:49:3f:3e: 7d:70:17:0c:98:19:22:3c:23:3a:8b:c4:3f:03:37:d5:48:9a: c8:aa:2e:e2:c6:9f:10:dd:f5:50:95:3c:ea:43:d4:85:98:8e: 44:8f:14:48:bc:a2:2d:fc:d3:58:25:af:8e:5b:12:bf:10:f5: fb:93:40:bd:b6:4b:6f:92:fd:39:5c:b9:b0:b3:1d:ba:5c:c2: 49:58:63:50 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUaHa09ATFdDZGr59c0gXyRuo2ONcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwNjAwMDAxM1oX DTI1MDkxMDIzNTk1OVowejFJMEcGA1UEBRNAMDY2YzBjMmFiMTRiMzE4NWMwMjFi Nzg0MDBjYmJmMDIyZDhmMGI1MzE2OTg3ZTY2MDMyNmUxOTcxNTU3ODlhYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUvJcsTVNvNqH1dqZVMsThsSVMbH m5kx3tsTQ8ss/APksnGlS6oHg69Kfhn5Km3yV4bvhgqtnGnwFcyXx9GbYe+tIRtz 18RnV6Ju6jjnAAD9DgQKneijLiBCjwGcCU/GXz45NU3JMx1Vfipg6Df8AJ9Owwf0 f9LyAKxLOiEQGYaifbchElNVMqGzWSqyG6+jFqAkQiulXUop8/TEjCfSmALG5q4j cOmb9fUP0SeymHdzqaBANJF4ysk8SjcdNpN7wWfiEwk2S/5eBosrlE+3ChZf5srB hjMoMqEr0wXYRm/Y0P4SOp678FLGJ5mGF/gOEBICgZuUU82i+ZOMrtj/QQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPwb8zZH9aPDdbarpJUDtwwht8NWMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzgxNjdiOTU2LTQ5YjYtNGJmYy1iMDE1LTZkY2NhMzU3YzE0MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba73AwDQYJKoZIhvcNAQELBQADggEBAKeH2BGTJ3sJIc37YPwT HTpUjzcVHxYgTAouk7yHTq+5QMnH2WjyV9hL9wz1qJIYiRwq2FJA6svABbB4uKJL r1SJqYs+uWaAIzFY9vOvtTEhGRu+YP8FeHEigQ7VaAk6jsZpaaiqRoyHa9mZucfK i3uSvhvoqCjNe4QS8LcdloZ5dXWoBb6eSggexJR94/RPFvKKNOpq+A0EcAUGf4wG +rtj233+sV83T/RqYY3YVb0PH0k/Pn1wFwyYGSI8IzqLxD8DN9VImsiqLuLGnxDd 9VCVPOpD1IWYjkSPFEi8oi3801glr45bEr8Q9fuTQL22S2+S/TlcubCzHbpcwklY Y1A= -----END CERTIFICATE-----Generated at Wed Aug 6 05:25:49 2025 by rpki-client