$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa File: 4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa (raw, json) Hash identifier: TEGMvY3bVazHVtBWnzRD8NPAr3rWCgQNewver4gQsvA= Subject key identifier: FD:70:18:41:20:37:EA:96:A5:6D:29:FE:54:AB:1E:4E:1F:7B:EB:18 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 51C61D5F80A8333977320A6E28612908D094F1FE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa Signing time: Wed 27 Aug 2025 00:00:24 +0000 ROA not before: Wed 27 Aug 2025 00:00:24 +0000 ROA not after: Wed 01 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafa:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Sep 2025 00:01:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:c6:1d:5f:80:a8:33:39:77:32:0a:6e:28:61:29:08:d0:94:f1:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 27 00:00:24 2025 GMT Not After : Oct 1 23:59:59 2025 GMT Subject: serialNumber=568f2646760a51469e63a923448f90896a3bd427a935aa1f0f42b9ee0fd2b2c1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:f1:ac:84:19:bc:f5:64:9b:a5:8f:69:c1:92: e7:17:eb:8c:c9:07:d0:d6:96:32:54:71:fb:e8:7b: cb:cb:2f:ab:80:36:f0:c0:0f:4f:fa:d1:ec:4c:d4: fe:90:ec:d4:96:0c:c5:49:b6:6a:2b:a5:99:d7:89: 37:dc:5b:bd:70:cd:52:43:7f:10:86:35:bf:7b:d4: 2c:61:e9:5f:bb:f6:ac:bf:cb:2c:ac:b4:3c:06:b4: 11:34:17:a1:ad:bb:6b:14:6b:06:9a:89:55:a8:9f: 64:24:91:27:39:74:56:b8:5a:b7:b8:09:84:ef:63: b8:4c:63:4f:5b:82:d5:0b:ae:2b:61:1e:52:de:f6: ee:92:6a:77:c5:db:c9:9a:1d:82:1d:09:cc:a6:2c: 35:96:82:47:98:6e:03:42:ad:61:fc:f4:c6:58:a6: f8:1c:e3:2b:b4:30:89:45:64:56:ef:e8:fd:67:52: 2a:fd:50:75:c9:8c:0b:8f:76:3f:d4:3b:ee:87:5f: 57:ad:2f:fd:25:8b:f1:86:d3:4c:93:20:3d:74:6b: 8f:d3:7b:0a:e6:8a:b0:f5:89:5e:6b:9e:ae:d9:54: 65:be:e6:8e:5a:f2:1e:0d:99:c9:5d:b0:91:4e:91: b6:70:4a:7a:c8:4a:bf:23:d2:c9:84:bf:c6:af:70: b3:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:70:18:41:20:37:EA:96:A5:6D:29:FE:54:AB:1E:4E:1F:7B:EB:18 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafa:4000::/40 Signature Algorithm: sha256WithRSAEncryption a3:4d:9d:cd:20:8e:c8:3b:a3:98:cb:d1:98:e8:da:f8:0e:aa: 4b:be:80:23:d7:81:80:22:b9:d5:43:00:56:cf:ee:26:47:c5: 95:15:b8:f1:e7:3b:d7:f8:39:16:20:ed:b8:c7:fc:a6:d1:cc: 70:1b:53:53:9a:61:92:3d:9f:6b:8f:bf:64:60:d2:bc:60:51: 99:82:b3:54:4f:e9:2e:c1:e9:c3:06:85:ad:3c:bf:2b:5e:53: 26:d8:78:1f:5c:82:25:c3:b0:d0:53:49:27:32:2f:a1:06:ce: d2:80:33:a1:b8:07:e1:41:14:98:38:f7:23:7a:97:eb:6f:b4: 2b:de:90:8d:8a:49:a2:c1:ec:47:e1:80:8f:3f:d7:99:05:d9: 2f:32:50:87:8e:eb:47:6e:07:d1:e7:ec:31:44:ce:f9:a2:55: 92:86:8f:e3:c6:31:33:17:28:58:c5:e3:16:6d:70:64:9e:f3: 74:8c:db:89:2f:e2:d5:4e:c3:7e:7a:91:6b:08:41:ff:4b:d4: 2d:46:27:00:eb:9e:75:7a:d4:99:16:12:c7:78:9a:f2:07:88: 24:e0:c7:02:35:54:c4:03:bd:b7:da:53:c6:ff:c7:3f:7c:4e: fb:0f:f9:a5:9e:fe:1c:9c:02:d5:be:ce:c2:e0:8b:c2:78:1f: a3:90:cf:96 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUUcYdX4CoMzl3MgpuKGEpCNCU8f4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyNzAwMDAyNFoX DTI1MTAwMTIzNTk1OVowejFJMEcGA1UEBRNANTY4ZjI2NDY3NjBhNTE0NjllNjNh OTIzNDQ4ZjkwODk2YTNiZDQyN2E5MzVhYTFmMGY0MmI5ZWUwZmQyYjJjMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfGshBm89WSbpY9pwZLnF+uMyQfQ 1pYyVHH76HvLyy+rgDbwwA9P+tHsTNT+kOzUlgzFSbZqK6WZ14k33Fu9cM1SQ38Q hjW/e9QsYelfu/asv8ssrLQ8BrQRNBehrbtrFGsGmolVqJ9kJJEnOXRWuFq3uAmE 72O4TGNPW4LVC64rYR5S3vbukmp3xdvJmh2CHQnMpiw1loJHmG4DQq1h/PTGWKb4 HOMrtDCJRWRW7+j9Z1Iq/VB1yYwLj3Y/1Dvuh19XrS/9JYvxhtNMkyA9dGuP03sK 5oqw9Ylea56u2VRlvuaOWvIeDZnJXbCRTpG2cEp6yEq/I9LJhL/Gr3CzMwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFP1wGEEgN+qWpW0p/lSrHk4fe+sYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRkNWE4NTEzLTIxZTUtNGFmNy1iMWI5LWU4NWJjOGUxNmViOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+kAwDQYJKoZIhvcNAQELBQADggEBAKNNnc0gjsg7o5jL0Zjo 2vgOqku+gCPXgYAiudVDAFbP7iZHxZUVuPHnO9f4ORYg7bjH/KbRzHAbU1OaYZI9 n2uPv2Rg0rxgUZmCs1RP6S7B6cMGha08vyteUybYeB9cgiXDsNBTSScyL6EGztKA M6G4B+FBFJg49yN6l+tvtCvekI2KSaLB7EfhgI8/15kF2S8yUIeO60duB9Hn7DFE zvmiVZKGj+PGMTMXKFjF4xZtcGSe83SM24kv4tVOw356kWsIQf9L1C1GJwDrnnV6 1JkWEsd4mvIHiCTgxwI1VMQDvbfaU8b/xz98TvsP+aWe/hycAtW+zsLgi8J4H6OQ z5Y= -----END CERTIFICATE-----Generated at Sat Sep 13 23:04:25 2025 by rpki-client