$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67b122dd-c584-4c2f-ac76-fb1a660b79da.roa File: 67b122dd-c584-4c2f-ac76-fb1a660b79da.roa (raw, json) Hash identifier: P79SBPziuR5ykv7LAC/16sXa7b6k3kvpdKNT6qnp7n0= Subject key identifier: A8:6E:64:22:28:FD:69:EB:76:91:51:39:79:22:74:66:A4:9A:29:9C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4F9F05E0A729415C8EBA6E96414AD205B808DBF9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67b122dd-c584-4c2f-ac76-fb1a660b79da.roa Signing time: Wed 10 Sep 2025 00:00:10 +0000 ROA not before: Wed 10 Sep 2025 00:00:10 +0000 ROA not after: Wed 15 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da28::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Sep 2025 00:50:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:9f:05:e0:a7:29:41:5c:8e:ba:6e:96:41:4a:d2:05:b8:08:db:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 10 00:00:10 2025 GMT Not After : Oct 15 23:59:59 2025 GMT Subject: serialNumber=065941b4a49595750f470366521457dff4262bbd9dad336ab733d6d2231eeaff, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:d0:41:c7:7c:a9:c6:9e:ed:69:2e:4c:91:1a: 78:31:3c:a6:f5:a4:b1:b1:3c:60:09:2c:b5:da:d2: f3:18:88:4b:7a:c2:f2:74:de:ae:1e:a9:59:08:b5: ae:e4:d6:63:d6:e5:2e:19:05:c7:19:d8:38:b5:7e: b3:cb:f4:51:67:a8:a1:b9:2b:8c:80:07:65:89:e7: 3d:fc:84:f6:2f:e2:9f:a7:6a:9d:6b:9c:7c:de:79: f9:a9:bc:f7:46:1d:b5:01:9c:ed:d6:f2:3c:3c:63: b3:aa:92:41:57:a7:5e:8e:8d:7a:e8:79:2e:c4:1f: b6:c7:fe:6f:d8:3f:fd:8b:49:fa:a1:9e:5f:2b:cb: 8c:2a:15:00:07:3d:9e:ec:ba:23:46:30:8c:e8:25: 48:c7:dd:08:6d:61:d5:17:59:f2:5c:78:e1:f8:c9: 8e:ae:50:2f:b7:6a:90:57:0b:81:7c:8d:ee:6b:5e: 3e:e4:00:56:9c:6f:a2:45:f9:ad:1e:74:d9:81:fb: 33:2a:eb:fd:36:ed:42:fa:6a:1d:3f:8a:37:48:04: c0:3b:e2:bb:3e:53:fc:3a:08:eb:08:33:b8:0c:c6: 60:78:cd:e6:81:64:81:8e:a3:11:06:6c:f8:2a:8e: de:a4:46:00:4d:7f:b8:90:74:00:5d:f0:7c:d5:c3: e5:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:6E:64:22:28:FD:69:EB:76:91:51:39:79:22:74:66:A4:9A:29:9C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67b122dd-c584-4c2f-ac76-fb1a660b79da.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da28::/36 Signature Algorithm: sha256WithRSAEncryption b1:16:01:b7:6e:2b:50:8c:1b:93:11:d4:17:45:39:b9:8a:05: 6b:54:a5:cd:15:70:ce:4b:1c:58:84:3a:97:e8:43:a2:df:1e: 77:3f:ce:98:2d:b2:45:39:5c:77:2d:a6:40:78:d5:91:94:ef: 6d:1e:39:9b:a0:cb:19:a5:33:fb:01:ad:aa:ef:c8:e0:fc:76: a7:62:cf:36:fd:e4:d0:34:f8:95:33:6d:53:9a:18:7f:be:7b: fd:62:b5:68:d2:fd:55:e5:22:af:51:9a:84:70:74:20:49:84: d5:95:b1:69:31:f1:6d:ed:55:1c:b0:22:23:b1:57:bb:87:39: 55:04:74:4e:2c:0f:59:c1:ca:bb:2d:61:ac:36:33:d1:f8:e0: 45:01:a1:39:fd:4e:6c:74:28:64:8c:35:db:c1:8a:99:a2:a9: a4:b6:dd:25:3e:fe:61:e6:ef:d9:91:31:eb:a2:ae:85:55:1c: bd:94:66:d5:a5:e2:d6:12:ee:29:8e:2f:ba:d5:cd:75:4c:91: 7f:8f:ee:aa:9c:ea:f6:b0:18:c0:5d:80:93:61:61:e3:ed:e1: 12:b9:e4:e4:e4:f8:9a:80:9b:56:16:54:07:fd:3c:b6:17:68: c4:65:c1:b3:1e:90:e6:21:5b:ed:17:2f:82:87:01:d3:02:be: 45:f4:6a:97 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUT58F4KcpQVyOum6WQUrSBbgI2/kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDkxMDAwMDAxMFoX DTI1MTAxNTIzNTk1OVowejFJMEcGA1UEBRNAMDY1OTQxYjRhNDk1OTU3NTBmNDcw MzY2NTIxNDU3ZGZmNDI2MmJiZDlkYWQzMzZhYjczM2Q2ZDIyMzFlZWFmZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9BBx3ypxp7taS5MkRp4MTym9aSx sTxgCSy12tLzGIhLesLydN6uHqlZCLWu5NZj1uUuGQXHGdg4tX6zy/RRZ6ihuSuM gAdliec9/IT2L+Kfp2qda5x83nn5qbz3Rh21AZzt1vI8PGOzqpJBV6dejo166Hku xB+2x/5v2D/9i0n6oZ5fK8uMKhUABz2e7LojRjCM6CVIx90IbWHVF1nyXHjh+MmO rlAvt2qQVwuBfI3ua14+5ABWnG+iRfmtHnTZgfszKuv9Nu1C+modP4o3SATAO+K7 PlP8OgjrCDO4DMZgeM3mgWSBjqMRBmz4Ko7epEYATX+4kHQAXfB81cPlVwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKhuZCIo/WnrdpFROXkidGakmimcMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY3YjEyMmRkLWM1ODQtNGMyZi1hYzc2LWZiMWE2NjBiNzlkYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaKAAwDQYJKoZIhvcNAQELBQADggEBALEWAbduK1CMG5MR1BdF ObmKBWtUpc0VcM5LHFiEOpfoQ6LfHnc/zpgtskU5XHctpkB41ZGU720eOZugyxml M/sBrarvyOD8dqdizzb95NA0+JUzbVOaGH++e/1itWjS/VXlIq9RmoRwdCBJhNWV sWkx8W3tVRywIiOxV7uHOVUEdE4sD1nByrstYaw2M9H44EUBoTn9Tmx0KGSMNdvB ipmiqaS23SU+/mHm79mRMeuiroVVHL2UZtWl4tYS7imOL7rVzXVMkX+P7qqc6vaw GMBdgJNhYePt4RK55OTk+JqAm1YWVAf9PLYXaMRlwbMekOYhW+0XL4KHAdMCvkX0 apc= -----END CERTIFICATE-----Generated at Wed Sep 17 22:49:41 2025 by rpki-client