$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/519f0e88-fa90-4b61-957d-57fe1cc2f6c1.roa File: 519f0e88-fa90-4b61-957d-57fe1cc2f6c1.roa (raw, json) Hash identifier: hmgGiPjkLlg/diQ7HAATJzyrmt4doUy56Gfnw1TYI+I= Subject key identifier: 69:5B:27:25:47:C5:DB:6B:58:2D:9D:A4:E3:9D:C1:38:86:B8:77:39 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 56B86E4F2996FD401DAE64CC0CED918B82B96BF1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/519f0e88-fa90-4b61-957d-57fe1cc2f6c1.roa Signing time: Tue 26 Aug 2025 00:01:37 +0000 ROA not before: Tue 26 Aug 2025 00:01:37 +0000 ROA not after: Tue 30 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 19 Sep 2025 15:01:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:b8:6e:4f:29:96:fd:40:1d:ae:64:cc:0c:ed:91:8b:82:b9:6b:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 26 00:01:37 2025 GMT Not After : Sep 30 23:59:59 2025 GMT Subject: serialNumber=6efd0b876633940fe3c5f771b7b702c1c81d9240c6624159f5296ecd67b4c0af, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:6b:4d:a7:bc:66:f6:e2:98:0f:9b:3b:83:68: af:d0:a8:bf:1e:6e:70:cf:e1:d8:42:d8:af:d8:86: 4c:0f:23:22:93:dc:8a:a6:7e:73:13:72:b3:65:76: 36:0a:4d:35:71:eb:c8:63:51:1b:35:92:6d:62:83: 7e:1e:9e:1e:be:f2:1d:5b:56:18:09:87:ea:be:b5: 25:92:a3:84:e0:a8:b2:d3:e8:1b:ae:51:bf:d9:1f: 3b:df:5f:b7:a4:3f:21:c1:49:1b:53:ce:ab:f9:57: 6e:93:89:79:e1:f7:0a:e4:50:c0:84:62:a1:5b:a5: 6c:8d:fc:20:01:74:31:8e:87:fe:01:0c:2a:a8:d8: 3d:ab:a0:29:c6:03:25:cd:83:2f:1e:e7:5b:ed:d1: 94:5f:71:5e:a3:09:38:54:b6:39:7f:0d:3e:b1:4e: 1b:20:cc:65:2d:2d:ea:3c:f2:c8:e3:5d:dd:ee:e0: 32:a5:58:58:c4:10:6c:7f:4e:6c:a5:ee:80:c5:78: 73:62:f7:43:c0:14:8b:70:57:ef:64:58:1c:ed:cc: 52:19:96:4f:82:9d:51:a4:88:b3:ec:d2:8b:99:1e: 71:3e:b9:a1:e1:45:ec:50:7f:1b:b5:2f:ff:6d:5e: 82:12:a9:1f:17:1d:c9:29:3f:64:7e:6a:d3:c6:79: c5:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:5B:27:25:47:C5:DB:6B:58:2D:9D:A4:E3:9D:C1:38:86:B8:77:39 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/519f0e88-fa90-4b61-957d-57fe1cc2f6c1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:e000::/40 Signature Algorithm: sha256WithRSAEncryption 1c:a8:de:03:87:6b:ce:9f:00:46:88:d5:62:5c:f7:71:2c:4d: 45:06:34:bd:e7:16:51:a3:e8:dc:2a:61:30:bf:24:46:61:94: 3d:8c:01:b6:71:a7:eb:c0:bc:0e:fb:b1:34:11:a4:74:0b:bb: e8:7f:c4:a5:04:4a:7a:d8:16:25:55:79:94:7e:83:4e:84:68: 2c:a0:9d:14:98:6d:d7:9c:73:25:cc:ab:23:b5:a7:32:ec:9d: 12:c2:af:6f:52:66:ee:8b:4d:58:16:05:32:aa:2c:3f:31:a4: b8:c2:8f:e1:31:88:a3:5a:83:16:4b:ea:94:4c:eb:4b:90:d7: de:ae:5d:84:29:35:25:69:23:be:8b:9b:e5:d8:89:d0:08:f9: ba:45:fd:0d:03:1d:6d:19:12:4e:97:21:b0:e5:c7:d4:a5:fc: 79:0f:41:8b:cd:84:10:70:56:b2:32:ae:d2:42:2d:60:3b:b1: a4:6c:64:1f:ba:f2:ba:e8:0f:1c:f3:25:fa:12:98:47:71:85: 9b:03:57:98:f0:e5:f8:56:bb:d0:d1:ad:4d:88:6e:13:ff:a0: 51:9f:f7:b0:45:e0:7b:9a:43:ea:e1:aa:71:e3:bb:e7:aa:aa: 12:1c:18:76:9e:6c:6e:cf:09:75:50:14:c1:0a:06:a5:aa:83: 81:ad:d8:fe -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVrhuTymW/UAdrmTMDO2Ri4K5a/EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyNjAwMDEzN1oX DTI1MDkzMDIzNTk1OVowejFJMEcGA1UEBRNANmVmZDBiODc2NjMzOTQwZmUzYzVm NzcxYjdiNzAyYzFjODFkOTI0MGM2NjI0MTU5ZjUyOTZlY2Q2N2I0YzBhZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2tNp7xm9uKYD5s7g2iv0Ki/Hm5w z+HYQtiv2IZMDyMik9yKpn5zE3KzZXY2Ck01cevIY1EbNZJtYoN+Hp4evvIdW1YY CYfqvrUlkqOE4Kiy0+gbrlG/2R8731+3pD8hwUkbU86r+Vduk4l54fcK5FDAhGKh W6VsjfwgAXQxjof+AQwqqNg9q6ApxgMlzYMvHudb7dGUX3Feowk4VLY5fw0+sU4b IMxlLS3qPPLI413d7uAypVhYxBBsf05spe6AxXhzYvdDwBSLcFfvZFgc7cxSGZZP gp1RpIiz7NKLmR5xPrmh4UXsUH8btS//bV6CEqkfFx3JKT9kfmrTxnnFrwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGlbJyVHxdtrWC2dpOOdwTiGuHc5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzUxOWYwZTg4LWZhOTAtNGI2MS05NTdkLTU3ZmUxY2MyZjZjMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoOAwDQYJKoZIhvcNAQELBQADggEBAByo3gOHa86fAEaI1WJc 93EsTUUGNL3nFlGj6NwqYTC/JEZhlD2MAbZxp+vAvA77sTQRpHQLu+h/xKUESnrY FiVVeZR+g06EaCygnRSYbdeccyXMqyO1pzLsnRLCr29SZu6LTVgWBTKqLD8xpLjC j+ExiKNagxZL6pRM60uQ196uXYQpNSVpI76Lm+XYidAI+bpF/Q0DHW0ZEk6XIbDl x9Sl/HkPQYvNhBBwVrIyrtJCLWA7saRsZB+68rroDxzzJfoSmEdxhZsDV5jw5fhW u9DRrU2IbhP/oFGf97BF4HuaQ+rhqnHju+eqqhIcGHaebG7PCXVQFMEKBqWqg4Gt 2P4= -----END CERTIFICATE-----Generated at Mon Sep 15 21:51:57 2025 by rpki-client