$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5e20664-bb4b-418f-9be3-4d905265deec.roa File: a5e20664-bb4b-418f-9be3-4d905265deec.roa (raw, json) Hash identifier: xq//jWmWgVzmra+srImpXFtC55uddo1Vsbtehvdx1gI= Subject key identifier: F6:D4:34:35:78:91:4B:2A:B2:F6:79:3B:E2:5F:91:FD:CD:FA:DC:34 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4178677BFF950271CB19E7CBC33902D219C2124F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5e20664-bb4b-418f-9be3-4d905265deec.roa Signing time: Tue 26 Aug 2025 00:11:30 +0000 ROA not before: Tue 26 Aug 2025 00:11:30 +0000 ROA not after: Tue 30 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 20 Sep 2025 00:20:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:78:67:7b:ff:95:02:71:cb:19:e7:cb:c3:39:02:d2:19:c2:12:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 26 00:11:30 2025 GMT Not After : Sep 30 23:59:59 2025 GMT Subject: serialNumber=8a6733201e641f4c62f02a40507c0a455a50c740fc982b471ea64dc229a34f17, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:58:36:7f:2c:10:07:f1:30:fb:fb:0f:47:a5: 28:38:b4:74:c8:af:dd:ec:ac:56:ca:11:ab:89:0d: 42:1e:c1:a4:23:96:03:5c:24:0e:da:94:c7:60:0b: 38:d5:d0:2d:a6:cf:bc:d6:96:5d:51:7b:a6:5a:b6: 9a:47:c7:d9:21:20:ce:c5:64:6c:d2:a3:c6:d7:5f: 61:8b:b3:ff:18:c3:a0:50:60:45:b3:f3:b3:c7:41: c8:18:9c:31:f9:e6:6b:bd:5a:67:97:a6:7e:2a:88: 74:00:c4:b2:8c:a6:7f:8d:b1:17:3c:43:87:d4:f8: 65:77:5a:f9:ca:86:80:ba:cb:9e:eb:d1:79:52:f3: 4f:27:8b:10:3a:36:af:89:fb:e0:49:21:0f:0f:bc: 88:30:0e:d7:ce:46:3b:35:15:27:59:c9:5e:a4:ee: 57:1e:48:ca:b9:c5:19:d3:34:d2:d0:0d:25:c8:8d: 2f:e8:f3:37:4f:c2:27:57:11:6f:5a:1c:58:68:00: 1c:fb:f2:38:29:f4:ec:b7:8c:ef:39:18:68:ca:05: 28:e9:3d:a5:e0:2a:d6:51:e9:32:65:3e:75:f8:c4: 3c:34:61:3d:3d:fd:af:3f:5c:17:dc:ac:da:2f:f6: 55:23:94:e0:4a:c8:77:d3:04:ce:3f:2b:ff:a0:a5: 26:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:D4:34:35:78:91:4B:2A:B2:F6:79:3B:E2:5F:91:FD:CD:FA:DC:34 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5e20664-bb4b-418f-9be3-4d905265deec.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:8000::/40 Signature Algorithm: sha256WithRSAEncryption 60:28:38:85:b4:eb:8e:74:ec:90:5a:40:64:77:c1:0b:ed:69: 77:2c:e8:fe:25:4a:dd:2a:f4:42:e4:8b:d3:29:33:6a:2d:04: 86:92:18:2e:99:fb:81:6d:cb:93:95:8f:93:51:c8:01:ad:5c: ce:c0:05:e2:f3:2e:1c:8c:e8:96:2d:15:da:dd:bb:be:ef:57: 93:b6:cb:bf:1f:8c:c1:c9:41:20:4a:68:71:57:69:27:cd:a9: a7:6f:71:eb:a1:b7:a5:75:1f:93:9c:5d:81:01:2d:40:44:3a: bf:ac:88:a6:74:79:3c:9f:79:15:7a:10:fa:43:aa:a0:9c:15: 4f:54:6c:51:e2:2c:5d:56:cf:d3:ce:b9:5e:68:19:4d:f0:4f: 88:7a:af:53:e9:a5:ca:79:75:f8:4a:2e:f3:bd:68:e8:9a:b9: 19:2a:b7:4d:8c:2b:f2:12:9c:dd:1e:5d:0d:3a:2a:38:c6:e1: bf:ca:71:05:82:05:91:97:d1:cc:cf:dd:0a:e8:ac:44:21:5c: 6a:52:07:4c:de:88:c9:f5:e3:f2:c8:47:50:40:31:75:5d:a9: cb:88:a5:d7:2f:60:ed:78:44:46:e4:5f:0d:8a:e0:6a:d5:52: a5:bf:a9:35:20:21:9c:bb:2e:5a:75:a9:f3:be:78:02:6f:b4: 3d:5a:a8:5f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQXhne/+VAnHLGefLwzkC0hnCEk8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyNjAwMTEzMFoX DTI1MDkzMDIzNTk1OVowejFJMEcGA1UEBRNAOGE2NzMzMjAxZTY0MWY0YzYyZjAy YTQwNTA3YzBhNDU1YTUwYzc0MGZjOTgyYjQ3MWVhNjRkYzIyOWEzNGYxNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVg2fywQB/Ew+/sPR6UoOLR0yK/d 7KxWyhGriQ1CHsGkI5YDXCQO2pTHYAs41dAtps+81pZdUXumWraaR8fZISDOxWRs 0qPG119hi7P/GMOgUGBFs/Ozx0HIGJwx+eZrvVpnl6Z+Koh0AMSyjKZ/jbEXPEOH 1Phld1r5yoaAusue69F5UvNPJ4sQOjavifvgSSEPD7yIMA7XzkY7NRUnWclepO5X HkjKucUZ0zTS0A0lyI0v6PM3T8InVxFvWhxYaAAc+/I4KfTst4zvORhoygUo6T2l 4CrWUekyZT51+MQ8NGE9Pf2vP1wX3KzaL/ZVI5TgSsh30wTOPyv/oKUm4wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPbUNDV4kUsqsvZ5O+Jfkf3N+tw0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E1ZTIwNjY0LWJiNGItNDE4Zi05YmUzLTRkOTA1MjY1ZGVlYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaIAwDQYJKoZIhvcNAQELBQADggEBAGAoOIW064507JBaQGR3 wQvtaXcs6P4lSt0q9ELki9MpM2otBIaSGC6Z+4Fty5OVj5NRyAGtXM7ABeLzLhyM 6JYtFdrdu77vV5O2y78fjMHJQSBKaHFXaSfNqadvceuht6V1H5OcXYEBLUBEOr+s iKZ0eTyfeRV6EPpDqqCcFU9UbFHiLF1Wz9POuV5oGU3wT4h6r1Pppcp5dfhKLvO9 aOiauRkqt02MK/ISnN0eXQ06KjjG4b/KcQWCBZGX0czP3QrorEQhXGpSB0zeiMn1 4/LIR1BAMXVdqcuIpdcvYO14REbkXw2K4GrVUqW/qTUgIZy7Llp1qfO+eAJvtD1a qF8= -----END CERTIFICATE-----Generated at Tue Sep 16 05:36:38 2025 by rpki-client