$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/906d1094-02f1-42d9-b22e-24f2ee4caa70.roa File: 906d1094-02f1-42d9-b22e-24f2ee4caa70.roa (raw, json) Hash identifier: BilPuO/SuAgCSYiWap7NMC829291bkchfb5/mT52l3k= Subject key identifier: 69:6E:10:11:FB:FC:AA:C6:CB:C1:A5:3F:E3:EA:5B:D3:B8:DD:DB:2B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7A081A0454F1E5155D4BD8E2B126B727D40C1BAF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/906d1094-02f1-42d9-b22e-24f2ee4caa70.roa Signing time: Fri 01 Aug 2025 00:20:16 +0000 ROA not before: Fri 01 Aug 2025 00:20:16 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 00:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:08:1a:04:54:f1:e5:15:5d:4b:d8:e2:b1:26:b7:27:d4:0c:1b:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:20:16 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=030641db6e00e326506bb8c0441e23a0a7a57e63b97be7076c102f19902d1403, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:20:fb:70:f8:0e:3f:a8:a1:9a:85:6a:64:6a: 58:99:40:40:03:da:1b:ca:f4:c1:5a:5a:0c:ad:fd: 7d:a2:26:44:7f:7e:da:a6:f6:5c:60:6a:1c:93:3d: c8:55:fd:a9:61:3e:c9:ac:53:b1:e1:61:3c:63:ec: 1e:a2:15:f9:de:10:15:76:e8:bf:f2:29:de:e4:7f: 09:9d:b7:06:ce:1c:fd:ae:db:33:36:79:5a:30:39: 95:99:a9:d3:7c:0d:52:90:ae:d5:cd:54:2c:5c:c5: 07:60:b3:d5:86:88:a9:af:7e:9e:35:5c:76:42:b0: be:49:e7:3a:81:80:ec:60:9a:47:c2:8a:0a:32:b0: 1b:c5:59:3b:dd:7f:9c:23:74:0e:c4:3e:22:4d:a5: 94:dc:a1:bc:55:59:9c:e9:2b:8a:81:0a:5e:b3:58: 22:57:2d:91:86:5a:ba:dc:dc:52:76:5c:42:69:17: 3c:c6:80:11:7f:a3:52:c4:93:58:24:60:c6:67:31: dc:19:bd:c4:b9:11:04:cc:49:db:70:2d:3f:41:f3: 9e:8e:0d:75:bd:03:51:8b:2c:63:2b:4c:4d:94:ea: ee:60:31:79:e1:44:aa:54:8b:4e:0f:ff:51:50:36: e2:9e:6e:99:61:d8:df:3d:7d:22:7c:94:ee:ae:27: e6:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:6E:10:11:FB:FC:AA:C6:CB:C1:A5:3F:E3:EA:5B:D3:B8:DD:DB:2B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/906d1094-02f1-42d9-b22e-24f2ee4caa70.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:1000::/40 Signature Algorithm: sha256WithRSAEncryption 45:40:ca:a0:ed:a4:90:fc:28:b6:29:19:b0:1b:5a:37:6c:a1: 79:a8:c0:67:c7:0c:a4:54:22:d6:ff:f4:ab:89:c0:b7:48:9f: ec:ac:65:3a:25:cb:cc:8d:6a:36:e5:47:d4:ac:37:03:82:69: 9c:78:6b:ad:8f:67:af:ed:80:1b:16:f6:05:da:3b:44:67:71: c6:aa:d2:d8:31:e2:d8:f7:64:4c:b3:e5:56:e0:0d:4f:69:7a: 18:6f:ae:9a:27:f6:60:3f:db:e3:64:e3:5a:f7:5c:4a:c9:43: 16:cd:a4:7f:63:50:b1:54:60:fb:f5:04:64:c4:d6:bb:90:f2: e5:e1:35:bd:43:24:a3:40:66:b7:4b:75:a5:8e:60:96:2c:e8: 8e:f8:f6:36:6e:1e:fb:96:6a:93:16:6c:8a:3f:0b:35:a7:6c: e0:62:c5:78:ff:ed:69:58:9c:cb:41:01:f6:71:1b:d4:19:4d: db:fb:68:b2:53:cd:b1:c3:42:49:9e:a9:1e:d6:d6:83:de:6c: 1c:2c:4f:20:86:39:46:67:b2:92:30:a1:f6:4e:57:f3:4d:90: b7:82:d1:60:ea:1d:ef:3c:fe:1e:2e:d1:2a:cf:e5:41:c7:dc: 58:91:71:23:d3:03:5e:df:97:66:98:fa:71:d2:1b:c8:b2:c2: cd:3f:1b:fa -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeggaBFTx5RVdS9jisSa3J9QMG68wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwMjAxNloX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAMDMwNjQxZGI2ZTAwZTMyNjUwNmJi OGMwNDQxZTIzYTBhN2E1N2U2M2I5N2JlNzA3NmMxMDJmMTk5MDJkMTQwMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCD7cPgOP6ihmoVqZGpYmUBAA9ob yvTBWloMrf19oiZEf37apvZcYGockz3IVf2pYT7JrFOx4WE8Y+weohX53hAVdui/ 8ine5H8JnbcGzhz9rtszNnlaMDmVmanTfA1SkK7VzVQsXMUHYLPVhoipr36eNVx2 QrC+Sec6gYDsYJpHwooKMrAbxVk73X+cI3QOxD4iTaWU3KG8VVmc6SuKgQpes1gi Vy2Rhlq63NxSdlxCaRc8xoARf6NSxJNYJGDGZzHcGb3EuREEzEnbcC0/QfOejg11 vQNRiyxjK0xNlOruYDF54USqVItOD/9RUDbinm6ZYdjfPX0ifJTurifmKwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGluEBH7/KrGy8GlP+PqW9O43dsrMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkwNmQxMDk0LTAyZjEtNDJkOS1iMjJlLTI0ZjJlZTRjYWE3MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOBAwDQYJKoZIhvcNAQELBQADggEBAEVAyqDtpJD8KLYpGbAb WjdsoXmowGfHDKRUItb/9KuJwLdIn+ysZToly8yNajblR9SsNwOCaZx4a62PZ6/t gBsW9gXaO0Rnccaq0tgx4tj3ZEyz5VbgDU9pehhvrpon9mA/2+Nk41r3XErJQxbN pH9jULFUYPv1BGTE1ruQ8uXhNb1DJKNAZrdLdaWOYJYs6I749jZuHvuWapMWbIo/ CzWnbOBixXj/7WlYnMtBAfZxG9QZTdv7aLJTzbHDQkmeqR7W1oPebBwsTyCGOUZn spIwofZOV/NNkLeC0WDqHe88/h4u0SrP5UHH3FiRcSPTA17fl2aY+nHSG8iyws0/ G/o= -----END CERTIFICATE-----Generated at Wed Aug 20 10:40:13 2025 by rpki-client