$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6018436a-9c1a-42cb-8584-15032be971bb.roa File: 6018436a-9c1a-42cb-8584-15032be971bb.roa (raw, json) Hash identifier: ejElO8O83ElKpmJGnzbDrlOASJaPylqJ7igmgC2WNZ8= Subject key identifier: 3D:92:9C:36:38:E3:65:75:D0:3B:82:05:B0:37:07:F5:77:44:23:42 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 14D9E7433FAC8B4A3603753EE4ACD345A0BC1C20 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6018436a-9c1a-42cb-8584-15032be971bb.roa Signing time: Wed 10 Sep 2025 00:00:52 +0000 ROA not before: Wed 10 Sep 2025 00:00:52 +0000 ROA not after: Wed 15 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da24::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 20 Sep 2025 00:20:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:d9:e7:43:3f:ac:8b:4a:36:03:75:3e:e4:ac:d3:45:a0:bc:1c:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 10 00:00:52 2025 GMT Not After : Oct 15 23:59:59 2025 GMT Subject: serialNumber=82f9a36b425238ea64d8f68233d2d3442bf44e3314e564a96e15e11a7f110731, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:44:c3:f3:88:8b:e6:cf:df:c3:e5:29:a4:b4: 12:c9:35:b4:28:db:c5:18:3b:5c:8d:69:00:c3:cd: 85:a6:b8:da:26:95:10:5a:47:b1:f0:02:b2:f4:1c: 59:60:2c:db:3b:85:d4:4f:af:2e:70:49:d1:77:73: cb:99:c4:8d:ee:9d:90:42:b2:c7:01:fa:a1:2f:cc: 6b:95:01:5d:1e:e2:4b:95:e7:55:d7:e1:d4:57:17: 98:f9:96:29:43:cd:3c:c3:16:de:ac:df:f7:70:f0: d6:e3:6b:f5:bf:b8:ca:3a:a4:dc:c7:64:29:79:e9: 1b:bc:dd:35:25:6b:ac:31:c4:8b:22:01:b1:c3:10: 78:47:4e:e7:fd:87:79:c7:b6:d3:ad:9a:13:35:b5: e8:7f:35:a0:b5:93:dc:15:f3:1e:96:22:db:ff:72: d2:b2:71:f4:aa:07:75:7d:59:8c:7c:df:52:83:7c: 72:72:17:29:c5:3e:78:48:71:47:a1:63:ac:bf:f0: 26:5f:ac:bf:4b:39:d8:dd:db:5a:41:18:17:30:74: cf:7d:70:5f:b1:d8:c9:b1:84:ba:a8:76:3c:5f:8d: 6a:c6:9b:18:12:fb:92:bc:e6:ed:99:e9:e8:86:99: 18:43:65:d9:51:8a:7d:fc:38:7b:2b:4c:a5:08:ca: 40:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:92:9C:36:38:E3:65:75:D0:3B:82:05:B0:37:07:F5:77:44:23:42 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6018436a-9c1a-42cb-8584-15032be971bb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da24::/36 Signature Algorithm: sha256WithRSAEncryption 7a:1d:3e:20:c4:90:4c:17:f1:21:7c:3a:41:ec:90:fa:83:70: 7b:1f:da:fc:f4:42:29:11:b8:c7:d6:84:2c:32:b4:30:11:ef: c7:cb:75:0d:1a:80:2a:9a:98:3e:ee:75:80:49:07:a5:9d:97: 7e:c3:4c:46:b3:19:2a:38:f5:9f:13:c5:a3:8f:95:ae:38:1e: 73:0c:2c:a7:e3:28:28:8b:10:df:5f:51:39:b6:b9:56:2d:cb: 2b:d1:a9:6d:e4:02:c4:dc:42:73:46:62:8f:c2:92:4a:13:fd: df:72:54:07:49:26:7a:46:44:be:c1:6b:67:a7:98:af:34:ef: 08:e0:21:d3:c4:40:2e:69:27:37:ce:71:71:55:08:9c:b7:9a: 6a:a4:8d:83:6f:8d:04:51:bf:ad:15:9c:bb:fe:3b:bb:a3:f7: 82:2f:c3:28:f9:29:01:15:a9:63:61:d2:f3:88:4a:15:01:90: 84:75:73:f7:16:af:15:44:ac:1d:ea:4b:0f:52:42:22:c6:6a: 9f:af:82:45:13:64:c8:04:3b:00:74:70:6a:08:4c:21:49:64: 94:03:34:57:a1:dc:2b:78:f4:a4:a7:54:43:c9:4f:75:f7:c9: a0:b5:da:2a:34:b2:b7:e0:eb:26:76:e0:d4:2e:f0:eb:8b:21: 8f:6f:b4:a8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFNnnQz+si0o2A3U+5KzTRaC8HCAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDkxMDAwMDA1MloX DTI1MTAxNTIzNTk1OVowejFJMEcGA1UEBRNAODJmOWEzNmI0MjUyMzhlYTY0ZDhm NjgyMzNkMmQzNDQyYmY0NGUzMzE0ZTU2NGE5NmUxNWUxMWE3ZjExMDczMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUTD84iL5s/fw+UppLQSyTW0KNvF GDtcjWkAw82FprjaJpUQWkex8AKy9BxZYCzbO4XUT68ucEnRd3PLmcSN7p2QQrLH AfqhL8xrlQFdHuJLledV1+HUVxeY+ZYpQ808wxberN/3cPDW42v1v7jKOqTcx2Qp eekbvN01JWusMcSLIgGxwxB4R07n/Yd5x7bTrZoTNbXofzWgtZPcFfMeliLb/3LS snH0qgd1fVmMfN9Sg3xychcpxT54SHFHoWOsv/AmX6y/SznY3dtaQRgXMHTPfXBf sdjJsYS6qHY8X41qxpsYEvuSvObtmenohpkYQ2XZUYp9/Dh7K0ylCMpAhwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFD2SnDY442V10DuCBbA3B/V3RCNCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzYwMTg0MzZhLTljMWEtNDJjYi04NTg0LTE1MDMyYmU5NzFiYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaJAAwDQYJKoZIhvcNAQELBQADggEBAHodPiDEkEwX8SF8OkHs kPqDcHsf2vz0QikRuMfWhCwytDAR78fLdQ0agCqamD7udYBJB6Wdl37DTEazGSo4 9Z8TxaOPla44HnMMLKfjKCiLEN9fUTm2uVYtyyvRqW3kAsTcQnNGYo/CkkoT/d9y VAdJJnpGRL7Ba2enmK807wjgIdPEQC5pJzfOcXFVCJy3mmqkjYNvjQRRv60VnLv+ O7uj94Ivwyj5KQEVqWNh0vOIShUBkIR1c/cWrxVErB3qSw9SQiLGap+vgkUTZMgE OwB0cGoITCFJZJQDNFeh3Ct49KSnVEPJT3X3yaC12io0srfg6yZ24NQu8OuLIY9v tKg= -----END CERTIFICATE-----Generated at Tue Sep 16 07:09:11 2025 by rpki-client