$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa File: 49a679dd-b6ba-4b54-beeb-b3e83302b998.roa (raw, json) Hash identifier: EQlA9tWoC6udjRatnGNmW2TilvEmbDermtDqTjGlwBs= Subject key identifier: 13:64:E1:25:17:CF:6A:D0:DA:34:E7:7C:7E:42:69:65:31:F6:9A:A9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0FDE813340594E4E977DDA23311E9511FEECD7ED Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa Signing time: Wed 27 Aug 2025 00:00:07 +0000 ROA not before: Wed 27 Aug 2025 00:00:07 +0000 ROA not after: Wed 01 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Sep 2025 00:50:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:de:81:33:40:59:4e:4e:97:7d:da:23:31:1e:95:11:fe:ec:d7:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 27 00:00:07 2025 GMT Not After : Oct 1 23:59:59 2025 GMT Subject: serialNumber=e5f9549fdb53000f93ea9e7599af34d6be0def0fc867040177e051950f4238ac, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:99:d6:43:47:45:6f:64:00:aa:e4:87:13:fc: de:dd:b4:39:88:b4:ea:64:fe:fb:d5:08:88:e0:6e: e9:ef:95:d1:74:70:a5:78:cb:cd:e7:18:12:35:96: 7b:58:de:5e:0c:58:79:72:3a:d1:1b:ed:08:d2:04: 44:f5:60:4d:6b:c9:aa:8e:87:fe:4b:4c:bc:0b:36: 12:0f:90:75:8c:f0:01:e5:d7:96:f3:82:5b:b8:94: 37:d0:51:a3:89:23:ff:5f:7d:85:ea:c4:86:e9:bf: 9d:3c:24:d6:f6:f1:85:9a:2a:29:3c:30:00:38:cf: 41:4f:37:fe:10:d6:e5:16:bf:26:14:8a:1b:cf:d9: d4:3c:1f:bb:4f:16:00:83:50:64:32:54:4c:15:57: 2b:6e:fa:50:a5:c4:a1:6a:8f:25:b6:fd:0e:6f:c4: 87:e6:08:dc:26:97:4f:f7:cf:a9:e3:f7:6e:58:a0: bd:9f:dd:36:18:6a:c8:c2:8e:c3:84:3c:cc:0d:8f: 47:59:c1:c9:82:cf:1a:45:96:ec:a5:4d:f1:95:d0: 8d:e8:ef:2c:8c:9e:7c:c1:a6:5f:1b:0a:0e:44:e8: 80:fa:fc:d0:10:4b:3b:6a:d4:b2:cf:f2:a7:23:a5: 63:86:0c:9c:c0:f8:cc:6e:b3:42:0a:94:5c:f0:ec: 53:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:64:E1:25:17:CF:6A:D0:DA:34:E7:7C:7E:42:69:65:31:F6:9A:A9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:800::/40 Signature Algorithm: sha256WithRSAEncryption 97:f0:2d:38:63:bb:1a:b5:6a:43:78:01:37:23:7e:0f:65:dc: 41:95:30:5a:5f:5e:90:2f:cf:25:29:00:9a:05:e4:4b:15:e6: 31:48:e0:8f:2d:4c:27:9b:2c:2a:ed:3b:0e:a1:01:a5:6e:27: 04:75:3f:2e:64:ba:5d:fa:9f:ab:0f:c5:4b:c3:5f:96:ad:c4: 56:8b:f6:c6:36:1d:30:0c:ae:33:54:62:2f:2f:39:4d:ad:bf: 0f:c6:c6:8b:8a:ce:92:2a:15:5f:8e:b6:f8:fc:fb:d0:ab:03: 62:74:07:88:e6:7f:44:69:56:6c:c9:1d:11:8d:7c:d8:92:ff: f2:3a:9a:9a:2b:2b:83:e0:9a:92:b1:4c:63:31:77:ae:1f:00: 70:be:b3:30:b8:27:85:80:3f:10:71:57:df:a8:07:b4:be:d4: 5e:90:a5:36:a0:5c:1e:54:57:df:c1:55:24:b3:f6:84:a8:28: 04:de:a2:0d:8e:72:3c:08:f4:5a:df:9f:c4:14:24:97:64:24: 4c:4d:cb:a9:76:00:48:37:9b:76:2d:71:1d:21:e7:a0:1c:9a: 78:31:06:bd:26:e8:a4:98:4d:04:08:8a:55:a8:f0:78:cf:a7: 3e:fd:20:e1:58:0a:f4:92:33:77:e4:0c:2d:8b:d9:a7:67:9f: 16:48:3f:53 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUD96BM0BZTk6XfdojMR6VEf7s1+0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyNzAwMDAwN1oX DTI1MTAwMTIzNTk1OVowejFJMEcGA1UEBRNAZTVmOTU0OWZkYjUzMDAwZjkzZWE5 ZTc1OTlhZjM0ZDZiZTBkZWYwZmM4NjcwNDAxNzdlMDUxOTUwZjQyMzhhYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA35nWQ0dFb2QAquSHE/ze3bQ5iLTq ZP771QiI4G7p75XRdHCleMvN5xgSNZZ7WN5eDFh5cjrRG+0I0gRE9WBNa8mqjof+ S0y8CzYSD5B1jPAB5deW84JbuJQ30FGjiSP/X32F6sSG6b+dPCTW9vGFmiopPDAA OM9BTzf+ENblFr8mFIobz9nUPB+7TxYAg1BkMlRMFVcrbvpQpcShao8ltv0Ob8SH 5gjcJpdP98+p4/duWKC9n902GGrIwo7DhDzMDY9HWcHJgs8aRZbspU3xldCN6O8s jJ58waZfGwoOROiA+vzQEEs7atSyz/KnI6VjhgycwPjMbrNCCpRc8OxT1wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBNk4SUXz2rQ2jTnfH5CaWUx9pqpMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5YTY3OWRkLWI2YmEtNGI1NC1iZWViLWIzZTgzMzAyYjk5OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8QgwDQYJKoZIhvcNAQELBQADggEBAJfwLThjuxq1akN4ATcj fg9l3EGVMFpfXpAvzyUpAJoF5EsV5jFI4I8tTCebLCrtOw6hAaVuJwR1Py5kul36 n6sPxUvDX5atxFaL9sY2HTAMrjNUYi8vOU2tvw/GxouKzpIqFV+Otvj8+9CrA2J0 B4jmf0RpVmzJHRGNfNiS//I6mporK4PgmpKxTGMxd64fAHC+szC4J4WAPxBxV9+o B7S+1F6QpTagXB5UV9/BVSSz9oSoKATeog2OcjwI9Frfn8QUJJdkJExNy6l2AEg3 m3YtcR0h56AcmngxBr0m6KSYTQQIilWo8HjPpz79IOFYCvSSM3fkDC2L2adnnxZI P1M= -----END CERTIFICATE-----Generated at Thu Sep 18 02:47:11 2025 by rpki-client