$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/906d1094-02f1-42d9-b22e-24f2ee4caa70.roa File: 906d1094-02f1-42d9-b22e-24f2ee4caa70.roa (raw, json) Hash identifier: sfRfv4Jnocd90P2loAovVGD7+fIIp8oBqb91Uzs9TxQ= Subject key identifier: C1:40:23:15:A3:8C:F6:A0:30:44:BF:CD:B4:6F:1E:90:46:20:56:02 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 373B90F3B955E0365EDF97CDD8BAB9D25F6A8ADE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/906d1094-02f1-42d9-b22e-24f2ee4caa70.roa Signing time: Tue 26 Aug 2025 00:20:16 +0000 ROA not before: Tue 26 Aug 2025 00:20:16 +0000 ROA not after: Tue 30 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Sep 2025 00:50:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:3b:90:f3:b9:55:e0:36:5e:df:97:cd:d8:ba:b9:d2:5f:6a:8a:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 26 00:20:16 2025 GMT Not After : Sep 30 23:59:59 2025 GMT Subject: serialNumber=9f6bcc1b631c3234ffa44526e855496c722758e1bf294bcbf04e6f70a623025e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:87:b9:54:ec:bb:a0:87:e2:a3:7e:91:e9:b7: 65:8d:5d:54:6a:bb:5d:de:b5:88:42:00:dc:31:7e: f2:2d:f5:0f:34:6c:33:79:7a:1f:d0:54:fa:08:aa: 53:17:04:30:4c:87:56:40:6e:a1:84:6b:23:11:a4: 5a:35:cb:2b:55:4c:61:f1:cc:85:fe:5a:df:83:d7: 50:38:04:e6:5b:23:c4:14:f1:69:d3:9e:8a:18:e6: 98:29:ad:51:b4:ea:66:ec:6f:6b:97:a2:c6:4c:ae: 6a:2c:ed:6b:bf:73:4d:43:c6:b9:a4:dc:be:ac:d5: f0:8f:cb:a4:88:bf:61:e6:3c:bf:60:76:59:68:1e: 50:41:ab:8d:3e:58:8e:f8:c7:38:6e:f0:9a:1c:f6: 90:e8:29:d2:61:ad:2c:11:63:83:a7:94:75:47:e3: c0:6e:56:ac:d6:ef:ca:b8:2b:8a:dd:a0:71:74:3f: b2:a5:ba:c3:54:4d:5f:cf:03:13:ab:e4:8d:ca:73: a1:1f:fb:ea:68:62:32:56:a1:06:95:ae:ff:1c:52: 95:18:da:9d:78:a2:85:47:8d:fa:01:f0:8e:8b:71: 14:7d:72:b2:c6:80:ee:19:50:c7:d8:8d:a6:7f:0c: e6:af:be:f1:16:f5:fc:91:8e:03:77:41:5e:ee:46: 07:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:40:23:15:A3:8C:F6:A0:30:44:BF:CD:B4:6F:1E:90:46:20:56:02 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/906d1094-02f1-42d9-b22e-24f2ee4caa70.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:1000::/40 Signature Algorithm: sha256WithRSAEncryption ad:24:97:44:77:e6:43:57:dd:42:b8:59:d1:f9:87:31:2f:b6: 09:83:58:56:1e:4d:1b:d1:b8:25:71:66:99:eb:09:87:bc:86: 1a:b6:fb:ec:25:22:94:ea:67:88:4d:d2:b4:31:da:13:ac:45: 17:47:c6:cf:6a:f3:aa:76:84:6b:37:e9:48:eb:03:ff:96:d5: 8c:db:3e:f1:0d:46:c3:d8:e6:a7:77:cd:05:9a:e9:9e:1f:cf: 6e:a5:6a:4b:e1:b9:50:f9:e7:34:e3:54:f6:b3:08:39:f0:83: fe:b8:fb:04:05:fc:85:98:ca:c4:a8:55:c0:92:2f:f7:ab:e2: aa:0a:de:c2:e4:16:5b:c4:a4:cb:8b:b3:7c:09:68:32:d0:a9: 36:08:1c:ce:04:cc:a7:45:cb:e9:b5:24:db:f0:4f:0c:3b:5d: 60:82:ec:ee:f1:30:65:48:d5:80:d8:24:f4:8e:fd:f0:b2:bb: 3d:a7:e2:c1:8f:79:f4:34:d8:31:ec:fd:ed:0c:e5:80:61:d2: 2b:1c:78:16:52:d2:f6:3d:5a:40:62:6b:9b:ea:e6:5b:7c:cb: cd:e7:f0:b0:e0:aa:97:33:97:bc:90:09:98:24:75:60:5a:37: 1d:fd:a8:97:20:ea:47:3a:6c:4a:f9:ef:f4:15:fe:7f:ab:c9: 1f:f7:ee:76 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNzuQ87lV4DZe35fN2Lq50l9qit4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyNjAwMjAxNloX DTI1MDkzMDIzNTk1OVowejFJMEcGA1UEBRNAOWY2YmNjMWI2MzFjMzIzNGZmYTQ0 NTI2ZTg1NTQ5NmM3MjI3NThlMWJmMjk0YmNiZjA0ZTZmNzBhNjIzMDI1ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYe5VOy7oIfio36R6bdljV1Uartd 3rWIQgDcMX7yLfUPNGwzeXof0FT6CKpTFwQwTIdWQG6hhGsjEaRaNcsrVUxh8cyF /lrfg9dQOATmWyPEFPFp056KGOaYKa1RtOpm7G9rl6LGTK5qLO1rv3NNQ8a5pNy+ rNXwj8ukiL9h5jy/YHZZaB5QQauNPliO+Mc4bvCaHPaQ6CnSYa0sEWODp5R1R+PA blas1u/KuCuK3aBxdD+ypbrDVE1fzwMTq+SNynOhH/vqaGIyVqEGla7/HFKVGNqd eKKFR436AfCOi3EUfXKyxoDuGVDH2I2mfwzmr77xFvX8kY4Dd0Fe7kYHIwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMFAIxWjjPagMES/zbRvHpBGIFYCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkwNmQxMDk0LTAyZjEtNDJkOS1iMjJlLTI0ZjJlZTRjYWE3MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOBAwDQYJKoZIhvcNAQELBQADggEBAK0kl0R35kNX3UK4WdH5 hzEvtgmDWFYeTRvRuCVxZpnrCYe8hhq2++wlIpTqZ4hN0rQx2hOsRRdHxs9q86p2 hGs36UjrA/+W1YzbPvENRsPY5qd3zQWa6Z4fz26lakvhuVD55zTjVPazCDnwg/64 +wQF/IWYysSoVcCSL/er4qoK3sLkFlvEpMuLs3wJaDLQqTYIHM4EzKdFy+m1JNvw Tww7XWCC7O7xMGVI1YDYJPSO/fCyuz2n4sGPefQ02DHs/e0M5YBh0isceBZS0vY9 WkBia5vq5lt8y83n8LDgqpczl7yQCZgkdWBaNx39qJcg6kc6bEr57/QV/n+ryR/3 7nY= -----END CERTIFICATE-----Generated at Wed Sep 17 10:28:52 2025 by rpki-client