$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6018436a-9c1a-42cb-8584-15032be971bb.roa File: 6018436a-9c1a-42cb-8584-15032be971bb.roa (raw, json) Hash identifier: mnWugzzeRLXlg2eKTVEVjOLoZYFpjZbvmTXfe2pgw4o= Subject key identifier: E4:33:F8:4E:C1:DD:43:4C:A4:C4:F7:B2:18:AA:C5:98:7B:47:FE:61 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2E41A110635A957B8A91F5CB1BA2DC6976881102 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6018436a-9c1a-42cb-8584-15032be971bb.roa Signing time: Sat 16 Aug 2025 00:00:43 +0000 ROA not before: Sat 16 Aug 2025 00:00:43 +0000 ROA not after: Sat 20 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da24::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 00:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:41:a1:10:63:5a:95:7b:8a:91:f5:cb:1b:a2:dc:69:76:88:11:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 16 00:00:43 2025 GMT Not After : Sep 20 23:59:59 2025 GMT Subject: serialNumber=19949578e8c6386353771a9e726504996fc7c49ea1af0015b52a075753f7b944, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:7e:04:ec:e8:38:c8:1a:e8:30:16:c0:33:e0: e7:f1:32:e4:f2:23:63:5a:2e:ed:ed:04:c1:a5:8c: b8:e7:92:45:bc:58:9c:91:e8:85:0e:b2:ce:4d:da: 08:95:85:1e:47:d1:f2:2c:7b:3a:54:b5:ad:ef:bf: 56:e2:52:7d:46:9f:c9:6f:a0:92:a1:a9:f0:2e:72: 05:c7:85:3e:28:a8:97:38:7e:54:9e:1a:62:4e:6b: a1:fb:e3:a2:ee:75:64:01:75:a8:d0:f8:bd:35:62: 52:39:5e:a9:98:6d:25:64:8f:53:b8:1d:46:7f:48: a8:71:fe:f7:08:04:f2:b1:0f:62:e9:af:e5:87:28: 49:1f:73:f6:2f:69:cb:04:02:c4:0b:30:38:5b:65: 0f:26:ad:2c:ec:a7:60:6b:1b:35:ed:0f:35:8c:4b: 0b:0b:d3:e0:5d:32:65:23:e2:35:35:bd:d7:87:4f: c8:2a:1b:5f:4c:ad:01:02:97:45:4e:ec:1b:54:3c: eb:b5:14:55:c3:6d:da:60:46:0b:60:16:ac:24:60: 22:0d:74:47:d5:64:92:ef:c2:8c:40:dd:8b:98:96: 92:c7:58:aa:cf:89:40:26:2b:f3:e8:9c:ff:81:74: 29:da:2e:a0:cd:e4:8f:5e:3a:e2:ae:f6:a9:57:85: 72:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:33:F8:4E:C1:DD:43:4C:A4:C4:F7:B2:18:AA:C5:98:7B:47:FE:61 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6018436a-9c1a-42cb-8584-15032be971bb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da24::/36 Signature Algorithm: sha256WithRSAEncryption ad:b2:5b:93:d6:ab:22:4f:53:9a:12:bb:8e:52:a0:84:42:5d: 2e:92:cf:7c:de:f8:b8:cc:ad:50:7f:22:a0:3b:2d:c4:2e:8e: 13:5c:e7:af:80:d0:7a:9c:5b:67:09:2a:3c:0e:09:fc:6c:0f: 0f:bf:5b:98:d9:95:1f:4b:c3:c6:77:bc:d1:11:93:2c:37:45: f6:5a:7f:f4:fb:31:44:9e:18:a7:37:e6:52:00:f6:9d:3b:95: 6d:4e:7b:d2:ad:ff:ff:a3:14:a4:ba:c2:a3:4c:7a:34:c7:1a: b9:80:5a:1f:aa:72:df:e9:f2:bf:4b:74:50:28:79:fd:f3:11: 40:14:75:06:49:1c:d3:00:1e:d4:b6:f0:eb:52:d2:f3:ed:cc: f7:51:97:31:fd:f9:ec:57:98:51:96:42:f1:55:ff:05:c4:bd: 70:46:17:a3:4d:d2:44:b8:70:a6:e7:86:81:0b:5a:3a:58:1d: 09:d4:8d:01:29:d1:8a:d4:7b:f2:27:70:f2:f5:3b:e5:38:84: be:fe:8b:19:ed:7b:6f:d4:82:69:73:c4:7a:12:45:04:07:9d: e2:c2:5f:9a:74:1a:37:05:58:a7:b6:f6:e9:96:f0:2c:b6:28: 8f:22:d7:29:9c:9c:45:41:80:bd:3e:93:1c:77:ea:12:38:30: ab:8e:f8:ea -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULkGhEGNalXuKkfXLG6LcaXaIEQIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxNjAwMDA0M1oX DTI1MDkyMDIzNTk1OVowejFJMEcGA1UEBRNAMTk5NDk1NzhlOGM2Mzg2MzUzNzcx YTllNzI2NTA0OTk2ZmM3YzQ5ZWExYWYwMDE1YjUyYTA3NTc1M2Y3Yjk0NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA834E7Og4yBroMBbAM+Dn8TLk8iNj Wi7t7QTBpYy455JFvFickeiFDrLOTdoIlYUeR9HyLHs6VLWt779W4lJ9Rp/Jb6CS oanwLnIFx4U+KKiXOH5UnhpiTmuh++Oi7nVkAXWo0Pi9NWJSOV6pmG0lZI9TuB1G f0iocf73CATysQ9i6a/lhyhJH3P2L2nLBALECzA4W2UPJq0s7Kdgaxs17Q81jEsL C9PgXTJlI+I1Nb3Xh0/IKhtfTK0BApdFTuwbVDzrtRRVw23aYEYLYBasJGAiDXRH 1WSS78KMQN2LmJaSx1iqz4lAJivz6Jz/gXQp2i6gzeSPXjrirvapV4VyrwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOQz+E7B3UNMpMT3shiqxZh7R/5hMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzYwMTg0MzZhLTljMWEtNDJjYi04NTg0LTE1MDMyYmU5NzFiYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaJAAwDQYJKoZIhvcNAQELBQADggEBAK2yW5PWqyJPU5oSu45S oIRCXS6Sz3ze+LjMrVB/IqA7LcQujhNc56+A0HqcW2cJKjwOCfxsDw+/W5jZlR9L w8Z3vNERkyw3RfZaf/T7MUSeGKc35lIA9p07lW1Oe9Kt//+jFKS6wqNMejTHGrmA Wh+qct/p8r9LdFAoef3zEUAUdQZJHNMAHtS28OtS0vPtzPdRlzH9+exXmFGWQvFV /wXEvXBGF6NN0kS4cKbnhoELWjpYHQnUjQEp0YrUe/IncPL1O+U4hL7+ixnte2/U gmlzxHoSRQQHneLCX5p0GjcFWKe29umW8Cy2KI8i1ymcnEVBgL0+kxx36hI4MKuO +Oo= -----END CERTIFICATE-----Generated at Wed Aug 20 10:46:45 2025 by rpki-client