$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/857d996d-a66c-48d8-8669-f36141564a43.roa File: 857d996d-a66c-48d8-8669-f36141564a43.roa (raw, json) Hash identifier: YxLhMfE4ZbiE9jGY1W2+erMMgpI7RTtq9pIO/rJDzIk= Subject key identifier: 63:BB:27:4E:27:43:33:CF:88:8F:6C:F0:B7:28:D7:A9:41:E7:2A:CE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0548578A136359756E1654B78FCE57D3A840710D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/857d996d-a66c-48d8-8669-f36141564a43.roa Signing time: Tue 29 Jul 2025 00:30:43 +0000 ROA not before: Tue 29 Jul 2025 00:30:43 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:4800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:48:57:8a:13:63:59:75:6e:16:54:b7:8f:ce:57:d3:a8:40:71:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:30:43 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=8f0eb9793d6869254b9ea649ce2f75b797bd96d3fa6446a51d2365b830b0a2eb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:cc:97:99:cb:19:2c:61:af:f6:b5:79:b3:78: 71:a0:b8:d1:e3:f6:29:d6:d3:88:9f:3c:08:29:42: 15:ed:46:8a:de:7a:81:b5:f5:6d:0d:9b:3c:75:53: 81:f1:bd:88:b9:fe:56:f9:35:88:37:5a:bf:d6:60: 38:94:49:b8:a9:ce:30:b6:6c:72:b2:e9:d8:89:68: 13:c7:8a:a2:69:52:2c:31:02:10:58:d8:c2:83:d9: 5a:76:5d:0f:87:a7:ef:c2:56:07:d5:91:ba:93:d4: 0f:fa:37:26:ef:87:26:e3:d3:78:95:bb:96:f5:83: f6:36:69:22:bc:44:a8:57:62:6d:f2:80:5f:02:04: e3:8a:b6:86:cb:33:ea:af:d9:54:4c:0c:ce:b9:1d: 9d:84:fb:19:7e:e6:ea:d3:7f:cb:51:3f:57:e7:4a: 74:73:47:8a:46:2b:04:9e:56:18:ce:79:bd:4c:44: 66:aa:ad:2c:2f:a9:9b:07:a7:81:df:59:12:44:c6: 86:a9:1e:01:08:e1:e6:93:26:4f:98:a3:b1:e4:cf: ad:0d:5c:b5:95:d7:9a:de:3b:20:5b:2e:a8:f3:28: 39:df:42:7b:26:81:67:60:a6:a7:09:ed:f2:a2:f9: b6:ac:bb:9d:a2:cf:e8:8d:dd:ba:e8:41:4a:d1:bf: 02:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:BB:27:4E:27:43:33:CF:88:8F:6C:F0:B7:28:D7:A9:41:E7:2A:CE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/857d996d-a66c-48d8-8669-f36141564a43.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:4800::/40 Signature Algorithm: sha256WithRSAEncryption 8f:06:6f:eb:66:65:13:e2:af:e3:23:b0:29:a4:55:fa:ae:84: c0:2a:f0:c4:cc:35:e3:cc:d7:04:34:2e:e3:b9:a8:fa:f3:a6: af:a9:db:5d:76:0b:73:b8:1d:b8:f2:b7:8d:dd:34:48:ef:d7: 28:37:b9:fa:c4:69:39:8d:60:0e:55:22:ba:f7:6d:26:7c:33: e3:56:b7:11:35:aa:a3:96:46:9f:24:f0:2a:a6:43:da:1d:cb: 53:95:ca:0c:33:53:58:f3:b9:0d:71:7f:55:a8:95:8d:b4:a2: de:a4:fd:4f:4f:7d:56:d4:12:bf:e8:86:4d:81:99:4a:e6:cc: 9d:18:98:a3:b1:f3:8c:14:7a:32:d7:bc:91:37:37:35:67:c3: 69:d1:9c:8b:26:e1:e6:a4:3d:48:e8:9a:25:6b:c4:7e:c0:1a: 61:5e:d7:ca:31:c9:71:3b:9c:db:f3:2c:52:00:3e:e3:b8:dc: 36:cd:42:c9:54:8f:93:63:73:5e:5a:81:02:08:f2:fb:9c:4b: 2f:98:f4:78:0b:6f:6c:cc:ad:03:c6:df:82:75:30:54:19:38: b2:d0:b4:cd:ab:49:62:75:d2:a8:b9:43:69:00:8a:c4:aa:47: a4:e4:07:ae:cf:cf:62:2c:e3:49:89:28:48:9d:15:0b:f3:bf: c1:e5:51:48 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBUhXihNjWXVuFlS3j85X06hAcQ0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwMzA0M1oX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNAOGYwZWI5NzkzZDY4NjkyNTRiOWVh NjQ5Y2UyZjc1Yjc5N2JkOTZkM2ZhNjQ0NmE1MWQyMzY1YjgzMGIwYTJlYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMyXmcsZLGGv9rV5s3hxoLjR4/Yp 1tOInzwIKUIV7UaK3nqBtfVtDZs8dVOB8b2Iuf5W+TWIN1q/1mA4lEm4qc4wtmxy sunYiWgTx4qiaVIsMQIQWNjCg9ladl0Ph6fvwlYH1ZG6k9QP+jcm74cm49N4lbuW 9YP2NmkivESoV2Jt8oBfAgTjiraGyzPqr9lUTAzOuR2dhPsZfubq03/LUT9X50p0 c0eKRisEnlYYznm9TERmqq0sL6mbB6eB31kSRMaGqR4BCOHmkyZPmKOx5M+tDVy1 ldea3jsgWy6o8yg530J7JoFnYKanCe3yovm2rLudos/ojd266EFK0b8CpwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGO7J04nQzPPiI9s8Lco16lB5yrOMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg1N2Q5OTZkLWE2NmMtNDhkOC04NjY5LWYzNjE0MTU2NGE0My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/0gwDQYJKoZIhvcNAQELBQADggEBAI8Gb+tmZRPir+MjsCmk VfquhMAq8MTMNePM1wQ0LuO5qPrzpq+p2112C3O4Hbjyt43dNEjv1yg3ufrEaTmN YA5VIrr3bSZ8M+NWtxE1qqOWRp8k8CqmQ9ody1OVygwzU1jzuQ1xf1WolY20ot6k /U9PfVbUEr/ohk2BmUrmzJ0YmKOx84wUejLXvJE3NzVnw2nRnIsm4eakPUjomiVr xH7AGmFe18oxyXE7nNvzLFIAPuO43DbNQslUj5Njc15agQII8vucSy+Y9HgLb2zM rQPG34J1MFQZOLLQtM2rSWJ10qi5Q2kAisSqR6TkB67Pz2Is40mJKEidFQvzv8Hl UUg= -----END CERTIFICATE-----Generated at Thu Jul 31 01:00:36 2025 by rpki-client