$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bd3366c-489c-4afe-af18-d26b5824bd0e.roa File: 8bd3366c-489c-4afe-af18-d26b5824bd0e.roa (raw, json) Hash identifier: pd6C2p+TivZx53d0R7yQjWVuZ35Tmia4Z08AaYEhzPo= Subject key identifier: 80:6E:93:3C:D0:05:BA:65:2A:5D:70:FC:22:ED:B5:EF:C2:02:37:6E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: C9F461EC0769D0B9C233224DD7314456F22274 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bd3366c-489c-4afe-af18-d26b5824bd0e.roa Signing time: Tue 29 Jul 2025 00:31:24 +0000 ROA not before: Tue 29 Jul 2025 00:31:24 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:9040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: c9:f4:61:ec:07:69:d0:b9:c2:33:22:4d:d7:31:44:56:f2:22:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:31:24 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=948b95b201c068dde720a15ff086e11e1b5486c554085f786b898cc7391342ba, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:03:b4:31:95:75:ab:46:46:9e:af:37:32:6e: 80:59:af:dc:8e:59:f1:66:d1:2c:64:ac:42:31:b6: f5:c6:ed:0c:4f:f7:4b:36:dc:2a:31:26:aa:d3:72: 5d:d2:7c:80:87:ca:aa:14:2c:42:ac:90:ee:3b:3d: 8e:e8:86:1c:2c:e0:c5:26:8b:06:93:37:3f:a2:95: 15:95:13:66:5f:6e:4a:fc:3f:06:9a:60:94:c1:12: 8f:99:94:fb:2f:ef:e1:28:ce:d8:bf:a2:72:4a:53: 37:85:99:9a:95:23:9f:75:9b:20:a6:e4:2e:09:e9: c7:5b:ed:60:cb:06:b7:77:b9:49:c8:73:40:2a:34: 28:24:59:08:48:1b:e5:43:05:cf:73:69:13:80:97: 64:ac:0f:36:14:fe:50:3e:cb:13:4a:fe:dc:c0:6e: 90:72:d0:d7:63:c4:2c:98:a9:a5:7e:94:6a:13:f3: fe:8a:e5:34:d1:92:e2:0c:5a:39:45:d8:32:75:e8: bd:63:e8:59:29:ae:06:df:b4:84:bb:b7:e4:25:27: 1a:1a:fe:be:0c:9c:2a:77:9b:6a:0f:20:99:56:8a: f3:48:1b:d8:d1:70:75:f4:16:e4:17:17:43:60:ca: 72:1c:9d:d9:e0:b0:3b:37:e2:4b:de:43:ac:5e:c6: 3b:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:6E:93:3C:D0:05:BA:65:2A:5D:70:FC:22:ED:B5:EF:C2:02:37:6E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bd3366c-489c-4afe-af18-d26b5824bd0e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:9040::/48 Signature Algorithm: sha256WithRSAEncryption 8e:05:21:dc:72:7d:4d:95:58:32:60:d2:a2:2d:0e:c1:1b:f5: e8:d6:0b:16:2b:c8:bf:c0:6e:90:eb:61:50:80:45:3d:ab:d3: 9f:03:80:6d:cc:f9:e2:3c:63:70:3d:82:f6:b8:7c:af:ec:fa: e0:b4:56:d0:01:32:a1:65:06:1d:5a:39:88:f7:27:be:af:76: 91:ee:c0:cf:60:f7:f5:6d:c0:95:f0:b1:ea:d9:bd:1e:7a:71: 05:8f:96:08:17:65:71:11:35:8a:a8:18:f6:c8:d5:e8:bd:24: fb:10:e2:f2:70:1e:fb:6e:f3:8c:c9:84:e9:31:35:d7:82:05: 47:a8:18:e1:e0:94:4d:34:40:69:76:bb:92:8b:e0:40:b1:e7: af:a9:13:02:be:92:60:13:67:59:fa:c0:6f:f8:b4:a5:fb:70: 27:25:6c:8a:42:1d:01:12:44:af:b3:c2:4a:55:c0:f0:a6:02: ed:8d:30:02:cf:2e:e6:50:46:eb:a2:6e:04:a7:75:32:6a:ec: f6:56:7d:b7:e7:04:a7:c9:b6:5b:d4:ef:a3:12:75:cb:b9:da: 22:df:8a:3b:42:34:64:0c:f3:e2:55:95:0d:b6:db:a9:41:e2: df:25:44:4e:63:23:67:32:36:d7:45:26:12:5f:4b:99:9f:c8: fe:b8:d3:67 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUAMn0YewHadC5wjMiTdcxRFbyInQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwMzEyNFoX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNAOTQ4Yjk1YjIwMWMwNjhkZGU3MjBh MTVmZjA4NmUxMWUxYjU0ODZjNTU0MDg1Zjc4NmI4OThjYzczOTEzNDJiYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6gO0MZV1q0ZGnq83Mm6AWa/cjlnx ZtEsZKxCMbb1xu0MT/dLNtwqMSaq03Jd0nyAh8qqFCxCrJDuOz2O6IYcLODFJosG kzc/opUVlRNmX25K/D8GmmCUwRKPmZT7L+/hKM7Yv6JySlM3hZmalSOfdZsgpuQu CenHW+1gywa3d7lJyHNAKjQoJFkISBvlQwXPc2kTgJdkrA82FP5QPssTSv7cwG6Q ctDXY8QsmKmlfpRqE/P+iuU00ZLiDFo5Rdgydei9Y+hZKa4G37SEu7fkJScaGv6+ DJwqd5tqDyCZVorzSBvY0XB19BbkFxdDYMpyHJ3Z4LA7N+JL3kOsXsY7iwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIBukzzQBbplKl1w/CLtte/CAjduMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhiZDMzNjZjLTQ4OWMtNGFmZS1hZjE4LWQyNmI1ODI0YmQwZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8pBAMA0GCSqGSIb3DQEBCwUAA4IBAQCOBSHccn1NlVgyYNKi LQ7BG/Xo1gsWK8i/wG6Q62FQgEU9q9OfA4BtzPniPGNwPYL2uHyv7PrgtFbQATKh ZQYdWjmI9ye+r3aR7sDPYPf1bcCV8LHq2b0eenEFj5YIF2VxETWKqBj2yNXovST7 EOLycB77bvOMyYTpMTXXggVHqBjh4JRNNEBpdruSi+BAseevqRMCvpJgE2dZ+sBv +LSl+3AnJWyKQh0BEkSvs8JKVcDwpgLtjTACzy7mUEbrom4Ep3Uyauz2Vn235wSn ybZb1O+jEnXLudoi34o7QjRkDPPiVZUNttupQeLfJUROYyNnMjbXRSYSX0uZn8j+ uNNn -----END CERTIFICATE-----Generated at Thu Jul 31 00:58:24 2025 by rpki-client