$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/46906009-c3b9-49b3-a5f1-d017b200e422.roa File: 46906009-c3b9-49b3-a5f1-d017b200e422.roa (raw, json) Hash identifier: jxxkwe0vhBJPmLBe8G4rz8JiRn0ZSLEFTMqCyBZUThc= Subject key identifier: 25:AD:0D:B7:AB:1D:F6:93:FE:9C:F7:2C:11:25:EB:0F:05:6A:F6:F2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 09BB2E5B5A24BF21B689DDAEC16483BF5112B34B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/46906009-c3b9-49b3-a5f1-d017b200e422.roa Signing time: Tue 29 Jul 2025 00:40:16 +0000 ROA not before: Tue 29 Jul 2025 00:40:16 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:48c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:bb:2e:5b:5a:24:bf:21:b6:89:dd:ae:c1:64:83:bf:51:12:b3:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:40:16 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=d39b0b96f2ea5c900920068d42b3f1e05d3bc956965ac4bc7c06c249311bb9ab, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:2b:02:16:de:58:40:2c:63:7d:42:64:87:fe: 06:d5:21:f4:5b:7a:70:31:b2:2c:94:c0:48:25:f9: 42:c9:54:2f:e7:18:37:91:e7:3f:0e:e1:f4:ee:10: 58:dd:aa:71:b2:d0:20:22:04:83:82:c1:f9:41:c3: fb:be:3d:c0:6c:86:74:cb:a3:34:79:e7:9e:6c:22: d3:19:3f:47:58:66:23:f9:4d:9b:13:8b:cb:c8:94: 2a:2b:57:3a:fd:92:d6:d1:9d:39:e4:0a:1a:81:03: 98:0a:8d:66:ab:17:da:7e:47:d0:d6:0c:12:5d:fe: 9b:cc:cf:97:96:f7:74:6e:87:cb:db:e1:5b:68:d1: f6:0c:fe:21:ad:e5:d4:e5:c5:21:b3:b5:ac:75:32: 7e:e4:45:db:d0:3b:e6:0b:bf:42:44:d2:28:e2:89: 85:21:8e:b0:25:85:6c:48:ab:e2:ae:3c:79:6b:d7: 7e:b7:ee:f3:e9:c9:16:2a:31:c7:bc:2a:86:c3:45: e5:33:bb:94:d5:75:81:8e:a8:1d:4f:a0:63:fc:eb: 93:94:89:e0:38:bb:44:0e:0a:fd:dd:c7:36:50:2d: 93:6e:bd:5f:90:97:10:04:bd:68:6c:3f:9f:d8:83: 05:8a:21:42:80:fb:87:9f:e6:5f:02:cb:cb:ce:30: 15:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:AD:0D:B7:AB:1D:F6:93:FE:9C:F7:2C:11:25:EB:0F:05:6A:F6:F2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/46906009-c3b9-49b3-a5f1-d017b200e422.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:48c0::/48 Signature Algorithm: sha256WithRSAEncryption 01:26:2f:ec:f1:75:1e:3e:38:cd:a4:b4:62:1e:c9:e5:6b:90: 0c:c5:77:af:39:3b:50:2a:37:c8:9c:b1:44:d8:28:9a:b5:15: e4:33:96:38:dd:24:f1:d8:63:85:e6:24:ce:de:83:f9:15:33: 5e:b8:44:8e:e4:e4:19:c9:ef:d1:18:e8:e6:c0:99:77:cc:51: e9:e3:39:d7:d9:1a:ae:34:7e:c4:be:35:76:3e:53:2f:37:37: 26:54:9a:34:db:e0:93:9b:74:70:d7:f9:c5:d7:96:ba:15:a5: 00:9f:76:b4:2c:00:dd:62:e4:3a:64:40:94:20:8f:f1:3c:fd: 8d:f0:d3:1e:6d:70:1c:94:da:35:c2:82:1d:cc:fa:31:c8:89: 98:f6:e7:22:cb:b8:fe:5f:58:08:2c:75:31:f6:dc:d2:ee:64: c7:2a:ea:6f:fa:af:99:83:49:e9:dd:0a:94:2e:a4:88:57:0c: f8:68:0c:12:a6:b0:8e:02:f2:4f:a5:90:00:c3:55:3f:eb:6a: b1:df:1a:03:85:f5:af:f3:7b:0a:f0:44:7c:66:df:6b:98:62: 20:e9:a5:e1:b4:6a:c4:a2:f8:31:5f:88:57:7b:53:21:a2:45: 98:37:dd:74:49:b1:5c:9f:e3:1d:c8:84:41:5c:2e:df:9c:21: 6e:79:19:c3 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUCbsuW1okvyG2id2uwWSDv1ESs0swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwNDAxNloX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNAZDM5YjBiOTZmMmVhNWM5MDA5MjAw NjhkNDJiM2YxZTA1ZDNiYzk1Njk2NWFjNGJjN2MwNmMyNDkzMTFiYjlhYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmisCFt5YQCxjfUJkh/4G1SH0W3pw MbIslMBIJflCyVQv5xg3kec/DuH07hBY3apxstAgIgSDgsH5QcP7vj3AbIZ0y6M0 eeeebCLTGT9HWGYj+U2bE4vLyJQqK1c6/ZLW0Z055AoagQOYCo1mqxfafkfQ1gwS Xf6bzM+Xlvd0bofL2+FbaNH2DP4hreXU5cUhs7WsdTJ+5EXb0DvmC79CRNIo4omF IY6wJYVsSKvirjx5a9d+t+7z6ckWKjHHvCqGw0XlM7uU1XWBjqgdT6Bj/OuTlIng OLtEDgr93cc2UC2Tbr1fkJcQBL1obD+f2IMFiiFCgPuHn+ZfAsvLzjAVlQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCWtDberHfaT/pz3LBEl6w8FavbyMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ2OTA2MDA5LWMzYjktNDliMy1hNWYxLWQwMTdiMjAwZTQyMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOEjAMA0GCSqGSIb3DQEBCwUAA4IBAQABJi/s8XUePjjNpLRi Hsnla5AMxXevOTtQKjfInLFE2CiatRXkM5Y43STx2GOF5iTO3oP5FTNeuESO5OQZ ye/RGOjmwJl3zFHp4znX2RquNH7EvjV2PlMvNzcmVJo02+CTm3Rw1/nF15a6FaUA n3a0LADdYuQ6ZECUII/xPP2N8NMebXAclNo1woIdzPoxyImY9uciy7j+X1gILHUx 9tzS7mTHKupv+q+Zg0np3QqULqSIVwz4aAwSprCOAvJPpZAAw1U/62qx3xoDhfWv 83sK8ER8Zt9rmGIg6aXhtGrEovgxX4hXe1MhokWYN910SbFcn+MdyIRBXC7fnCFu eRnD -----END CERTIFICATE-----Generated at Thu Jul 31 00:58:47 2025 by rpki-client