$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a4e1135e-0450-439a-84a4-3c19c06f382b.roa File: a4e1135e-0450-439a-84a4-3c19c06f382b.roa (raw, json) Hash identifier: tsd77S7Eyx8kQ6f/2hpEvLfALjjQ2Rf9V5upzvLBSTU= Subject key identifier: BD:27:2F:F0:72:E6:E7:7D:B7:1E:96:30:11:AA:58:3E:23:2A:8D:2B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3D7D411557A881A61822C48DD51C90E8E1641F83 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a4e1135e-0450-439a-84a4-3c19c06f382b.roa Signing time: Fri 15 Aug 2025 00:10:14 +0000 ROA not before: Fri 15 Aug 2025 00:10:14 +0000 ROA not after: Fri 19 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:8800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 00:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:7d:41:15:57:a8:81:a6:18:22:c4:8d:d5:1c:90:e8:e1:64:1f:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 15 00:10:14 2025 GMT Not After : Sep 19 23:59:59 2025 GMT Subject: serialNumber=fb7c10c0ef11626e067ce4804bcbbae8e37b639470174b3fa62c57fa74ff477a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:a3:17:62:8f:23:d8:d8:aa:35:4e:44:e2:1a: 60:af:6f:07:7b:c9:6e:4b:57:ef:1a:fd:89:0e:7d: 17:8f:a2:58:2a:1c:d3:a1:fc:ba:5a:19:cd:b3:01: 54:83:8a:b6:51:dc:69:78:a0:69:73:e8:8d:e9:6c: bb:b8:af:c5:a5:03:e7:96:c3:31:15:b2:67:0a:d5: eb:43:f1:c7:72:5c:20:c7:c5:10:94:44:aa:62:51: da:14:aa:55:68:5b:2b:cd:27:41:fa:bf:7e:3d:63: 82:17:7d:bd:85:ed:36:e2:c8:88:35:fd:50:89:39: d1:24:a2:db:ec:61:84:8e:fa:14:df:6c:0f:9f:ef: ef:af:39:81:bb:77:0d:6f:14:1d:cc:ca:ed:cf:49: 03:45:fa:ff:7b:b0:c5:a9:4a:ca:ff:a2:f3:f2:80: 1a:50:59:fb:2a:fc:16:92:4f:ae:31:ba:37:0c:d7: 6e:2a:2e:db:60:62:b8:53:d2:06:d3:93:b4:8a:d0: 05:85:81:24:b1:58:39:96:89:04:eb:3b:61:ef:88: 70:d8:c5:d8:8b:2e:a2:9b:92:9b:62:b8:b0:5b:22: 7d:b7:f9:2c:08:a2:7d:b4:1a:02:89:fc:8a:ee:d6: 9b:c8:18:0b:89:3d:7a:e7:49:cf:e9:0c:f0:6e:5b: c3:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:27:2F:F0:72:E6:E7:7D:B7:1E:96:30:11:AA:58:3E:23:2A:8D:2B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a4e1135e-0450-439a-84a4-3c19c06f382b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:8800::/40 Signature Algorithm: sha256WithRSAEncryption b0:9c:86:2d:18:ec:55:b1:b0:83:5e:e7:ce:a2:50:53:c8:4e: 68:a2:45:cd:02:29:54:0c:75:2f:e7:08:5a:07:8e:bf:fe:a7: be:67:d1:9c:44:43:36:b7:20:d5:37:26:71:43:06:da:78:bf: 2f:8a:ed:b3:7a:2e:d9:e7:28:5e:c0:75:49:5c:33:a1:c1:65: 30:46:b2:56:ca:8c:21:6a:a0:02:74:52:23:aa:df:d9:0c:c7: c7:97:56:31:96:82:c9:69:06:fa:eb:0a:0a:49:ed:0e:df:9c: 01:3e:47:19:02:40:94:dd:b4:81:2f:c4:44:7f:24:26:99:3e: 74:a0:22:77:bf:f5:5e:5f:86:05:3f:c2:61:f4:bb:62:e9:56: 36:ff:7d:04:ff:22:7e:00:97:24:a3:fb:01:d3:d1:07:96:f4: db:77:0b:3e:7b:7d:df:3b:23:7c:02:2d:af:ae:41:5a:6d:c1: 27:2a:b8:71:e6:5d:f2:9e:01:16:13:16:90:12:58:18:7f:15: e8:ea:3d:3d:d8:0c:c8:b6:21:85:58:1a:c1:33:31:f9:0c:2c: 29:12:ca:55:f2:74:0b:7d:c4:5c:b9:2a:d3:2f:56:27:65:cc: bb:8a:71:02:52:c2:1f:11:72:62:a9:c3:db:fa:e3:aa:24:57: 52:52:7e:a6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPX1BFVeogaYYIsSN1RyQ6OFkH4MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxNTAwMTAxNFoX DTI1MDkxOTIzNTk1OVowejFJMEcGA1UEBRNAZmI3YzEwYzBlZjExNjI2ZTA2N2Nl NDgwNGJjYmJhZThlMzdiNjM5NDcwMTc0YjNmYTYyYzU3ZmE3NGZmNDc3YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6MXYo8j2NiqNU5E4hpgr28He8lu S1fvGv2JDn0Xj6JYKhzTofy6WhnNswFUg4q2UdxpeKBpc+iN6Wy7uK/FpQPnlsMx FbJnCtXrQ/HHclwgx8UQlESqYlHaFKpVaFsrzSdB+r9+PWOCF329he024siINf1Q iTnRJKLb7GGEjvoU32wPn+/vrzmBu3cNbxQdzMrtz0kDRfr/e7DFqUrK/6Lz8oAa UFn7KvwWkk+uMbo3DNduKi7bYGK4U9IG05O0itAFhYEksVg5lokE6zth74hw2MXY iy6im5KbYriwWyJ9t/ksCKJ9tBoCifyK7tabyBgLiT1650nP6QzwblvDQwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFL0nL/By5ud9tx6WMBGqWD4jKo0rMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E0ZTExMzVlLTA0NTAtNDM5YS04NGE0LTNjMTljMDZmMzgyYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba84gwDQYJKoZIhvcNAQELBQADggEBALCchi0Y7FWxsINe586i UFPITmiiRc0CKVQMdS/nCFoHjr/+p75n0ZxEQza3INU3JnFDBtp4vy+K7bN6Ltnn KF7AdUlcM6HBZTBGslbKjCFqoAJ0UiOq39kMx8eXVjGWgslpBvrrCgpJ7Q7fnAE+ RxkCQJTdtIEvxER/JCaZPnSgIne/9V5fhgU/wmH0u2LpVjb/fQT/In4AlySj+wHT 0QeW9Nt3Cz57fd87I3wCLa+uQVptwScquHHmXfKeARYTFpASWBh/FejqPT3YDMi2 IYVYGsEzMfkMLCkSylXydAt9xFy5KtMvVidlzLuKcQJSwh8RcmKpw9v646okV1JS fqY= -----END CERTIFICATE-----Generated at Wed Aug 20 10:42:45 2025 by rpki-client