$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9f32aedc-a073-4f9f-a362-fb6ab646d6dc.roa File: 9f32aedc-a073-4f9f-a362-fb6ab646d6dc.roa (raw, json) Hash identifier: jNmv+RIhKvoXfmzMB/mciy+sTZrQW/TCO0BjAaGN4I8= Subject key identifier: 08:96:D2:26:82:DC:88:B7:98:16:DA:4A:30:21:E0:F0:4D:D7:1F:C9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4E5456F2BE8B05D46630870F9A6F243158BF2723 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9f32aedc-a073-4f9f-a362-fb6ab646d6dc.roa Signing time: Fri 01 Aug 2025 00:00:55 +0000 ROA not before: Fri 01 Aug 2025 00:00:55 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:54:56:f2:be:8b:05:d4:66:30:87:0f:9a:6f:24:31:58:bf:27:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:00:55 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=1ba591deabc6cfc4c12654015e26b6c7514f2d3f3446270d09864f354c287ba4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:e1:cb:b1:a8:4c:38:e1:32:ab:02:92:46:4e: 9a:10:89:58:02:95:56:13:c0:28:3e:13:9c:8c:47: a8:41:62:32:26:8c:6b:d4:40:c6:35:03:86:1f:62: 88:5a:2f:b6:e5:a2:3a:da:57:94:42:92:0c:ec:91: 90:b2:e6:6c:75:d0:c8:e2:29:21:be:9f:3b:68:0f: 25:b6:55:f2:f0:19:a7:d9:b1:0a:20:84:be:5f:95: d0:7f:cf:1d:f2:83:97:5c:d2:33:1f:18:79:6f:ae: 0e:35:00:42:e9:90:94:26:d3:98:32:54:57:70:7b: 71:6c:29:5c:48:11:f3:15:d3:e2:8b:e4:47:c8:5d: 11:dc:b0:63:a8:2d:41:cc:ba:9c:af:ea:9b:34:80: f9:fc:8b:5c:b7:94:e3:7c:ba:83:45:fb:ca:79:a1: e9:dc:b1:2f:5b:4e:9a:58:f3:8f:0c:34:97:24:48: 39:22:6b:6b:41:eb:0e:03:31:08:9a:18:a4:53:6e: 34:b1:ca:c8:b6:a2:b7:5d:0b:c3:a8:c4:8c:e8:3a: 6c:79:b5:b2:59:a1:b6:d7:99:c3:a6:eb:3b:13:00: 8c:6c:58:b1:60:21:90:8b:ee:6a:65:aa:e5:1a:2f: 5d:68:6d:df:c6:bb:87:aa:c3:19:c3:40:21:df:c1: db:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:96:D2:26:82:DC:88:B7:98:16:DA:4A:30:21:E0:F0:4D:D7:1F:C9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9f32aedc-a073-4f9f-a362-fb6ab646d6dc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:6000::/40 Signature Algorithm: sha256WithRSAEncryption 89:78:e1:9f:62:ad:28:8e:43:b3:0c:53:fc:11:47:f5:33:a6: 3a:49:d4:14:b3:0c:2d:9a:9c:3c:94:71:4b:5a:48:2e:7f:e5: 9d:3b:4f:98:3b:85:dd:4d:44:ba:c7:9b:9d:d1:ed:87:fd:25: 7c:0e:a7:59:43:38:df:d9:8d:1d:30:9d:0c:28:49:c1:e8:e4: de:d7:5d:a5:da:3e:33:56:96:c7:56:43:e2:74:ea:2a:95:e6: 5b:85:b4:90:2d:1b:b7:50:eb:42:e6:54:e9:47:50:96:d7:9c: f9:7f:51:93:51:00:06:11:06:81:82:f1:9b:1d:71:87:5a:a2: 47:4a:c4:ca:c2:2c:9b:88:68:c9:fa:29:91:ea:c2:de:d0:e1: 1d:e7:3f:2d:c3:25:68:75:8f:98:19:c8:37:61:32:8b:0e:78: eb:4b:a7:c1:e5:d2:b7:26:7f:94:14:98:03:e7:cb:b9:36:9a: 0f:3a:fb:72:28:e8:a7:c0:b7:03:1a:da:e5:fd:2b:78:9e:12: c8:25:fa:53:6d:c5:50:eb:f6:26:c0:09:24:10:a7:f7:1a:6b: 91:41:41:57:85:8f:95:fb:22:49:35:40:4a:6a:31:82:cb:6e: 09:e9:cd:45:ed:f7:76:14:c2:5c:9f:35:1d:0b:57:09:b0:e2: 21:3e:86:8f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUTlRW8r6LBdRmMIcPmm8kMVi/JyMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwMDA1NVoX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAMWJhNTkxZGVhYmM2Y2ZjNGMxMjY1 NDAxNWUyNmI2Yzc1MTRmMmQzZjM0NDYyNzBkMDk4NjRmMzU0YzI4N2JhNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4uHLsahMOOEyqwKSRk6aEIlYApVW E8AoPhOcjEeoQWIyJoxr1EDGNQOGH2KIWi+25aI62leUQpIM7JGQsuZsddDI4ikh vp87aA8ltlXy8Bmn2bEKIIS+X5XQf88d8oOXXNIzHxh5b64ONQBC6ZCUJtOYMlRX cHtxbClcSBHzFdPii+RHyF0R3LBjqC1BzLqcr+qbNID5/Itct5TjfLqDRfvKeaHp 3LEvW06aWPOPDDSXJEg5ImtrQesOAzEImhikU240scrItqK3XQvDqMSM6DpsebWy WaG215nDpus7EwCMbFixYCGQi+5qZarlGi9daG3fxruHqsMZw0Ah38HbdwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAiW0iaC3Ii3mBbaSjAh4PBN1x/JMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlmMzJhZWRjLWEwNzMtNGY5Zi1hMzYyLWZiNmFiNjQ2ZDZkYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoGAwDQYJKoZIhvcNAQELBQADggEBAIl44Z9irSiOQ7MMU/wR R/UzpjpJ1BSzDC2anDyUcUtaSC5/5Z07T5g7hd1NRLrHm53R7Yf9JXwOp1lDON/Z jR0wnQwoScHo5N7XXaXaPjNWlsdWQ+J06iqV5luFtJAtG7dQ60LmVOlHUJbXnPl/ UZNRAAYRBoGC8ZsdcYdaokdKxMrCLJuIaMn6KZHqwt7Q4R3nPy3DJWh1j5gZyDdh MosOeOtLp8Hl0rcmf5QUmAPny7k2mg86+3Io6KfAtwMa2uX9K3ieEsgl+lNtxVDr 9ibACSQQp/caa5FBQVeFj5X7Ikk1QEpqMYLLbgnpzUXt93YUwlyfNR0LVwmw4iE+ ho8= -----END CERTIFICATE-----Generated at Mon Aug 4 14:03:00 2025 by rpki-client