$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/78343754-5d6e-4ded-9b4c-d9d70b6ccac8.roa File: 78343754-5d6e-4ded-9b4c-d9d70b6ccac8.roa (raw, json) Hash identifier: DJ/CH6S62DomO8yDMTql/JLq43ockNznspTIaaxZfRk= Subject key identifier: AB:D8:EB:D6:2A:E5:E5:83:10:E7:AE:84:65:0D:4F:39:4F:E7:2E:00 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 24433FC4118C07591C5FE1DB9747AC383D44755B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/78343754-5d6e-4ded-9b4c-d9d70b6ccac8.roa Signing time: Sat 16 Aug 2025 00:00:41 +0000 ROA not before: Sat 16 Aug 2025 00:00:41 +0000 ROA not after: Sat 20 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 00:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:43:3f:c4:11:8c:07:59:1c:5f:e1:db:97:47:ac:38:3d:44:75:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 16 00:00:41 2025 GMT Not After : Sep 20 23:59:59 2025 GMT Subject: serialNumber=311b0fbaf8ebe1e5fc8be1556d637a7ffae46f48a15a68e622ccaf7bc0abee1c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:3e:e9:45:b9:bb:ba:92:30:b0:c1:07:3f:d7: 35:53:9b:31:1f:14:42:87:ef:52:49:cb:58:11:fe: 55:81:89:60:23:10:01:12:cb:af:a3:e7:05:f7:e3: 43:30:fd:ea:e7:85:01:65:97:86:bf:5b:c8:98:c1: 5a:4d:12:44:a4:29:42:ec:a0:79:2a:d2:b0:91:f3: be:43:fd:d1:c1:66:8b:2e:56:8c:09:e6:38:86:72: f6:cd:a9:bd:1a:fa:2e:1e:4b:ab:b9:3a:3a:93:8e: 76:bc:4d:49:6c:d9:0c:41:88:a7:ff:80:17:b2:e5: 66:96:9c:46:4b:e2:b6:ec:f7:6a:ee:99:14:3e:9f: da:c7:2b:b5:04:fc:1d:50:05:df:19:71:c4:ca:82: 51:20:d2:49:99:5a:a5:f7:d5:32:ec:fc:6e:40:06: cc:d8:df:c6:d8:92:24:9d:41:b4:de:f7:b9:61:f8: 94:5e:6d:a9:23:11:b8:10:70:73:aa:9f:b1:39:de: 13:69:3f:5a:95:ae:a5:5c:d9:e4:d4:8c:79:1e:b7: 15:fb:27:6f:03:95:e4:6c:81:9a:f9:6c:d9:53:9b: 55:38:f5:77:53:a6:5d:f6:67:67:8d:31:78:6f:52: 3b:d7:66:29:e7:1a:ec:31:83:28:e8:2e:c2:03:67: ff:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:D8:EB:D6:2A:E5:E5:83:10:E7:AE:84:65:0D:4F:39:4F:E7:2E:00 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/78343754-5d6e-4ded-9b4c-d9d70b6ccac8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:9000::/40 Signature Algorithm: sha256WithRSAEncryption 59:3c:b6:95:00:82:72:c5:ee:39:bf:0f:ae:ec:df:aa:de:60: ea:b5:72:31:4e:db:b2:3d:d6:fb:2b:3b:1b:a1:37:c2:c1:b1: fb:93:a3:9f:b0:50:6b:e1:ef:4f:38:d6:f1:45:df:4e:4e:4c: 37:43:87:af:77:d0:8e:c6:af:cf:24:eb:1c:71:b1:0b:c6:d9: 27:83:94:7e:4a:cc:25:e7:52:22:75:ca:7c:6d:f1:a5:ac:06: 3d:dc:31:d7:bf:1b:0d:d9:93:cd:8a:37:2e:37:1c:8a:56:f7: 04:93:a8:41:8f:8a:86:b8:7d:02:66:45:9e:d6:27:6b:82:e3: c4:bc:0d:b7:4f:6c:da:66:65:26:05:41:5b:15:85:72:42:8b: 9e:63:17:a7:02:f3:8f:72:6f:f6:b2:4d:08:77:4d:f7:71:42: 08:79:53:ea:54:c1:89:a9:d7:65:11:a9:1c:27:a4:52:d9:2c: 3a:f2:3c:35:f1:da:fd:57:1f:64:7b:7c:a6:9b:8f:88:f8:e3: 11:43:56:b5:95:c7:78:12:64:83:a0:b4:aa:1c:f2:50:7f:33: 86:fa:f9:08:34:50:45:d9:e1:6b:7d:ee:7a:24:d9:31:ec:d4: 50:00:2f:81:d6:dc:49:53:d5:bc:56:89:cc:3a:0d:91:1c:19: a6:ad:52:fe -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJEM/xBGMB1kcX+Hbl0esOD1EdVswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxNjAwMDA0MVoX DTI1MDkyMDIzNTk1OVowejFJMEcGA1UEBRNAMzExYjBmYmFmOGViZTFlNWZjOGJl MTU1NmQ2MzdhN2ZmYWU0NmY0OGExNWE2OGU2MjJjY2FmN2JjMGFiZWUxYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwz7pRbm7upIwsMEHP9c1U5sxHxRC h+9SSctYEf5VgYlgIxABEsuvo+cF9+NDMP3q54UBZZeGv1vImMFaTRJEpClC7KB5 KtKwkfO+Q/3RwWaLLlaMCeY4hnL2zam9GvouHkuruTo6k452vE1JbNkMQYin/4AX suVmlpxGS+K27Pdq7pkUPp/axyu1BPwdUAXfGXHEyoJRINJJmVql99Uy7PxuQAbM 2N/G2JIknUG03ve5YfiUXm2pIxG4EHBzqp+xOd4TaT9ala6lXNnk1Ix5HrcV+ydv A5XkbIGa+WzZU5tVOPV3U6Zd9mdnjTF4b1I712Yp5xrsMYMo6C7CA2f/cQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKvY69Yq5eWDEOeuhGUNTzlP5y4AMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc4MzQzNzU0LTVkNmUtNGRlZC05YjRjLWQ5ZDcwYjZjY2FjOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9ZAwDQYJKoZIhvcNAQELBQADggEBAFk8tpUAgnLF7jm/D67s 36reYOq1cjFO27I91vsrOxuhN8LBsfuTo5+wUGvh70841vFF305OTDdDh6930I7G r88k6xxxsQvG2SeDlH5KzCXnUiJ1ynxt8aWsBj3cMde/Gw3Zk82KNy43HIpW9wST qEGPioa4fQJmRZ7WJ2uC48S8DbdPbNpmZSYFQVsVhXJCi55jF6cC849yb/ayTQh3 TfdxQgh5U+pUwYmp12URqRwnpFLZLDryPDXx2v1XH2R7fKabj4j44xFDVrWVx3gS ZIOgtKoc8lB/M4b6+Qg0UEXZ4Wt97nok2THs1FAAL4HW3ElT1bxWicw6DZEcGaat Uv4= -----END CERTIFICATE-----Generated at Wed Aug 20 10:43:57 2025 by rpki-client