$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c96710-1e67-4b08-aeed-9db02b3e6469.roa File: 49c96710-1e67-4b08-aeed-9db02b3e6469.roa (raw, json) Hash identifier: pk8GYat+yLnu/e74U+ivr/Rc73KRLkenHt14tkHcOKc= Subject key identifier: CD:5A:57:36:16:D8:02:62:CF:88:C0:3C:9B:C9:A9:29:78:29:AA:36 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 329C79C807DAFBF8F193CDAD023DED7CC1265DDA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c96710-1e67-4b08-aeed-9db02b3e6469.roa Signing time: Wed 10 Sep 2025 00:00:45 +0000 ROA not before: Wed 10 Sep 2025 00:00:45 +0000 ROA not after: Wed 15 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 20 Sep 2025 00:20:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:9c:79:c8:07:da:fb:f8:f1:93:cd:ad:02:3d:ed:7c:c1:26:5d:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 10 00:00:45 2025 GMT Not After : Oct 15 23:59:59 2025 GMT Subject: serialNumber=38f7bbab1c95f5428fd2f1d43c136382717ea3028f3a53d6b1d9f0b9c0f3aa5c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:68:9e:70:8c:04:e4:a9:56:ea:7d:ae:49:39: b2:a3:69:e6:7e:4e:bc:87:11:53:2f:4a:28:a4:31: be:26:c8:b5:45:a2:5e:05:8f:cc:f0:e9:34:6c:29: 77:56:5a:ec:50:4c:bd:5d:ba:3f:8e:fb:a3:a4:51: df:06:46:88:99:ae:8f:88:2b:95:2d:aa:e2:51:53: 6f:49:5a:b1:49:d2:54:44:32:df:e8:29:fd:71:a7: 9d:1a:d1:e2:2b:71:5f:35:00:6c:37:36:24:e6:3e: c3:05:0a:e6:71:a1:e5:f6:68:93:66:ba:81:4b:21: fc:54:b9:52:db:0f:c0:de:ec:e2:af:d7:10:29:71: 7d:99:34:66:e8:95:c7:ca:7b:8c:ae:bf:ca:d1:29: 31:13:72:ce:94:9e:ae:70:91:c0:1f:53:84:e2:e5: 09:3a:8f:3d:fb:57:68:05:9b:8a:c0:57:55:a4:d8: e1:08:f6:f1:21:96:bc:01:7e:c2:75:16:de:88:89: 06:87:7a:97:e2:57:b8:cd:8c:0b:45:ab:ba:aa:d4: da:78:8b:bc:8b:d5:da:c8:ac:84:93:94:1b:d3:e3: 95:b3:7d:5b:6f:6e:69:2c:74:18:2f:63:d8:bb:58: b4:3e:75:d1:5b:ea:83:66:a2:e9:89:f8:4e:cd:e8: 6d:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:5A:57:36:16:D8:02:62:CF:88:C0:3C:9B:C9:A9:29:78:29:AA:36 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c96710-1e67-4b08-aeed-9db02b3e6469.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:e000::/40 Signature Algorithm: sha256WithRSAEncryption 0e:84:94:30:53:ce:e1:9c:f6:d4:8b:b7:18:d0:51:e2:c6:b7: 5d:e6:f2:3f:ef:1b:a6:6e:b3:fd:3d:31:22:af:3a:96:46:37: ed:96:f8:f1:88:2e:a7:cf:55:fc:ba:ab:82:84:9d:df:33:ad: 1c:ca:c3:61:af:b5:8a:9c:c5:ce:24:55:49:bd:ab:b5:cc:23: f0:17:19:11:79:5d:83:26:9a:ad:18:49:d7:2f:dc:26:51:db: 71:6b:60:7f:89:1e:0c:a0:9f:f3:28:bd:05:13:fc:5a:e6:cb: a9:cf:34:f0:6c:c9:8c:6f:4d:87:a5:80:1f:44:1f:72:2e:d2: a9:ac:7b:f3:02:e0:17:57:e3:a0:e5:a5:49:6e:e4:e3:bd:5a: f2:71:9c:24:5f:60:ac:59:b9:3c:c7:63:f3:a6:d2:88:d0:a5: 94:06:67:00:42:22:87:1f:ed:3c:e6:37:e4:3e:40:4f:0f:2b: 69:36:3a:ea:35:04:95:ce:4e:d4:46:ab:6b:2e:0b:84:b8:73: 81:b5:54:77:dc:9c:4e:51:af:88:ed:8b:5f:95:4c:8e:af:ab: e5:04:e6:da:eb:32:cd:99:8d:60:50:90:8c:20:62:b3:bb:8e: e9:34:2f:6a:75:d5:c1:e2:1b:07:a6:7f:ff:3d:04:33:d4:c8: da:c3:e9:7a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUMpx5yAfa+/jxk82tAj3tfMEmXdowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDkxMDAwMDA0NVoX DTI1MTAxNTIzNTk1OVowejFJMEcGA1UEBRNAMzhmN2JiYWIxYzk1ZjU0MjhmZDJm MWQ0M2MxMzYzODI3MTdlYTMwMjhmM2E1M2Q2YjFkOWYwYjljMGYzYWE1YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGiecIwE5KlW6n2uSTmyo2nmfk68 hxFTL0oopDG+Jsi1RaJeBY/M8Ok0bCl3VlrsUEy9Xbo/jvujpFHfBkaIma6PiCuV LariUVNvSVqxSdJURDLf6Cn9caedGtHiK3FfNQBsNzYk5j7DBQrmcaHl9miTZrqB SyH8VLlS2w/A3uzir9cQKXF9mTRm6JXHynuMrr/K0SkxE3LOlJ6ucJHAH1OE4uUJ Oo89+1doBZuKwFdVpNjhCPbxIZa8AX7CdRbeiIkGh3qX4le4zYwLRau6qtTaeIu8 i9XayKyEk5Qb0+OVs31bb25pLHQYL2PYu1i0PnXRW+qDZqLpifhOzehtUQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFM1aVzYW2AJiz4jAPJvJqSl4Kao2MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5Yzk2NzEwLTFlNjctNGIwOC1hZWVkLTlkYjAyYjNlNjQ2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9eAwDQYJKoZIhvcNAQELBQADggEBAA6ElDBTzuGc9tSLtxjQ UeLGt13m8j/vG6Zus/09MSKvOpZGN+2W+PGILqfPVfy6q4KEnd8zrRzKw2GvtYqc xc4kVUm9q7XMI/AXGRF5XYMmmq0YSdcv3CZR23FrYH+JHgygn/MovQUT/Frmy6nP NPBsyYxvTYelgB9EH3Iu0qmse/MC4BdX46DlpUlu5OO9WvJxnCRfYKxZuTzHY/Om 0ojQpZQGZwBCIocf7TzmN+Q+QE8PK2k2Ouo1BJXOTtRGq2suC4S4c4G1VHfcnE5R r4jti1+VTI6vq+UE5trrMs2ZjWBQkIwgYrO7juk0L2p11cHiGwemf/89BDPUyNrD 6Xo= -----END CERTIFICATE-----Generated at Tue Sep 16 09:17:16 2025 by rpki-client