$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b0ce5dd-b814-404d-834f-cb4ff6e69c73.roa File: 2b0ce5dd-b814-404d-834f-cb4ff6e69c73.roa (raw, json) Hash identifier: 43E8eWlNruYqWrfgoR6etEJPtVDsW0pC3Rg2GOSkGTA= Subject key identifier: 4C:C0:35:95:8E:D1:2C:E2:76:19:3F:F7:18:B8:10:9C:2A:2A:15:53 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 32E98AB78AFF65F53DC1CE924F17550799F51AF3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b0ce5dd-b814-404d-834f-cb4ff6e69c73.roa Signing time: Tue 26 Aug 2025 00:00:05 +0000 ROA not before: Tue 26 Aug 2025 00:00:05 +0000 ROA not after: Tue 30 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Sep 2025 00:50:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:e9:8a:b7:8a:ff:65:f5:3d:c1:ce:92:4f:17:55:07:99:f5:1a:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 26 00:00:05 2025 GMT Not After : Sep 30 23:59:59 2025 GMT Subject: serialNumber=b81df7f2b880b5c52f598d68cdea402d083f83bca61849919ec3635d84e98e96, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:49:1a:d2:1f:fa:0e:b6:1b:8b:c5:07:af:0b: 5b:79:fc:72:02:4e:8e:2e:1e:af:db:71:87:5f:cc: 75:f9:67:77:12:8c:7f:90:75:29:42:91:49:55:4e: 00:60:67:19:17:b4:11:7c:28:b5:32:40:e0:90:f1: 74:84:03:56:be:6c:02:db:7f:2c:81:6e:bc:03:b8: 02:e7:16:60:de:86:0d:e5:72:80:8f:38:69:07:bb: 91:7e:39:f7:b8:67:d9:20:c6:07:97:a8:05:78:0f: c0:45:de:24:a3:4d:27:1a:ba:a3:36:72:d3:ee:b1: ef:7f:6b:23:33:cf:a1:03:13:e3:f0:8e:96:81:b2: 62:ad:40:ee:b5:56:07:a4:d2:f5:47:98:26:ae:d5: 4f:6d:a1:e3:51:d4:4b:16:ab:5a:b2:92:71:59:1b: 7b:f8:6f:8e:22:16:67:9d:1d:27:8b:1d:71:1d:72: 0c:ba:76:3a:7f:ce:10:b8:f0:ab:64:19:cb:2a:a3: e8:56:d4:3a:db:24:a3:22:39:03:ff:33:6a:22:7c: 0a:b4:9f:78:06:01:bd:ea:c9:8b:ef:b8:da:2a:d2: d3:12:ea:fa:f3:17:88:9b:20:cd:47:7a:5f:e6:78: 61:3b:d6:bb:1e:4e:8c:ec:3b:6c:48:0e:08:98:c6: 7e:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:C0:35:95:8E:D1:2C:E2:76:19:3F:F7:18:B8:10:9C:2A:2A:15:53 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b0ce5dd-b814-404d-834f-cb4ff6e69c73.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:1000::/40 Signature Algorithm: sha256WithRSAEncryption 02:c4:20:be:71:02:74:95:d2:9e:a2:93:98:57:4b:3c:84:46: 6c:c1:b7:60:c3:f3:dd:a1:36:79:c6:f6:90:c9:9d:07:b8:d3: 07:b7:58:68:25:b1:9f:ec:bb:e3:6a:f2:4b:b3:dd:c8:60:74: ff:09:bf:ae:80:de:5d:dd:7a:bf:90:9c:8d:0c:e1:45:a4:25: 66:6e:b0:b5:aa:db:19:75:a3:ff:58:6e:8b:3e:6e:a0:04:c6: a2:10:d2:a9:0e:2f:ba:4f:4e:f3:13:46:c2:c0:3a:d0:f0:83: 13:5e:17:05:78:d0:10:a2:fd:59:02:4e:01:6c:7f:32:16:de: 56:dd:63:ce:6c:bf:a6:c4:a3:ad:66:2f:40:56:80:d5:59:79: d0:08:c5:cc:01:ad:92:7a:46:aa:90:61:3d:ee:76:73:61:1e: a1:2e:5d:3c:ac:20:5c:c3:22:1c:69:93:25:b2:8b:c7:51:0e: b0:e3:f1:29:14:c0:e3:ff:55:6e:86:49:db:aa:b4:56:0f:38: ba:cc:09:81:93:a4:05:7b:f2:5c:e9:83:af:08:88:8f:09:f6: 22:c1:c9:80:00:bf:f5:25:a3:bd:10:53:5d:99:b8:48:d0:04: 00:19:6e:a9:dd:2b:c5:58:89:ce:b1:c2:60:c2:a6:8e:18:03: a8:1b:f4:d4 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUMumKt4r/ZfU9wc6STxdVB5n1GvMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyNjAwMDAwNVoX DTI1MDkzMDIzNTk1OVowejFJMEcGA1UEBRNAYjgxZGY3ZjJiODgwYjVjNTJmNTk4 ZDY4Y2RlYTQwMmQwODNmODNiY2E2MTg0OTkxOWVjMzYzNWQ4NGU5OGU5NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0ka0h/6DrYbi8UHrwtbefxyAk6O Lh6v23GHX8x1+Wd3Eox/kHUpQpFJVU4AYGcZF7QRfCi1MkDgkPF0hANWvmwC238s gW68A7gC5xZg3oYN5XKAjzhpB7uRfjn3uGfZIMYHl6gFeA/ARd4ko00nGrqjNnLT 7rHvf2sjM8+hAxPj8I6WgbJirUDutVYHpNL1R5gmrtVPbaHjUdRLFqtaspJxWRt7 +G+OIhZnnR0nix1xHXIMunY6f84QuPCrZBnLKqPoVtQ62ySjIjkD/zNqInwKtJ94 BgG96smL77jaKtLTEur68xeImyDNR3pf5nhhO9a7Hk6M7DtsSA4ImMZ+JwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEzANZWO0Szidhk/9xi4EJwqKhVTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJiMGNlNWRkLWI4MTQtNDA0ZC04MzRmLWNiNGZmNmU2OWM3My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoBAwDQYJKoZIhvcNAQELBQADggEBAALEIL5xAnSV0p6ik5hX SzyERmzBt2DD892hNnnG9pDJnQe40we3WGglsZ/su+Nq8kuz3chgdP8Jv66A3l3d er+QnI0M4UWkJWZusLWq2xl1o/9Ybos+bqAExqIQ0qkOL7pPTvMTRsLAOtDwgxNe FwV40BCi/VkCTgFsfzIW3lbdY85sv6bEo61mL0BWgNVZedAIxcwBrZJ6RqqQYT3u dnNhHqEuXTysIFzDIhxpkyWyi8dRDrDj8SkUwOP/VW6GSduqtFYPOLrMCYGTpAV7 8lzpg68IiI8J9iLByYAAv/Ulo70QU12ZuEjQBAAZbqndK8VYic6xwmDCpo4YA6gb 9NQ= -----END CERTIFICATE-----Generated at Thu Sep 18 09:32:13 2025 by rpki-client