$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b37db1b-9168-4013-90fd-5f16557b73d7.roa File: 1b37db1b-9168-4013-90fd-5f16557b73d7.roa (raw, json) Hash identifier: CSYQbcah6bVO7ZcVZEqGTgb50Uir0fX9ybZUBRBr2gw= Subject key identifier: 6A:FA:BC:6E:72:20:BE:C9:BE:01:6E:11:C1:2D:52:F0:C7:2B:DA:29 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3D0650E66161D184E90506DBFFE90B810EAB58AE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b37db1b-9168-4013-90fd-5f16557b73d7.roa Signing time: Fri 15 Aug 2025 00:11:25 +0000 ROA not before: Fri 15 Aug 2025 00:11:25 +0000 ROA not after: Fri 19 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 00:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:06:50:e6:61:61:d1:84:e9:05:06:db:ff:e9:0b:81:0e:ab:58:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 15 00:11:25 2025 GMT Not After : Sep 19 23:59:59 2025 GMT Subject: serialNumber=dd45dfc91e5f4219797c1e8891eeb8dadec31e1c50a8663955c16ed00a082792, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:04:5a:4f:3b:bc:5c:e8:a7:2e:e4:3d:2c:67: 62:b6:26:48:83:90:9b:60:c8:6b:24:15:95:33:34: 09:ef:9c:07:a2:d8:3f:8a:09:69:d2:da:2a:1b:2f: 71:7d:93:b7:d1:74:92:ce:99:17:16:30:e7:a5:50: a7:c1:64:bf:09:bc:fc:ac:94:72:84:a9:11:51:83: 86:cf:ff:1e:2a:11:74:65:40:90:0c:dd:e9:85:1d: a4:36:ba:0c:62:d3:ce:70:17:e6:d2:00:55:c5:5a: 9d:24:d3:da:c0:e8:5b:65:83:33:7b:0f:02:70:3c: b5:59:c7:c8:60:5b:05:68:f5:ff:2e:7a:5c:ca:b2: 90:a0:d8:d7:f1:e3:a4:cd:0c:c6:52:bf:c3:90:3e: 98:69:17:4f:ee:49:27:31:92:03:b0:0c:df:ef:e3: 7c:65:7a:74:9b:e2:2e:12:87:9c:e9:d7:9b:ad:8b: c8:f9:42:7c:b1:d2:63:f9:db:a2:fc:cb:84:80:08: 56:97:31:3a:37:77:f3:4e:24:78:7b:34:bf:40:1f: 03:e1:1b:62:34:7f:28:23:ad:4a:3a:c2:94:c3:72: 34:0a:1c:52:2e:21:fd:6b:93:44:87:55:c1:ee:40: ed:d8:15:c0:07:85:26:d9:ee:f7:fc:13:5f:73:64: f8:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:FA:BC:6E:72:20:BE:C9:BE:01:6E:11:C1:2D:52:F0:C7:2B:DA:29 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b37db1b-9168-4013-90fd-5f16557b73d7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:1000::/40 Signature Algorithm: sha256WithRSAEncryption 5a:29:6f:97:2b:39:23:45:29:28:00:23:c6:c7:6c:ea:33:07: 34:cd:9d:ef:75:59:ec:b7:fe:45:47:42:e6:ee:a1:ad:1b:e5: db:56:c6:a4:ad:d8:44:e9:c5:3f:06:33:82:75:d6:c1:27:91: a7:4d:16:f6:1f:04:58:a2:2b:a0:8c:e8:32:c9:56:c7:d9:f2: ad:cb:df:99:24:b1:cc:42:90:24:f9:77:e8:fe:b4:29:63:16: 7e:c8:5f:ca:5e:a1:fe:ce:7b:36:be:8a:a1:53:33:2f:ed:d4: 76:85:81:2b:1d:19:42:ea:b8:e5:79:aa:a9:93:a3:92:91:78: 56:5f:a8:70:3e:81:5a:65:98:bf:9a:8c:74:5d:96:17:e2:61: e7:eb:6a:c2:d8:ba:0a:64:3a:22:85:35:06:52:08:c5:ed:7e: 58:5f:b3:68:80:c8:3f:6b:b1:1d:80:9b:2c:2d:7e:97:6b:ae: f9:91:cd:39:5e:cf:cf:73:2e:61:58:b1:83:6e:d1:ad:c9:9a: 2c:a3:7a:b8:17:47:91:b6:f7:eb:93:e4:61:f1:3c:23:a0:20: e1:48:21:87:e5:a3:d3:e5:c1:98:34:5d:49:aa:4b:11:7d:26: 83:1e:ae:66:22:50:8f:f0:4f:6d:2f:b7:72:ad:3e:bf:2a:41: db:25:52:2b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPQZQ5mFh0YTpBQbb/+kLgQ6rWK4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxNTAwMTEyNVoX DTI1MDkxOTIzNTk1OVowejFJMEcGA1UEBRNAZGQ0NWRmYzkxZTVmNDIxOTc5N2Mx ZTg4OTFlZWI4ZGFkZWMzMWUxYzUwYTg2NjM5NTVjMTZlZDAwYTA4Mjc5MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQRaTzu8XOinLuQ9LGditiZIg5Cb YMhrJBWVMzQJ75wHotg/iglp0toqGy9xfZO30XSSzpkXFjDnpVCnwWS/Cbz8rJRy hKkRUYOGz/8eKhF0ZUCQDN3phR2kNroMYtPOcBfm0gBVxVqdJNPawOhbZYMzew8C cDy1WcfIYFsFaPX/LnpcyrKQoNjX8eOkzQzGUr/DkD6YaRdP7kknMZIDsAzf7+N8 ZXp0m+IuEoec6debrYvI+UJ8sdJj+dui/MuEgAhWlzE6N3fzTiR4ezS/QB8D4Rti NH8oI61KOsKUw3I0ChxSLiH9a5NEh1XB7kDt2BXAB4Um2e73/BNfc2T4tQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGr6vG5yIL7JvgFuEcEtUvDHK9opMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFiMzdkYjFiLTkxNjgtNDAxMy05MGZkLTVmMTY1NTdiNzNkNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9RAwDQYJKoZIhvcNAQELBQADggEBAFopb5crOSNFKSgAI8bH bOozBzTNne91Wey3/kVHQubuoa0b5dtWxqSt2ETpxT8GM4J11sEnkadNFvYfBFii K6CM6DLJVsfZ8q3L35kkscxCkCT5d+j+tCljFn7IX8peof7Oeza+iqFTMy/t1HaF gSsdGULquOV5qqmTo5KReFZfqHA+gVplmL+ajHRdlhfiYefrasLYugpkOiKFNQZS CMXtflhfs2iAyD9rsR2AmywtfpdrrvmRzTlez89zLmFYsYNu0a3JmiyjergXR5G2 9+uT5GHxPCOgIOFIIYflo9PlwZg0XUmqSxF9JoMermYiUI/wT20vt3KtPr8qQdsl Uis= -----END CERTIFICATE-----Generated at Wed Aug 20 10:50:11 2025 by rpki-client