$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa File: 02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa (raw, json) Hash identifier: ToBmMfgDxQ5bBNe8/LUKwtwvZojX1yT8ixha6QyrxKU= Subject key identifier: 67:57:15:78:28:3D:A8:01:27:00:D8:8D:BB:A1:68:9E:D8:10:2E:A5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6783E26690801B9ADD89F52E6EC5F4B3319C4081 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa Signing time: Tue 26 Aug 2025 00:00:54 +0000 ROA not before: Tue 26 Aug 2025 00:00:54 +0000 ROA not after: Tue 30 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Sep 2025 00:50:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:83:e2:66:90:80:1b:9a:dd:89:f5:2e:6e:c5:f4:b3:31:9c:40:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 26 00:00:54 2025 GMT Not After : Sep 30 23:59:59 2025 GMT Subject: serialNumber=55848d853937095f1832be491f4f909eed758fd6a660ddb11fb858c3f70a262b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:ef:d4:30:9d:fc:16:fc:e4:80:3b:ef:a1:52: a0:d4:d6:67:f6:9f:dd:31:6e:19:a1:40:ff:21:2c: 17:a7:a6:e1:47:51:08:a3:b5:74:a9:76:19:e6:9e: 0e:9f:49:e5:f3:49:2f:c0:2d:04:4d:9a:be:66:ff: 72:41:7d:e2:bd:31:df:c7:9f:a3:04:71:ab:ce:5c: 82:67:7b:0d:0d:d3:ba:2e:33:fa:31:5b:3e:df:07: e4:18:78:a9:cc:f5:f8:3b:a6:87:2c:85:9d:49:f2: 2a:2c:40:6d:65:55:02:74:ce:7f:b0:c3:7a:0c:60: 9f:bb:0e:d0:21:77:f8:b3:5d:2b:a0:02:3c:b1:1a: e1:85:92:e5:e0:ea:4b:e2:5d:2d:6a:d6:87:9e:df: a4:e6:8c:d8:df:16:15:0d:b5:35:7f:80:fd:c0:84: b7:cf:b3:0f:87:d5:d7:8f:a7:32:d9:b4:a0:1b:f9: 59:20:d2:ff:c1:ba:dc:01:7b:40:81:67:1c:ad:ff: f7:c4:12:84:9d:80:29:37:65:b0:98:dc:5d:24:05: 18:a6:0c:78:25:86:bb:88:31:97:c0:73:98:67:4b: 1c:b8:1d:cb:3a:c2:15:e1:7a:43:6d:43:2e:1a:73: 89:df:ee:36:25:2b:b7:1a:f8:f3:cd:e9:7c:28:45: cd:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:57:15:78:28:3D:A8:01:27:00:D8:8D:BB:A1:68:9E:D8:10:2E:A5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:2000::/40 Signature Algorithm: sha256WithRSAEncryption 52:be:3c:d0:da:01:66:2d:62:5c:1e:93:66:bb:c8:78:a2:b0: 10:0d:10:8f:22:d0:d5:10:c1:ef:a5:f5:77:b2:db:d3:d1:4a: a5:91:35:e9:9a:48:36:39:b0:73:83:46:ac:cb:d1:89:22:86: 26:2f:36:d2:78:7a:2d:87:03:c2:1a:e9:6d:cb:a8:db:41:63: 64:c1:2b:30:dc:a9:c7:e8:be:9d:d2:b9:33:5c:b9:ac:b4:59: 15:11:2c:52:00:b8:f8:d2:f0:34:4f:51:7d:7a:d2:1a:32:8c: 68:50:ba:03:f5:70:0e:03:bb:af:c2:7f:34:0b:b1:36:34:5e: e7:f1:f8:f9:09:07:95:f1:b4:08:e0:80:82:db:50:da:47:44: 0c:32:e2:81:82:b8:05:4b:a0:2c:16:b1:0e:dd:40:0e:75:87: 5a:b6:4a:93:f8:74:5b:37:90:b2:a1:26:2b:7e:5f:50:37:59: 64:a0:0d:b7:70:ff:2c:70:38:9b:98:76:d6:38:05:83:80:21: 22:ff:7e:33:8a:aa:04:37:bd:c2:af:07:2a:92:3f:0b:09:e5: fe:93:55:ed:89:54:51:0e:90:58:e4:18:53:a6:a2:8b:35:45: 68:9e:bf:ef:a5:cf:18:dd:f6:8f:5b:e2:77:70:c4:c8:0b:80: c6:cd:44:98 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZ4PiZpCAG5rdifUubsX0szGcQIEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyNjAwMDA1NFoX DTI1MDkzMDIzNTk1OVowejFJMEcGA1UEBRNANTU4NDhkODUzOTM3MDk1ZjE4MzJi ZTQ5MWY0ZjkwOWVlZDc1OGZkNmE2NjBkZGIxMWZiODU4YzNmNzBhMjYyYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+/UMJ38FvzkgDvvoVKg1NZn9p/d MW4ZoUD/ISwXp6bhR1EIo7V0qXYZ5p4On0nl80kvwC0ETZq+Zv9yQX3ivTHfx5+j BHGrzlyCZ3sNDdO6LjP6MVs+3wfkGHipzPX4O6aHLIWdSfIqLEBtZVUCdM5/sMN6 DGCfuw7QIXf4s10roAI8sRrhhZLl4OpL4l0tataHnt+k5ozY3xYVDbU1f4D9wIS3 z7MPh9XXj6cy2bSgG/lZINL/wbrcAXtAgWccrf/3xBKEnYApN2WwmNxdJAUYpgx4 JYa7iDGXwHOYZ0scuB3LOsIV4XpDbUMuGnOJ3+42JSu3Gvjzzel8KEXNFwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGdXFXgoPagBJwDYjbuhaJ7YEC6lMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAyYTUxZTU0LTZiYjUtNDNlNy05NGQwLWE4ZTk1NzcxZjJhMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8SAwDQYJKoZIhvcNAQELBQADggEBAFK+PNDaAWYtYlwek2a7 yHiisBANEI8i0NUQwe+l9Xey29PRSqWRNemaSDY5sHODRqzL0YkihiYvNtJ4ei2H A8Ia6W3LqNtBY2TBKzDcqcfovp3SuTNcuay0WRURLFIAuPjS8DRPUX160hoyjGhQ ugP1cA4Du6/CfzQLsTY0Xufx+PkJB5XxtAjggILbUNpHRAwy4oGCuAVLoCwWsQ7d QA51h1q2SpP4dFs3kLKhJit+X1A3WWSgDbdw/yxwOJuYdtY4BYOAISL/fjOKqgQ3 vcKvByqSPwsJ5f6TVe2JVFEOkFjkGFOmoos1RWiev++lzxjd9o9b4ndwxMgLgMbN RJg= -----END CERTIFICATE-----Generated at Thu Sep 18 12:04:23 2025 by rpki-client