$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d316ef2-56e4-4581-990e-015883180353.roa File: 5d316ef2-56e4-4581-990e-015883180353.roa (raw, json) Hash identifier: FTvjbceBu5Owb9mIofnoAsjASRcgCR0qb8/qHgkiSr0= Subject key identifier: C8:2E:D0:4C:D1:83:03:0C:14:F6:01:0E:3B:E7:1C:C9:C9:51:7A:5A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6F00F13B02B5AEBA05A2B499EB85AEA9C22C1120 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d316ef2-56e4-4581-990e-015883180353.roa Signing time: Fri 15 Aug 2025 00:10:58 +0000 ROA not before: Fri 15 Aug 2025 00:10:58 +0000 ROA not after: Fri 19 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 00:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:00:f1:3b:02:b5:ae:ba:05:a2:b4:99:eb:85:ae:a9:c2:2c:11:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 15 00:10:58 2025 GMT Not After : Sep 19 23:59:59 2025 GMT Subject: serialNumber=5dae39f928ef885faa4937017662ea8d9f77b0d0f93bee3b0ac5799e0c47e018, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:ab:d1:c1:3e:da:91:7f:5c:1e:6d:d4:5e:5b: 8b:00:20:e4:68:3d:e7:e4:ee:2c:34:9a:51:74:82: 93:69:4c:a2:3c:c3:16:77:d4:c1:ff:81:76:a6:7d: f5:f5:29:37:38:3d:d6:2b:78:f0:3b:4b:dd:d3:09: 39:8e:5a:9a:d4:38:94:82:47:25:35:57:3d:ea:74: c6:36:52:b6:8b:f3:1a:0a:8d:84:c6:68:fb:4d:b4: ea:06:ef:11:29:3a:73:b6:e9:fe:16:bb:6d:8a:89: b7:ae:a7:6c:df:7f:73:6d:de:65:15:88:dc:a2:45: 89:c4:ba:17:f7:aa:ca:3d:da:7d:10:e3:35:97:cb: 4f:a3:fa:4e:56:7e:f0:10:72:29:c5:b0:d0:6d:57: 98:ea:13:3b:50:c0:ad:d6:e4:54:91:b8:64:81:f0: d4:33:1e:de:c2:18:d2:98:98:ed:1c:4d:cd:45:f3: a5:cb:08:ad:6d:de:e7:41:39:22:8b:9b:d2:49:fa: 17:b6:3d:c2:8a:65:c0:41:96:37:87:74:ba:59:15: 58:07:55:04:33:91:bb:16:5d:4c:74:d1:fa:a5:40: 29:d9:f8:0f:80:8d:47:13:59:5f:5d:b0:54:bf:ae: 86:c7:8e:5b:f9:b3:8e:d5:22:35:27:a4:5e:6f:50: 0f:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:2E:D0:4C:D1:83:03:0C:14:F6:01:0E:3B:E7:1C:C9:C9:51:7A:5A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d316ef2-56e4-4581-990e-015883180353.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:4000::/40 Signature Algorithm: sha256WithRSAEncryption 8a:a3:ab:40:d8:4f:52:b6:c4:f9:f8:8c:07:d7:20:9b:5e:28: 5b:19:8e:42:d2:d3:1f:3f:7f:e3:23:c0:79:d0:01:87:8f:14: a9:5e:3e:15:5f:af:0f:13:b7:d4:40:37:75:2d:84:c3:15:a2: c3:68:c1:c1:ca:60:d1:71:5f:ca:a6:3b:e7:d2:f5:cb:aa:7d: 42:34:68:60:77:8c:e8:9e:e2:4f:75:74:93:25:d2:1d:77:76: 97:30:4b:a0:f9:88:1d:ea:b6:ba:77:5d:67:6f:ed:4e:37:29: 74:84:80:65:b9:3f:a1:29:b9:95:83:9c:11:47:bd:cb:6d:bc: f3:6a:92:68:39:85:86:42:f5:78:7f:83:7d:5b:0e:9c:ed:8a: 8b:be:d8:15:96:3c:66:8f:f0:35:57:7c:bf:86:7d:ae:8e:ba: 49:76:0c:01:81:6c:61:ca:34:64:f3:d6:02:35:92:97:d7:d5: 89:21:2a:b3:93:66:46:0a:55:a0:55:79:d7:c7:a0:99:02:56: 36:34:ac:7c:58:37:cd:31:2d:58:0d:4a:26:73:50:e3:43:20: 7b:c4:2f:24:b9:26:c8:2b:bd:66:89:29:47:90:d0:35:f4:af: 36:cb:a7:17:dd:c8:0b:d2:ff:e4:f4:bf:9d:80:b4:4b:17:dd: 87:89:c0:9a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbwDxOwK1rroForSZ64WuqcIsESAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxNTAwMTA1OFoX DTI1MDkxOTIzNTk1OVowejFJMEcGA1UEBRNANWRhZTM5ZjkyOGVmODg1ZmFhNDkz NzAxNzY2MmVhOGQ5Zjc3YjBkMGY5M2JlZTNiMGFjNTc5OWUwYzQ3ZTAxODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqvRwT7akX9cHm3UXluLACDkaD3n 5O4sNJpRdIKTaUyiPMMWd9TB/4F2pn319Sk3OD3WK3jwO0vd0wk5jlqa1DiUgkcl NVc96nTGNlK2i/MaCo2Exmj7TbTqBu8RKTpztun+Frttiom3rqds339zbd5lFYjc okWJxLoX96rKPdp9EOM1l8tPo/pOVn7wEHIpxbDQbVeY6hM7UMCt1uRUkbhkgfDU Mx7ewhjSmJjtHE3NRfOlywitbd7nQTkii5vSSfoXtj3CimXAQZY3h3S6WRVYB1UE M5G7Fl1MdNH6pUAp2fgPgI1HE1lfXbBUv66Gx45b+bOO1SI1J6Reb1AP8QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMgu0EzRgwMMFPYBDjvnHMnJUXpaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVkMzE2ZWYyLTU2ZTQtNDU4MS05OTBlLTAxNTg4MzE4MDM1My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba80AwDQYJKoZIhvcNAQELBQADggEBAIqjq0DYT1K2xPn4jAfX IJteKFsZjkLS0x8/f+MjwHnQAYePFKlePhVfrw8Tt9RAN3UthMMVosNowcHKYNFx X8qmO+fS9cuqfUI0aGB3jOie4k91dJMl0h13dpcwS6D5iB3qtrp3XWdv7U43KXSE gGW5P6EpuZWDnBFHvcttvPNqkmg5hYZC9Xh/g31bDpztiou+2BWWPGaP8DVXfL+G fa6Oukl2DAGBbGHKNGTz1gI1kpfX1YkhKrOTZkYKVaBVedfHoJkCVjY0rHxYN80x LVgNSiZzUONDIHvELyS5JsgrvWaJKUeQ0DX0rzbLpxfdyAvS/+T0v52AtEsX3YeJ wJo= -----END CERTIFICATE-----Generated at Wed Aug 20 10:45:54 2025 by rpki-client