$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/64aa810d-cc7f-45fe-b794-d290c3a511c5.roa File: 64aa810d-cc7f-45fe-b794-d290c3a511c5.roa (raw, json) Hash identifier: hFXJjmb6hCX+WXD8Vkm0Obcwsb5GSTA84qmkT7WgJ4M= Subject key identifier: DC:0A:42:85:5E:5F:ED:4F:67:6C:AC:E7:8B:2A:04:4C:4D:46:D4:F9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 780B41D7A6071B736209EB1A2969B164B39ABABA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/64aa810d-cc7f-45fe-b794-d290c3a511c5.roa Signing time: Tue 26 Aug 2025 00:21:08 +0000 ROA not before: Tue 26 Aug 2025 00:21:08 +0000 ROA not after: Tue 30 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Sep 2025 00:50:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:0b:41:d7:a6:07:1b:73:62:09:eb:1a:29:69:b1:64:b3:9a:ba:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 26 00:21:08 2025 GMT Not After : Sep 30 23:59:59 2025 GMT Subject: serialNumber=15c6917f80d08efea63b21ac49ded70ee4699a8b35c2d4cdf135285264609e7c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:44:93:33:61:d6:fe:2b:35:81:ac:9e:be:c8: 6c:8a:b4:c2:3f:26:d5:b6:40:1a:00:91:80:25:5e: 9f:7c:42:da:34:29:e2:e6:ac:9c:2c:e4:37:54:0e: b7:e5:96:c3:d1:78:65:6e:4d:72:c8:37:9d:30:79: 38:40:3b:46:d7:74:23:db:12:e0:c0:96:dc:46:ba: 97:72:c4:39:b7:0c:08:44:7d:08:55:27:58:e4:92: a5:5d:1e:aa:88:58:43:c6:67:f7:d9:fb:11:70:de: a2:2e:e5:79:41:19:12:4d:17:c4:b9:2f:5d:3e:71: a8:73:25:c3:19:a9:5a:9b:0c:05:ed:f3:b6:f5:cd: ea:2f:6b:bd:5b:f2:50:f9:00:39:3d:e2:65:66:a9: 51:e5:d3:5f:c0:ec:2f:45:1b:c5:7a:c8:69:85:b8: e2:d4:1c:58:dd:89:24:e4:52:59:bc:ab:fc:79:04: e4:ed:61:0c:11:af:e5:91:f3:7e:26:b9:4a:72:e1: d2:8b:10:61:01:8f:73:17:54:7d:11:a2:4c:62:55: 4c:0f:72:29:76:80:a8:05:8a:26:18:fd:ca:ee:8e: 92:a8:c5:0b:7b:4b:0e:4f:1a:95:4b:34:45:f4:d5: 3a:20:57:03:89:9e:8c:de:98:0d:b5:a8:89:88:51: c9:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:0A:42:85:5E:5F:ED:4F:67:6C:AC:E7:8B:2A:04:4C:4D:46:D4:F9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/64aa810d-cc7f-45fe-b794-d290c3a511c5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:e000::/40 Signature Algorithm: sha256WithRSAEncryption 65:b5:64:91:07:5f:47:10:af:5b:9e:82:07:36:82:ea:53:69: 04:cf:e8:13:70:2c:7e:0a:8c:45:33:29:f9:08:cf:fe:6f:44: 85:ee:2a:08:5f:65:06:7c:41:7a:eb:80:cb:64:1e:86:a8:65: 0f:ed:ec:15:b8:42:dd:5e:84:18:f9:21:cb:cd:65:70:6c:3b: 29:8a:1a:73:4a:ee:f0:f3:d7:ff:1f:41:c9:02:de:84:01:e9: 99:02:54:ae:50:b4:61:34:24:d9:8f:3e:c3:5c:04:90:0d:c0: e2:42:d5:89:60:cc:59:89:76:f8:46:92:ed:34:bc:6b:0b:65: f4:3f:4b:4c:b2:85:75:da:40:e7:2c:e6:6f:fe:7c:8e:35:e6: 43:f8:10:44:f7:31:46:70:24:1b:25:75:7e:12:f7:c1:a6:9d: f4:ec:cb:88:28:db:74:fe:98:bf:76:bc:85:68:71:7e:e6:45: 37:e3:7e:55:aa:45:d0:ef:b4:06:e6:9a:39:b3:e6:3b:64:b1: 68:6f:b3:4d:f0:f0:d8:5b:f1:13:f6:8a:25:17:eb:db:27:6f: 8f:74:fe:ca:fd:84:7d:11:1a:7b:c6:38:9f:a3:ed:64:12:ed: f2:30:08:82:37:b2:77:a6:7d:76:67:09:cf:68:5a:f7:47:ce: 58:c7:6b:44 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeAtB16YHG3NiCesaKWmxZLOaurowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyNjAwMjEwOFoX DTI1MDkzMDIzNTk1OVowejFJMEcGA1UEBRNAMTVjNjkxN2Y4MGQwOGVmZWE2M2Iy MWFjNDlkZWQ3MGVlNDY5OWE4YjM1YzJkNGNkZjEzNTI4NTI2NDYwOWU3YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUSTM2HW/is1gayevshsirTCPybV tkAaAJGAJV6ffELaNCni5qycLOQ3VA635ZbD0Xhlbk1yyDedMHk4QDtG13Qj2xLg wJbcRrqXcsQ5twwIRH0IVSdY5JKlXR6qiFhDxmf32fsRcN6iLuV5QRkSTRfEuS9d PnGocyXDGalamwwF7fO29c3qL2u9W/JQ+QA5PeJlZqlR5dNfwOwvRRvFeshphbji 1BxY3Ykk5FJZvKv8eQTk7WEMEa/lkfN+JrlKcuHSixBhAY9zF1R9EaJMYlVMD3Ip doCoBYomGP3K7o6SqMULe0sOTxqVSzRF9NU6IFcDiZ6M3pgNtaiJiFHJXwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNwKQoVeX+1PZ2ys54sqBExNRtT5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY0YWE4MTBkLWNjN2YtNDVmZS1iNzk0LWQyOTBjM2E1MTFjNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8eAwDQYJKoZIhvcNAQELBQADggEBAGW1ZJEHX0cQr1ueggc2 gupTaQTP6BNwLH4KjEUzKfkIz/5vRIXuKghfZQZ8QXrrgMtkHoaoZQ/t7BW4Qt1e hBj5IcvNZXBsOymKGnNK7vDz1/8fQckC3oQB6ZkCVK5QtGE0JNmPPsNcBJANwOJC 1YlgzFmJdvhGku00vGsLZfQ/S0yyhXXaQOcs5m/+fI415kP4EET3MUZwJBsldX4S 98GmnfTsy4go23T+mL92vIVocX7mRTfjflWqRdDvtAbmmjmz5jtksWhvs03w8Nhb 8RP2iiUX69snb490/sr9hH0RGnvGOJ+j7WQS7fIwCII3snemfXZnCc9oWvdHzljH a0Q= -----END CERTIFICATE-----Generated at Wed Sep 17 22:13:41 2025 by rpki-client