$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91606af-f23b-41f1-a5e0-9c946ffa3ce0.roa File: a91606af-f23b-41f1-a5e0-9c946ffa3ce0.roa (raw, json) Hash identifier: 8AYETg7jvWkGBggF/IUHrxP0cUQIYQiPieTD5RtsmVQ= Subject key identifier: 72:AA:F4:14:B0:2D:5D:89:21:93:72:E6:93:A3:BE:1E:AD:9F:D9:61 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 284ADB55F2483A23FE7955D17349064302ABF44E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91606af-f23b-41f1-a5e0-9c946ffa3ce0.roa Signing time: Tue 26 Aug 2025 00:10:53 +0000 ROA not before: Tue 26 Aug 2025 00:10:53 +0000 ROA not after: Tue 30 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Sep 2025 00:50:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:4a:db:55:f2:48:3a:23:fe:79:55:d1:73:49:06:43:02:ab:f4:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 26 00:10:53 2025 GMT Not After : Sep 30 23:59:59 2025 GMT Subject: serialNumber=50df0d0962665c314f8f0bac2c89853404932b654a3a4a8be4eb79c138441f36, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:0b:4c:52:01:c7:a2:6c:ab:84:e6:9d:c8:5a: 2a:a1:af:b7:49:71:ed:61:15:72:b8:43:13:c8:f4: b3:04:37:28:cc:b5:13:d9:fe:c6:71:e1:28:51:61: 77:c5:43:30:74:0a:ef:7d:ec:09:e5:db:25:61:7d: b3:fa:f7:cb:12:62:93:c5:86:8a:3c:4b:9e:38:37: ad:74:13:37:23:90:ae:b2:d2:97:eb:b9:17:23:a1: 2d:08:d6:28:2f:cd:50:64:9f:a2:67:79:20:29:cd: ca:28:37:50:86:b3:8a:b4:2e:73:7a:79:ce:86:cc: 80:5d:65:46:fa:bd:9a:42:a9:41:b4:3e:f5:a2:57: 48:d6:fd:49:bb:ba:f9:4a:4c:2d:a1:9b:82:cb:1d: 88:ed:da:c4:f1:69:96:8e:31:fa:eb:d1:5f:89:f3: 60:87:9d:41:87:88:6c:41:bc:3d:88:b8:4d:2b:fc: fe:cb:90:0b:ef:73:63:6d:f4:f5:b8:5c:29:9d:0b: c3:54:f2:86:ab:aa:7d:c4:ea:bf:1c:80:61:c8:44: c3:7f:52:79:b0:3b:51:2e:a9:df:6a:95:ab:80:85: de:0e:b5:98:18:9d:cf:de:3d:76:17:83:19:c4:a6: a4:3c:b4:1c:f7:ff:44:16:2c:3b:31:5c:29:66:a6: 4e:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:AA:F4:14:B0:2D:5D:89:21:93:72:E6:93:A3:BE:1E:AD:9F:D9:61 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91606af-f23b-41f1-a5e0-9c946ffa3ce0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:8000::/40 Signature Algorithm: sha256WithRSAEncryption 01:0b:3d:b7:af:e1:5f:97:c0:6a:40:dd:43:2e:a6:cd:95:cf: f1:70:a7:96:3a:95:f1:74:31:be:02:ca:e6:85:a6:8e:1d:b8: 57:d8:1f:99:3e:3f:73:cd:aa:af:93:56:cf:10:25:e4:ad:8b: 12:81:8b:8e:95:77:36:a4:ab:05:84:af:26:1f:87:00:0d:c3: e6:10:0c:55:bf:58:ac:8f:42:73:0a:23:7a:14:61:14:63:c7: 78:9d:96:a7:4d:4d:b6:0c:ed:96:c3:e5:32:97:96:7a:cf:ff: e1:9c:2f:47:c0:f5:6f:c8:82:83:ff:97:2d:5e:96:e2:b0:58: d7:64:47:75:35:fc:d4:99:58:fa:e9:d6:b1:73:46:a0:c6:68: c7:78:3e:59:d6:54:b5:6f:b5:8c:e4:36:9d:53:7d:cd:0d:c6: c2:01:7d:43:f3:5f:f8:4c:eb:2a:5b:84:53:de:f9:12:07:26: e5:08:4d:d4:7c:2b:d1:b3:8f:ee:5a:a2:58:1c:d8:e0:48:62: 11:e5:03:78:55:61:97:07:e7:49:79:a1:8d:34:f1:18:52:a8: e0:1c:e5:72:54:e0:5b:11:47:aa:28:9c:b0:39:d8:ae:fe:34: fc:c8:ca:9e:bd:8e:09:5d:6a:c7:7e:23:0e:5e:3a:76:15:cd: a6:36:09:b9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKErbVfJIOiP+eVXRc0kGQwKr9E4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyNjAwMTA1M1oX DTI1MDkzMDIzNTk1OVowejFJMEcGA1UEBRNANTBkZjBkMDk2MjY2NWMzMTRmOGYw YmFjMmM4OTg1MzQwNDkzMmI2NTRhM2E0YThiZTRlYjc5YzEzODQ0MWYzNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QtMUgHHomyrhOadyFoqoa+3SXHt YRVyuEMTyPSzBDcozLUT2f7GceEoUWF3xUMwdArvfewJ5dslYX2z+vfLEmKTxYaK PEueODetdBM3I5CustKX67kXI6EtCNYoL81QZJ+iZ3kgKc3KKDdQhrOKtC5zennO hsyAXWVG+r2aQqlBtD71oldI1v1Ju7r5SkwtoZuCyx2I7drE8WmWjjH669FfifNg h51Bh4hsQbw9iLhNK/z+y5AL73NjbfT1uFwpnQvDVPKGq6p9xOq/HIBhyETDf1J5 sDtRLqnfapWrgIXeDrWYGJ3P3j12F4MZxKakPLQc9/9EFiw7MVwpZqZOYQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHKq9BSwLV2JIZNy5pOjvh6tn9lhMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E5MTYwNmFmLWYyM2ItNDFmMS1hNWUwLTljOTQ2ZmZhM2NlMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+IAwDQYJKoZIhvcNAQELBQADggEBAAELPbev4V+XwGpA3UMu ps2Vz/Fwp5Y6lfF0Mb4CyuaFpo4duFfYH5k+P3PNqq+TVs8QJeStixKBi46Vdzak qwWEryYfhwANw+YQDFW/WKyPQnMKI3oUYRRjx3idlqdNTbYM7ZbD5TKXlnrP/+Gc L0fA9W/IgoP/ly1eluKwWNdkR3U1/NSZWPrp1rFzRqDGaMd4PlnWVLVvtYzkNp1T fc0NxsIBfUPzX/hM6ypbhFPe+RIHJuUITdR8K9Gzj+5aolgc2OBIYhHlA3hVYZcH 50l5oY008RhSqOAc5XJU4FsRR6oonLA52K7+NPzIyp69jgldasd+Iw5eOnYVzaY2 Cbk= -----END CERTIFICATE-----Generated at Thu Sep 18 04:44:33 2025 by rpki-client