$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/982d87a7-4e0b-42ab-a73f-f497b43a2a36.roa File: 982d87a7-4e0b-42ab-a73f-f497b43a2a36.roa (raw, json) Hash identifier: atdRRBJinb4zPFkeBZLxmJtG6Tu4WI6ygxJmjJqnh0o= Subject key identifier: A3:92:49:AE:4F:F8:E0:03:3B:39:FA:00:2B:BA:22:84:48:0F:E2:5B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6EC343BC7A70818E1B4A691CE1421F3A4DBA08FA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/982d87a7-4e0b-42ab-a73f-f497b43a2a36.roa Signing time: Mon 18 Aug 2025 15:00:06 +0000 ROA not before: Mon 18 Aug 2025 15:00:06 +0000 ROA not after: Mon 22 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 00:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:c3:43:bc:7a:70:81:8e:1b:4a:69:1c:e1:42:1f:3a:4d:ba:08:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 18 15:00:06 2025 GMT Not After : Sep 22 23:59:59 2025 GMT Subject: serialNumber=95ffcbd2e4efb97368f2ace3a76f0b4683eff7e415deaf89b2887e0ae3aa4e47, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:5f:5e:23:57:9e:3f:b9:47:4e:8f:ab:97:df: 1c:ff:f0:d3:bd:2e:f6:d8:83:88:70:84:50:f6:7a: d5:1e:25:77:42:e5:f0:28:6c:a2:33:5a:a7:10:e6: 39:47:bb:2f:30:66:31:b1:ee:ba:b3:cd:1b:28:ec: 00:49:b2:35:90:8b:71:34:46:e0:f8:00:11:d3:e5: 25:f5:87:eb:8b:63:ba:ce:40:62:f7:c1:28:5a:ed: db:75:33:ed:e7:f3:af:91:42:27:55:75:3b:55:60: 49:8a:d7:37:84:d5:5b:ba:6b:9e:2a:53:02:3b:c6: e1:c3:50:7c:3f:ff:4e:39:24:dd:36:23:26:6a:4a: 56:08:a3:65:88:38:fc:c5:88:75:a8:f8:c2:96:a2: dc:fb:7c:9f:d5:66:6a:2c:5c:37:be:79:40:3c:4a: 6e:7f:d6:dc:c8:c7:12:95:ea:ec:29:af:b6:40:61: 09:f6:88:b9:ea:db:89:e7:86:cc:f1:12:36:ed:59: f1:33:1d:a2:5c:41:3e:59:0d:e6:0e:60:75:18:ff: ca:a4:57:1a:8c:76:d2:6e:88:cb:95:e8:97:73:2b: 2f:85:1f:62:be:e4:aa:82:dd:0e:2e:40:ef:a5:fb: 38:f1:8e:84:0c:51:d6:3b:71:04:85:a1:49:b9:44: b1:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:92:49:AE:4F:F8:E0:03:3B:39:FA:00:2B:BA:22:84:48:0F:E2:5B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/982d87a7-4e0b-42ab-a73f-f497b43a2a36.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:800::/40 Signature Algorithm: sha256WithRSAEncryption 1d:8e:52:9e:93:ac:9e:7d:1a:ea:6e:ac:d3:3f:4d:57:5b:bd: 4c:7c:b7:9e:fe:85:6d:54:36:5c:25:40:9d:0e:75:20:81:3f: da:00:61:43:2a:64:cb:61:e9:b2:c1:d7:ed:90:dd:c6:47:09: 15:a3:36:07:bc:6e:ed:cc:7a:88:b6:b1:5a:81:44:ec:cd:73: 3c:9b:3d:7d:13:b9:85:12:06:13:bb:71:08:0d:90:85:de:9c: b6:7d:76:ff:df:47:21:3d:ee:ef:10:0d:b1:46:77:52:90:bd: cd:c5:67:a2:b5:97:b5:61:2b:6c:c7:e5:f5:16:ce:2c:5b:16: f3:2f:80:83:bf:05:20:2e:ae:e0:bf:92:3e:31:e9:26:87:14: 33:5b:5e:40:d3:4b:60:cc:fa:88:00:06:a7:2d:4e:99:60:9a: d4:e7:1b:a6:ae:a7:a7:e9:3d:93:c0:6d:4c:dc:32:17:3f:40: 45:c9:0b:a7:3b:17:3a:26:06:9b:b2:fe:a5:82:41:5b:31:d2: 24:9f:20:02:94:7b:68:a2:f0:b3:54:69:2b:80:db:63:ee:23: 22:68:c6:85:04:3d:bb:18:f2:3c:b9:7f:3b:78:f3:96:10:fb: 0f:f3:ab:21:84:7e:95:37:4f:a4:48:59:77:06:6f:3e:e9:ed: 55:55:23:2b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbsNDvHpwgY4bSmkc4UIfOk26CPowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxODE1MDAwNloX DTI1MDkyMjIzNTk1OVowejFJMEcGA1UEBRNAOTVmZmNiZDJlNGVmYjk3MzY4ZjJh Y2UzYTc2ZjBiNDY4M2VmZjdlNDE1ZGVhZjg5YjI4ODdlMGFlM2FhNGU0NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAll9eI1eeP7lHTo+rl98c//DTvS72 2IOIcIRQ9nrVHiV3QuXwKGyiM1qnEOY5R7svMGYxse66s80bKOwASbI1kItxNEbg +AAR0+Ul9Yfri2O6zkBi98EoWu3bdTPt5/OvkUInVXU7VWBJitc3hNVbumueKlMC O8bhw1B8P/9OOSTdNiMmakpWCKNliDj8xYh1qPjClqLc+3yf1WZqLFw3vnlAPEpu f9bcyMcSlersKa+2QGEJ9oi56tuJ54bM8RI27VnxMx2iXEE+WQ3mDmB1GP/KpFca jHbSbojLleiXcysvhR9ivuSqgt0OLkDvpfs48Y6EDFHWO3EEhaFJuUSxbQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKOSSa5P+OADOzn6ACu6IoRID+JbMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk4MmQ4N2E3LTRlMGItNDJhYi1hNzNmLWY0OTdiNDNhMmEzNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauQgwDQYJKoZIhvcNAQELBQADggEBAB2OUp6TrJ59GupurNM/ TVdbvUx8t57+hW1UNlwlQJ0OdSCBP9oAYUMqZMth6bLB1+2Q3cZHCRWjNge8bu3M eoi2sVqBROzNczybPX0TuYUSBhO7cQgNkIXenLZ9dv/fRyE97u8QDbFGd1KQvc3F Z6K1l7VhK2zH5fUWzixbFvMvgIO/BSAuruC/kj4x6SaHFDNbXkDTS2DM+ogABqct TplgmtTnG6aup6fpPZPAbUzcMhc/QEXJC6c7FzomBpuy/qWCQVsx0iSfIAKUe2ii 8LNUaSuA22PuIyJoxoUEPbsY8jy5fzt485YQ+w/zqyGEfpU3T6RIWXcGbz7p7VVV Iys= -----END CERTIFICATE-----Generated at Wed Aug 20 10:41:49 2025 by rpki-client