$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67b122dd-c584-4c2f-ac76-fb1a660b79da.roa File: 67b122dd-c584-4c2f-ac76-fb1a660b79da.roa (raw, json) Hash identifier: 6zROxjsko/xVzY9AyI7lZWAB7uVSsFYlLs1zu8P+18c= Subject key identifier: C3:26:AC:FA:78:3B:03:A6:F2:9C:85:DB:C7:98:E7:8B:9B:14:9E:31 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 58E74B983984941AEEC6657BE66F2896AF3A7FAE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67b122dd-c584-4c2f-ac76-fb1a660b79da.roa Signing time: Sat 16 Aug 2025 00:00:08 +0000 ROA not before: Sat 16 Aug 2025 00:00:08 +0000 ROA not after: Sat 20 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da28::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 00:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:e7:4b:98:39:84:94:1a:ee:c6:65:7b:e6:6f:28:96:af:3a:7f:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 16 00:00:08 2025 GMT Not After : Sep 20 23:59:59 2025 GMT Subject: serialNumber=a876faa7452a54ae0f42a38ac83934095a67f640317f109500436c10055b2f1f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:a9:a0:cd:0b:b9:96:80:65:0b:aa:8d:b5:c8: 62:e4:fb:d5:da:ed:c6:5b:03:00:4e:24:af:8b:0b: 07:5e:18:f1:e9:df:12:84:f3:3d:4a:ad:be:5f:85: d7:28:ca:8a:f5:6e:b2:8a:68:bb:bc:cb:3c:59:18: 96:78:cf:6d:b8:81:6b:0d:e9:e1:68:b1:c5:bf:8d: 76:63:a0:80:98:d2:4d:06:63:91:45:94:50:ec:b0: db:ca:33:62:92:9d:29:39:ac:a5:12:35:92:e4:3a: 1e:08:a3:04:85:36:1b:43:15:be:aa:33:2e:90:bc: 1a:a8:58:01:da:ad:6f:42:09:8e:e6:69:0b:7c:53: 06:9f:5b:d7:2d:95:38:03:c7:ed:9c:0c:ab:8e:2f: d0:e9:5b:4d:2c:f8:c0:bd:48:bf:bf:c3:95:67:45: d9:4a:b3:08:fe:e0:ac:b1:14:61:d4:7f:5e:3a:8a: 2a:5c:db:9a:be:02:b6:ac:b1:eb:3c:29:83:eb:49: fb:93:6e:58:46:f4:0e:0a:f2:f5:61:9e:32:94:c0: bf:1f:da:e9:4f:1c:8a:e7:34:7c:83:19:46:be:d3: c8:09:43:00:c0:be:bf:ee:29:b5:7a:92:93:a0:11: ce:66:5a:24:6a:3b:fc:40:dd:84:8d:24:d1:2e:93: d6:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:26:AC:FA:78:3B:03:A6:F2:9C:85:DB:C7:98:E7:8B:9B:14:9E:31 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67b122dd-c584-4c2f-ac76-fb1a660b79da.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da28::/36 Signature Algorithm: sha256WithRSAEncryption 7a:d9:e7:54:f1:a7:43:e9:b4:67:77:85:30:14:a5:0b:9d:b6: e6:de:ce:d9:5a:df:48:d1:32:29:cd:63:4e:cf:e0:dd:ca:46: bb:39:d7:4a:11:bb:fd:43:fb:b6:59:3b:ac:e8:50:ef:44:3d: 12:01:47:52:6f:c0:93:17:19:56:95:74:36:5c:c9:b6:36:5e: 63:ad:04:79:8a:e9:7c:2e:53:1e:06:c2:6a:cc:5b:f4:d7:ff: 2b:83:a1:30:2f:b9:5b:29:03:e3:29:2d:46:d4:42:22:03:de: 90:bc:99:fd:45:51:2e:2f:5e:28:d0:8e:5a:22:4a:10:b6:9d: d7:21:d1:cd:b1:6f:c9:ba:55:1f:d2:5d:21:86:4f:3d:73:5d: 25:dd:e5:08:b8:be:3b:f4:f6:d6:71:4a:cc:ea:69:61:6a:a8: 53:4e:9d:62:8a:03:e2:2f:84:66:37:6b:88:00:6b:73:6c:6c: 90:8f:f7:3a:be:c3:06:59:dc:41:ca:ac:3c:a0:b8:b0:2e:e5: 60:51:51:08:e4:7e:a4:eb:a1:9b:df:84:0f:82:3b:77:9e:2c: 89:35:77:bd:9c:88:72:82:8e:2f:41:12:30:cf:68:52:dc:bf: 85:9a:eb:20:a8:9a:68:b1:27:40:1d:11:5c:cc:f7:15:31:04: fd:ac:05:56 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWOdLmDmElBruxmV75m8olq86f64wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxNjAwMDAwOFoX DTI1MDkyMDIzNTk1OVowejFJMEcGA1UEBRNAYTg3NmZhYTc0NTJhNTRhZTBmNDJh MzhhYzgzOTM0MDk1YTY3ZjY0MDMxN2YxMDk1MDA0MzZjMTAwNTViMmYxZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqmgzQu5loBlC6qNtchi5PvV2u3G WwMATiSviwsHXhjx6d8ShPM9Sq2+X4XXKMqK9W6yimi7vMs8WRiWeM9tuIFrDenh aLHFv412Y6CAmNJNBmORRZRQ7LDbyjNikp0pOaylEjWS5DoeCKMEhTYbQxW+qjMu kLwaqFgB2q1vQgmO5mkLfFMGn1vXLZU4A8ftnAyrji/Q6VtNLPjAvUi/v8OVZ0XZ SrMI/uCssRRh1H9eOooqXNuavgK2rLHrPCmD60n7k25YRvQOCvL1YZ4ylMC/H9rp TxyK5zR8gxlGvtPICUMAwL6/7im1epKToBHOZlokajv8QN2EjSTRLpPWZQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMMmrPp4OwOm8pyF28eY54ubFJ4xMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY3YjEyMmRkLWM1ODQtNGMyZi1hYzc2LWZiMWE2NjBiNzlkYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaKAAwDQYJKoZIhvcNAQELBQADggEBAHrZ51Txp0PptGd3hTAU pQudtubeztla30jRMinNY07P4N3KRrs510oRu/1D+7ZZO6zoUO9EPRIBR1JvwJMX GVaVdDZcybY2XmOtBHmK6XwuUx4GwmrMW/TX/yuDoTAvuVspA+MpLUbUQiID3pC8 mf1FUS4vXijQjloiShC2ndch0c2xb8m6VR/SXSGGTz1zXSXd5Qi4vjv09tZxSszq aWFqqFNOnWKKA+IvhGY3a4gAa3NsbJCP9zq+wwZZ3EHKrDyguLAu5WBRUQjkfqTr oZvfhA+CO3eeLIk1d72ciHKCji9BEjDPaFLcv4Wa6yCommixJ0AdEVzM9xUxBP2s BVY= -----END CERTIFICATE-----Generated at Wed Aug 20 10:41:51 2025 by rpki-client