$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/28ff52d2-0135-4def-a017-40424079b2a7.roa File: 28ff52d2-0135-4def-a017-40424079b2a7.roa (raw, json) Hash identifier: q0todN8zhcwyISDMj4Ag4WmdbX8w52RWQy3lwa5WK4U= Subject key identifier: F1:60:8C:61:27:B5:1D:BC:BB:FA:27:20:C3:5C:2C:28:6C:65:C5:29 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2C0307D4F9B4BF884DF3A6377CBDDEA62BCA4921 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/28ff52d2-0135-4def-a017-40424079b2a7.roa Signing time: Tue 29 Jul 2025 00:00:09 +0000 ROA not before: Tue 29 Jul 2025 00:00:09 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:03:07:d4:f9:b4:bf:88:4d:f3:a6:37:7c:bd:de:a6:2b:ca:49:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:00:09 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=2401ead70b72aefeeb95146a1a4ced09f599f0de4453cda0f327278f83a86185, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:98:b1:fe:bc:f2:f7:41:4f:8e:d0:88:cc:9f: 90:41:cc:dd:8b:d6:19:19:90:28:d3:f8:85:48:ff: 50:82:0d:b1:89:28:15:2a:76:44:db:17:f7:76:e8: 71:b5:9e:d3:be:6c:c6:7f:b1:ab:57:e8:49:4a:31: 23:07:03:e9:89:8a:1d:ba:43:91:ee:f6:28:04:d0: 53:4f:8a:d8:1a:dc:23:08:2f:62:65:b9:64:1d:19: 0e:68:ba:c6:b8:56:45:6d:15:a2:66:29:15:22:45: 80:81:bb:fb:e9:1a:1b:45:5b:fc:10:64:8f:3e:ee: e7:23:5f:0b:9e:a2:ae:b6:ec:73:5a:ac:cf:b4:89: fe:f6:dc:20:65:ad:eb:e2:0b:1b:40:b5:03:9d:8f: 4d:50:b2:e1:60:dc:86:71:76:9e:be:71:50:49:ef: c2:30:67:3b:f9:a6:7c:cd:43:bf:b8:e4:fa:27:16: 3a:47:04:5d:ad:9c:c5:aa:30:cc:f6:c9:21:e1:d1: 5a:b9:d3:4e:80:1d:0f:fa:7d:a4:d5:74:32:2d:1c: 9b:c2:5b:87:9b:d8:06:49:84:09:b4:00:e8:04:ae: f2:8c:21:27:b4:6c:e2:5d:1b:22:e2:19:ac:29:53: fe:87:b4:27:64:63:25:6e:5f:79:ee:00:fb:ad:11: 6f:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:60:8C:61:27:B5:1D:BC:BB:FA:27:20:C3:5C:2C:28:6C:65:C5:29 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/28ff52d2-0135-4def-a017-40424079b2a7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:880::/48 Signature Algorithm: sha256WithRSAEncryption 87:be:ad:e2:7b:5a:87:b2:91:e3:fc:b9:26:ea:85:2b:bc:de: df:d7:a5:00:14:45:ee:73:28:b9:1c:a6:d0:d0:1a:90:b1:52: 12:47:ed:da:50:eb:9a:e2:ea:30:f5:56:8c:08:fa:63:4c:65: bb:6a:65:41:d2:e6:e2:f5:71:db:89:e0:27:93:80:6e:9d:b9: 3b:30:d6:f6:e8:8e:80:60:a9:76:5d:2a:0b:f3:74:a6:26:3a: 62:a3:46:6d:50:94:b9:ce:af:b6:66:ce:ad:a7:06:53:8c:f8: 98:d7:c7:a4:67:c9:08:5e:a3:51:5c:f2:8a:f2:49:27:0c:75: 82:be:14:9d:11:fe:66:c5:36:53:83:63:ba:31:8e:78:b0:0f: 3d:89:d1:81:3d:15:cf:45:dd:24:01:2c:6c:aa:e6:6c:b8:27: 8e:77:1d:f1:f2:a3:87:86:fa:1d:95:02:56:f7:b6:f1:9f:ff: bb:fd:0b:e4:2e:f8:b5:c2:7a:99:64:67:7f:7d:28:0c:b5:50: 05:0d:3c:79:ef:17:d8:d4:c9:13:62:9f:fa:38:91:cf:db:76: 3f:a2:33:a8:87:9e:35:c6:50:e1:ed:a0:be:5a:37:38:23:b5: 37:66:ba:ca:51:e5:fb:25:a0:29:48:96:4d:10:78:95:15:cd: fd:b8:47:73 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIULAMH1Pm0v4hN86Y3fL3epivKSSEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwMDAwOVoX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNAMjQwMWVhZDcwYjcyYWVmZWViOTUx NDZhMWE0Y2VkMDlmNTk5ZjBkZTQ0NTNjZGEwZjMyNzI3OGY4M2E4NjE4NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5ix/rzy90FPjtCIzJ+QQczdi9YZ GZAo0/iFSP9Qgg2xiSgVKnZE2xf3duhxtZ7TvmzGf7GrV+hJSjEjBwPpiYodukOR 7vYoBNBTT4rYGtwjCC9iZblkHRkOaLrGuFZFbRWiZikVIkWAgbv76RobRVv8EGSP Pu7nI18LnqKutuxzWqzPtIn+9twgZa3r4gsbQLUDnY9NULLhYNyGcXaevnFQSe/C MGc7+aZ8zUO/uOT6JxY6RwRdrZzFqjDM9skh4dFaudNOgB0P+n2k1XQyLRybwluH m9gGSYQJtADoBK7yjCEntGziXRsi4hmsKVP+h7QnZGMlbl957gD7rRFvMwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPFgjGEntR28u/onIMNcLChsZcUpMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI4ZmY1MmQyLTAxMzUtNGRlZi1hMDE3LTQwNDI0MDc5YjJhNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/wiAMA0GCSqGSIb3DQEBCwUAA4IBAQCHvq3ie1qHspHj/Lkm 6oUrvN7f16UAFEXucyi5HKbQ0BqQsVISR+3aUOua4uow9VaMCPpjTGW7amVB0ubi 9XHbieAnk4Bunbk7MNb26I6AYKl2XSoL83SmJjpio0ZtUJS5zq+2Zs6tpwZTjPiY 18ekZ8kIXqNRXPKK8kknDHWCvhSdEf5mxTZTg2O6MY54sA89idGBPRXPRd0kASxs quZsuCeOdx3x8qOHhvodlQJW97bxn/+7/QvkLvi1wnqZZGd/fSgMtVAFDTx57xfY 1MkTYp/6OJHP23Y/ojOoh541xlDh7aC+Wjc4I7U3ZrrKUeX7JaApSJZNEHiVFc39 uEdz -----END CERTIFICATE-----Generated at Thu Jul 31 00:58:22 2025 by rpki-client