$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a9812ae5-6cb6-43be-82bc-429f2e7be616.roa File: a9812ae5-6cb6-43be-82bc-429f2e7be616.roa (raw, json) Hash identifier: p2a6lgb6TwxPhia4IIwXpioCH2IlwN9yKp5z6LnOUaU= Subject key identifier: 1C:CB:8D:89:1E:71:33:1A:12:97:79:75:2D:70:2F:72:E7:6D:00:33 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 08B2ADB647AFBC8233F9B1B755C3CE542F1E0A26 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a9812ae5-6cb6-43be-82bc-429f2e7be616.roa Signing time: Fri 01 Aug 2025 00:51:16 +0000 ROA not before: Fri 01 Aug 2025 00:51:16 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da11:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 00:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:b2:ad:b6:47:af:bc:82:33:f9:b1:b7:55:c3:ce:54:2f:1e:0a:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:51:16 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=4052ba8ff372c41f6147582b04c2e001cd376bd58eb3532f67658d1b1896e0d5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:69:16:d6:ec:36:85:8e:2f:55:cd:f2:68:7a: f5:79:a6:d9:e5:bf:1c:ef:d0:3c:ae:89:5b:99:a8: b2:8b:23:d9:7c:a2:62:03:4c:de:c5:ad:69:29:09: 8f:17:ce:03:70:3c:95:c6:34:4a:9c:cf:ac:3d:17: 75:aa:28:ad:7b:2b:f5:e1:b2:ae:7e:99:76:0c:aa: 35:21:44:b3:a9:96:42:cd:75:41:db:28:35:dd:5f: 91:35:bd:cf:97:bd:f7:b5:36:d7:7a:bc:83:56:78: f3:bd:87:62:82:2d:d6:c6:56:12:52:fc:a9:62:15: 15:bc:41:cb:cd:c0:f9:37:a4:02:66:37:46:90:8f: 4c:a8:95:9b:8a:d4:47:72:b2:c6:c3:03:51:6d:45: e8:97:b6:86:49:bd:06:d1:63:d1:f0:f7:af:c2:b1: fd:5b:6f:a8:25:2e:23:db:e9:5b:00:d8:4e:5d:71: 01:24:c4:f9:9b:a6:4e:3f:c4:cf:88:d6:64:3e:44: 83:72:3f:07:e3:56:27:a0:9a:de:65:e4:31:ce:e3: f8:eb:85:d9:da:c9:a8:e7:4a:c0:cd:86:34:0d:c6: ed:88:b9:bb:db:e3:5b:f2:67:ff:47:ae:7d:f3:26: e1:e3:41:1a:08:46:46:b3:26:51:84:36:a5:37:9d: d4:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:CB:8D:89:1E:71:33:1A:12:97:79:75:2D:70:2F:72:E7:6D:00:33 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a9812ae5-6cb6-43be-82bc-429f2e7be616.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da11:c00::/38 Signature Algorithm: sha256WithRSAEncryption ba:20:2f:aa:55:39:e7:d4:f2:bb:d6:e3:21:68:e3:83:5b:9c: 5e:f8:b9:34:63:19:28:ee:9e:4f:84:e0:5d:d7:5d:61:ca:17: 3a:5d:95:e2:37:c2:cc:25:b2:33:61:53:8d:7d:7e:4d:26:a5: 54:bf:35:18:e6:a7:56:af:39:62:5d:63:2e:f5:a7:18:fe:5a: d3:70:c1:69:53:39:c0:0b:8e:81:d8:c9:30:f4:ea:76:f3:1f: 77:8c:5a:07:81:bc:56:f8:38:ec:22:a3:d2:32:ae:a8:c6:f2: 7a:35:37:c7:da:36:76:3e:9f:43:50:7c:b6:f9:66:91:50:ba: 93:35:8b:db:b9:6c:98:8c:84:3c:e5:f9:42:e4:c7:cb:7e:ea: 27:dc:62:ad:f8:87:38:ec:d7:13:08:1d:f3:7e:8c:38:dd:02: 18:22:bb:4a:c4:b0:e8:3c:a6:2f:6a:ab:09:bf:64:f4:49:9a: f1:bf:f1:58:f0:e0:c3:28:53:9f:f9:b4:69:91:36:13:df:dc: 80:0c:51:c5:d0:4e:e4:99:93:4f:e6:cc:18:9c:43:7c:f7:4f: 1d:f0:fe:53:58:63:68:dd:29:c5:d8:5b:50:17:30:fd:28:4c: 48:ac:2d:31:58:ee:9f:e3:ef:41:3b:14:2a:13:28:07:45:65: 0b:63:45:64 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCLKttkevvIIz+bG3VcPOVC8eCiYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwNTExNloX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNANDA1MmJhOGZmMzcyYzQxZjYxNDc1 ODJiMDRjMmUwMDFjZDM3NmJkNThlYjM1MzJmNjc2NThkMWIxODk2ZTBkNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmkW1uw2hY4vVc3yaHr1eabZ5b8c 79A8rolbmaiyiyPZfKJiA0zexa1pKQmPF84DcDyVxjRKnM+sPRd1qiiteyv14bKu fpl2DKo1IUSzqZZCzXVB2yg13V+RNb3Pl733tTbXeryDVnjzvYdigi3WxlYSUvyp YhUVvEHLzcD5N6QCZjdGkI9MqJWbitRHcrLGwwNRbUXol7aGSb0G0WPR8PevwrH9 W2+oJS4j2+lbANhOXXEBJMT5m6ZOP8TPiNZkPkSDcj8H41YnoJreZeQxzuP464XZ 2smo50rAzYY0DcbtiLm72+Nb8mf/R6598ybh40EaCEZGsyZRhDalN53UeQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBzLjYkecTMaEpd5dS1wL3LnbQAzMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E5ODEyYWU1LTZjYjYtNDNiZS04MmJjLTQyOWYyZTdiZTYxNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaEQwwDQYJKoZIhvcNAQELBQADggEBALogL6pVOefU8rvW4yFo 44NbnF74uTRjGSjunk+E4F3XXWHKFzpdleI3wswlsjNhU419fk0mpVS/NRjmp1av OWJdYy71pxj+WtNwwWlTOcALjoHYyTD06nbzH3eMWgeBvFb4OOwio9IyrqjG8no1 N8faNnY+n0NQfLb5ZpFQupM1i9u5bJiMhDzl+ULkx8t+6ifcYq34hzjs1xMIHfN+ jDjdAhgiu0rEsOg8pi9qqwm/ZPRJmvG/8Vjw4MMoU5/5tGmRNhPf3IAMUcXQTuSZ k0/mzBicQ3z3Tx3w/lNYY2jdKcXYW1AXMP0oTEisLTFY7p/j70E7FCoTKAdFZQtj RWQ= -----END CERTIFICATE-----Generated at Wed Aug 6 00:52:25 2025 by rpki-client