$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1d075ad8-69d2-4f67-b1e8-f269b1bdda72.roa File: 1d075ad8-69d2-4f67-b1e8-f269b1bdda72.roa (raw, json) Hash identifier: vfNGQMoF07ArkeCCx6Q29JBlD/3m3x/6e3Cn45NKyNk= Subject key identifier: 37:B5:08:87:21:0D:EF:22:AE:21:55:04:67:D7:C6:46:5C:5F:52:D5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 661FBDB4F5FFDB0AA3B1D21CC55020A2BA8E1551 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1d075ad8-69d2-4f67-b1e8-f269b1bdda72.roa Signing time: Wed 10 Sep 2025 00:00:44 +0000 ROA not before: Wed 10 Sep 2025 00:00:44 +0000 ROA not after: Wed 15 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Sep 2025 00:50:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:1f:bd:b4:f5:ff:db:0a:a3:b1:d2:1c:c5:50:20:a2:ba:8e:15:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 10 00:00:44 2025 GMT Not After : Oct 15 23:59:59 2025 GMT Subject: serialNumber=85a367deaa9820cd712773faf654615a8f232445f41487afa6aecff3c42394d1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:a7:9d:50:3b:79:ac:b9:31:f9:f5:ce:fb:5a: e4:1b:dd:54:67:1a:22:6b:5b:a9:11:e1:29:71:e5: b1:5a:45:e9:bb:c1:db:f7:85:25:29:44:12:56:60: ce:ef:40:a3:1e:31:01:37:d6:5d:46:a5:ba:6c:3a: c2:5a:8d:67:72:14:85:0a:54:a3:18:87:e6:81:86: fe:87:2b:e4:0a:7b:12:c5:8f:d6:7e:3a:67:cc:c0: 29:95:ac:27:1b:fc:a7:e1:52:bc:ae:13:c0:2a:e2: 00:28:35:a2:c8:5a:6a:95:1d:ea:f4:94:e1:34:84: 2a:46:1b:1d:25:fd:a4:e6:26:ad:9e:08:51:a0:e5: 17:86:1f:d6:d1:ce:17:13:09:35:15:28:3c:8b:19: 5d:39:6b:12:67:68:24:e3:e3:fe:96:a5:97:18:ec: 22:48:fc:76:35:b5:a9:e8:00:21:42:bc:1b:05:91: 58:19:dc:cb:14:42:24:b8:1b:b4:69:7c:65:54:5f: c3:28:d0:c5:33:4d:4f:1b:9b:13:c7:c0:03:c1:93: 9c:de:02:9c:bf:52:98:2e:10:94:00:b3:a2:70:bd: a2:01:78:ee:ab:7a:df:15:71:fc:df:32:a3:69:0b: 99:26:8e:2a:6f:8a:13:08:d1:e3:e2:25:97:bf:3f: 65:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:B5:08:87:21:0D:EF:22:AE:21:55:04:67:D7:C6:46:5C:5F:52:D5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1d075ad8-69d2-4f67-b1e8-f269b1bdda72.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:7000::/40 Signature Algorithm: sha256WithRSAEncryption 67:ec:b9:12:f8:6c:d6:14:8b:9f:73:11:dd:7d:6c:aa:20:91: f6:80:aa:97:9d:76:8f:fd:26:87:ec:c0:14:ac:7e:79:2e:bd: 7a:2e:21:b6:2d:42:1e:3e:20:4f:95:56:92:2e:4e:55:02:8a: d8:68:82:10:55:8b:74:bc:d7:d5:b5:2e:c7:26:b5:c5:af:4d: dc:31:43:ed:70:8a:59:63:2d:a3:64:a5:09:98:25:a3:ba:f7: 4b:57:55:1b:2a:6c:7e:fa:2b:24:bf:d1:7f:b4:ac:7a:53:22: 58:c9:0d:00:37:8c:7a:da:2e:87:93:b8:68:03:f4:de:1e:29: 10:fb:54:98:a6:d0:ad:ea:03:b7:2c:22:4e:32:1b:59:bc:f5: 61:3c:c2:e1:a6:97:82:2f:e7:0f:11:0f:18:ab:7e:75:d6:6b: 57:3b:57:00:80:d4:70:14:c7:c0:1b:b9:72:fc:cc:dc:b4:04: 57:b9:0f:06:2f:86:77:b1:6b:74:71:c6:fe:c8:7b:23:2a:f6: 98:bb:ff:d8:3c:2b:42:69:ce:52:46:8b:9d:b3:34:01:fa:2e: bf:23:99:ec:ae:6e:e7:44:db:d8:53:73:a0:cd:d2:03:72:84: 9c:0a:1b:ef:25:33:d5:fc:70:44:7f:17:02:50:ab:53:1b:ac: fe:ab:41:88 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZh+9tPX/2wqjsdIcxVAgorqOFVEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDkxMDAwMDA0NFoX DTI1MTAxNTIzNTk1OVowejFJMEcGA1UEBRNAODVhMzY3ZGVhYTk4MjBjZDcxMjc3 M2ZhZjY1NDYxNWE4ZjIzMjQ0NWY0MTQ4N2FmYTZhZWNmZjNjNDIzOTRkMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqedUDt5rLkx+fXO+1rkG91UZxoi a1upEeEpceWxWkXpu8Hb94UlKUQSVmDO70CjHjEBN9ZdRqW6bDrCWo1nchSFClSj GIfmgYb+hyvkCnsSxY/WfjpnzMAplawnG/yn4VK8rhPAKuIAKDWiyFpqlR3q9JTh NIQqRhsdJf2k5iatnghRoOUXhh/W0c4XEwk1FSg8ixldOWsSZ2gk4+P+lqWXGOwi SPx2NbWp6AAhQrwbBZFYGdzLFEIkuBu0aXxlVF/DKNDFM01PG5sTx8ADwZOc3gKc v1KYLhCUALOicL2iAXjuq3rfFXH83zKjaQuZJo4qb4oTCNHj4iWXvz9lAwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDe1CIchDe8iriFVBGfXxkZcX1LVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFkMDc1YWQ4LTY5ZDItNGY2Ny1iMWU4LWYyNjliMWJkZGE3Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9XAwDQYJKoZIhvcNAQELBQADggEBAGfsuRL4bNYUi59zEd19 bKogkfaAqpeddo/9JofswBSsfnkuvXouIbYtQh4+IE+VVpIuTlUCithoghBVi3S8 19W1LscmtcWvTdwxQ+1willjLaNkpQmYJaO690tXVRsqbH76KyS/0X+0rHpTIljJ DQA3jHraLoeTuGgD9N4eKRD7VJim0K3qA7csIk4yG1m89WE8wuGml4Iv5w8RDxir fnXWa1c7VwCA1HAUx8AbuXL8zNy0BFe5DwYvhnexa3Rxxv7IeyMq9pi7/9g8K0Jp zlJGi52zNAH6Lr8jmeyubudE29hTc6DN0gNyhJwKG+8lM9X8cER/FwJQq1MbrP6r QYg= -----END CERTIFICATE-----Generated at Thu Sep 18 07:06:14 2025 by rpki-client