$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8c6b3e2f-c441-4d2e-a3fb-511aebd72aa2.roa File: 8c6b3e2f-c441-4d2e-a3fb-511aebd72aa2.roa (raw, json) Hash identifier: nSsfI9JF8k/O8f80J/JOOElbA0c8hVxpUizY13bnBuI= Subject key identifier: 68:D0:D5:FC:E8:77:C4:B0:14:E6:4F:0A:6C:79:18:84:4D:0A:49:22 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 09556958DB72B33299B3EBCEF95A82634CE16E0A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8c6b3e2f-c441-4d2e-a3fb-511aebd72aa2.roa Signing time: Tue 29 Jul 2025 00:50:36 +0000 ROA not before: Tue 29 Jul 2025 00:50:36 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:2040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:55:69:58:db:72:b3:32:99:b3:eb:ce:f9:5a:82:63:4c:e1:6e:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:50:36 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=0e3d3f29976ffc10b5a79e2065e96b1d0c7c0f0ee7e9fc8aa66087c64da53221, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:fd:ce:1d:5a:6a:63:78:a9:b6:54:2f:62:dc: e0:85:f8:5d:00:23:d5:d8:1d:7a:96:46:b4:f8:ab: 09:98:7a:b4:c0:05:82:f7:b3:9f:e9:7d:54:d6:b4: 53:74:f8:02:5d:7e:89:61:f9:3d:d4:9a:38:3e:8f: a3:dd:7d:81:6d:50:04:ac:31:ee:99:fa:88:d6:66: bb:0b:fc:e9:6c:c2:45:59:13:f5:fe:76:2d:29:d4: 70:a6:a2:92:c5:48:75:9f:57:be:50:d8:fe:1c:d5: b9:45:1c:e4:41:29:72:43:83:87:5f:ac:db:60:6d: ce:64:70:33:71:51:b7:90:cf:20:47:49:66:fb:1c: 51:d3:96:04:a5:5d:0d:5b:64:7d:2b:2d:e1:b0:02: cf:2b:17:c7:e7:d6:9f:e4:56:40:37:22:c5:1b:44: 9c:4f:43:a0:db:24:6a:28:eb:7b:27:7c:00:9b:d8: b8:c6:6d:db:ce:0c:9d:59:9f:56:53:37:5e:5a:bd: 70:88:9b:e4:48:c1:a8:33:c9:a1:65:e9:6d:0e:ab: 97:86:0c:50:32:84:99:b1:a8:d0:42:8c:6e:6a:9b: 0f:ce:f3:83:05:d6:87:94:53:56:12:26:23:e7:1c: a0:6d:58:df:dc:63:62:db:ed:54:6b:4c:c6:92:e5: c8:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:D0:D5:FC:E8:77:C4:B0:14:E6:4F:0A:6C:79:18:84:4D:0A:49:22 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8c6b3e2f-c441-4d2e-a3fb-511aebd72aa2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:2040::/48 Signature Algorithm: sha256WithRSAEncryption 35:0a:e2:96:53:dc:1a:fb:5f:10:27:b4:78:58:19:b2:80:f7: 33:27:ad:74:9f:35:54:37:38:dc:1f:da:f0:31:3b:30:fb:d5: 14:8f:d1:dd:34:5f:e7:e6:2c:93:81:89:9a:0b:39:1d:bf:99: c3:8e:79:c0:1d:78:ba:7e:fe:57:63:40:26:21:09:0e:3d:4c: 1c:55:7b:34:41:d0:d3:a9:f7:58:f0:74:82:d8:8b:48:2a:7c: c2:6e:98:ca:81:46:7f:16:e9:3b:fe:c0:71:c8:00:cc:21:4e: a5:51:6e:48:28:3a:80:d9:b9:a2:15:38:17:bd:c0:ea:2f:ea: 1d:cc:77:4d:45:02:b7:4f:07:83:32:56:0b:e3:7c:02:d3:4c: 2f:91:9e:f5:5e:ac:62:51:91:80:73:9b:ac:bb:c6:83:b6:77: b6:e7:f4:a6:83:3a:95:81:c3:09:2a:11:9d:a0:3d:77:73:23: 9a:c8:d3:6c:40:d0:03:67:94:6c:e6:4d:c5:ec:15:a6:1a:e2: 26:59:b2:fe:eb:d0:f9:a9:a1:2d:f0:b6:6d:12:11:57:e4:16: 01:a0:df:1e:b0:37:57:1f:88:f5:14:da:8c:9a:92:14:04:06: 79:21:c4:83:e6:9a:6a:0d:bc:cc:09:4e:76:00:8b:cb:ae:72: 6e:7e:b5:35 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUCVVpWNtyszKZs+vO+VqCY0zhbgowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwNTAzNloX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNAMGUzZDNmMjk5NzZmZmMxMGI1YTc5 ZTIwNjVlOTZiMWQwYzdjMGYwZWU3ZTlmYzhhYTY2MDg3YzY0ZGE1MzIyMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAov3OHVpqY3iptlQvYtzghfhdACPV 2B16lka0+KsJmHq0wAWC97Of6X1U1rRTdPgCXX6JYfk91Jo4Po+j3X2BbVAErDHu mfqI1ma7C/zpbMJFWRP1/nYtKdRwpqKSxUh1n1e+UNj+HNW5RRzkQSlyQ4OHX6zb YG3OZHAzcVG3kM8gR0lm+xxR05YEpV0NW2R9Ky3hsALPKxfH59af5FZANyLFG0Sc T0Og2yRqKOt7J3wAm9i4xm3bzgydWZ9WUzdeWr1wiJvkSMGoM8mhZeltDquXhgxQ MoSZsajQQoxuapsPzvODBdaHlFNWEiYj5xygbVjf3GNi2+1Ua0zGkuXI5wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGjQ1fzod8SwFOZPCmx5GIRNCkkiMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhjNmIzZTJmLWM0NDEtNGQyZS1hM2ZiLTUxMWFlYmQ3MmFhMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/yBAMA0GCSqGSIb3DQEBCwUAA4IBAQA1CuKWU9wa+18QJ7R4 WBmygPczJ610nzVUNzjcH9rwMTsw+9UUj9HdNF/n5iyTgYmaCzkdv5nDjnnAHXi6 fv5XY0AmIQkOPUwcVXs0QdDTqfdY8HSC2ItIKnzCbpjKgUZ/Fuk7/sBxyADMIU6l UW5IKDqA2bmiFTgXvcDqL+odzHdNRQK3TweDMlYL43wC00wvkZ71XqxiUZGAc5us u8aDtne25/SmgzqVgcMJKhGdoD13cyOayNNsQNADZ5Rs5k3F7BWmGuImWbL+69D5 qaEt8LZtEhFX5BYBoN8esDdXH4j1FNqMmpIUBAZ5IcSD5ppqDbzMCU52AIvLrnJu frU1 -----END CERTIFICATE-----Generated at Thu Jul 31 00:57:24 2025 by rpki-client