$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ca2987e0-54d6-4246-8dd5-4284e82f8d14.roa File: ca2987e0-54d6-4246-8dd5-4284e82f8d14.roa (raw, json) Hash identifier: EXTFAplN5ub36w81iMj/qhnTa5et6RONLZG2ejEpHu8= Subject key identifier: 5D:4E:FA:22:B6:1A:06:0E:FD:42:AE:9B:5D:58:EB:16:17:28:B7:69 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2BFEBCFC2073FAEA59094D7651974CD9A36B5F3B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ca2987e0-54d6-4246-8dd5-4284e82f8d14.roa Signing time: Fri 15 Aug 2025 00:01:51 +0000 ROA not before: Fri 15 Aug 2025 00:01:51 +0000 ROA not after: Fri 19 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:a0c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 00:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:fe:bc:fc:20:73:fa:ea:59:09:4d:76:51:97:4c:d9:a3:6b:5f:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 15 00:01:51 2025 GMT Not After : Sep 19 23:59:59 2025 GMT Subject: serialNumber=4fb0bfefa0d75ed034e41c4b187587e038fd5b3cf27ccbf628610da5da95b604, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:4e:86:c4:9e:0a:41:bd:23:e8:ee:f1:52:37: 20:93:ef:f6:87:64:ff:b9:f0:24:a0:66:f7:17:03: d6:0c:4e:e6:f6:77:f2:7e:cb:d0:d6:bc:91:f2:49: 8f:54:e6:6d:27:14:3f:92:7c:c5:20:b1:5c:64:b2: 56:a9:eb:83:00:1d:8b:6f:24:6b:1d:86:80:e1:1a: 36:a2:cf:fe:6a:ba:f4:98:7c:8a:84:e7:9f:96:fb: 26:c6:0c:df:33:8f:b9:06:6a:2a:22:bf:91:be:2e: 70:4f:cd:ba:b1:60:6e:29:ad:83:1a:f4:bb:cf:91: 78:ba:47:ab:4b:25:b7:ce:3d:28:da:c2:c0:e1:a4: 77:91:7a:0f:41:e5:cd:a5:dc:da:51:67:08:58:74: b5:30:66:ad:75:25:05:0a:7d:ba:2d:0e:25:aa:b8: 73:a2:49:32:a8:3b:99:6a:2f:ae:fc:61:1d:41:64: f4:86:f6:b6:99:ce:86:55:95:ab:b3:0c:60:6c:3c: 72:46:5c:54:4e:f9:05:42:5c:f8:38:b9:a6:ba:9d: 0b:f8:6e:8e:d8:e0:37:99:87:7c:d5:61:c1:70:15: 2f:be:52:d0:59:d3:3e:4f:95:21:b9:6e:47:bc:be: 74:b5:ea:5f:4b:65:03:2c:84:da:d1:c7:52:5f:91: 26:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:4E:FA:22:B6:1A:06:0E:FD:42:AE:9B:5D:58:EB:16:17:28:B7:69 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ca2987e0-54d6-4246-8dd5-4284e82f8d14.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:a0c0::/46 Signature Algorithm: sha256WithRSAEncryption 94:90:eb:52:e7:45:d9:fb:d6:0b:37:ba:35:54:4f:74:b7:91: 5f:6b:36:4a:9b:b2:86:5c:f1:73:a1:d8:14:a3:35:37:b0:2e: 57:d6:62:d9:69:17:be:93:4f:8e:0d:02:1d:e1:b8:03:df:0b: ed:05:dc:41:13:cd:8d:1e:3e:ab:09:38:17:40:5a:9f:db:08: 8b:8b:cd:47:ac:0e:4a:b8:47:9a:6a:0a:5b:e8:1e:98:28:28: 21:fe:06:7f:a9:dd:6d:4a:3a:08:23:ee:87:4c:e5:11:5f:55: cf:64:83:d0:ae:35:7a:d1:0b:1a:8e:f0:b5:64:94:52:3b:0c: c0:83:00:36:a8:23:01:f5:bf:ec:d8:81:1a:ff:de:76:4f:a0: c2:24:2a:e5:1c:70:4c:6f:9f:1a:b3:d5:f8:93:3a:b1:9b:40: 66:70:6f:63:32:44:b0:cf:d1:87:14:21:0b:f8:88:9a:2c:af: 70:11:9d:92:9f:3f:9b:0e:0f:69:12:38:3e:18:12:58:fa:c0: b7:3c:78:85:b5:a3:e4:bb:20:a9:7f:be:af:a9:5a:b7:3a:30: 62:98:eb:67:af:f0:77:c3:1d:2c:13:5f:bb:c5:c6:d1:f7:0c: f4:40:09:10:0b:93:fc:98:2a:00:36:b4:ae:af:c6:49:d5:3e: ca:fd:b0:6c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUK/68/CBz+upZCU12UZdM2aNrXzswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxNTAwMDE1MVoX DTI1MDkxOTIzNTk1OVowejFJMEcGA1UEBRNANGZiMGJmZWZhMGQ3NWVkMDM0ZTQx YzRiMTg3NTg3ZTAzOGZkNWIzY2YyN2NjYmY2Mjg2MTBkYTVkYTk1YjYwNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA306GxJ4KQb0j6O7xUjcgk+/2h2T/ ufAkoGb3FwPWDE7m9nfyfsvQ1ryR8kmPVOZtJxQ/knzFILFcZLJWqeuDAB2LbyRr HYaA4Ro2os/+arr0mHyKhOeflvsmxgzfM4+5BmoqIr+Rvi5wT826sWBuKa2DGvS7 z5F4ukerSyW3zj0o2sLA4aR3kXoPQeXNpdzaUWcIWHS1MGatdSUFCn26LQ4lqrhz okkyqDuZai+u/GEdQWT0hva2mc6GVZWrswxgbDxyRlxUTvkFQlz4OLmmup0L+G6O 2OA3mYd81WHBcBUvvlLQWdM+T5UhuW5HvL50tepfS2UDLITa0cdSX5EmZQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFF1O+iK2GgYO/UKum11Y6xYXKLdpMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NhMjk4N2UwLTU0ZDYtNDI0Ni04ZGQ1LTQyODRlODJmOGQxNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba86DAMA0GCSqGSIb3DQEBCwUAA4IBAQCUkOtS50XZ+9YLN7o1 VE90t5FfazZKm7KGXPFzodgUozU3sC5X1mLZaRe+k0+ODQId4bgD3wvtBdxBE82N Hj6rCTgXQFqf2wiLi81HrA5KuEeaagpb6B6YKCgh/gZ/qd1tSjoII+6HTOURX1XP ZIPQrjV60QsajvC1ZJRSOwzAgwA2qCMB9b/s2IEa/952T6DCJCrlHHBMb58as9X4 kzqxm0BmcG9jMkSwz9GHFCEL+IiaLK9wEZ2Snz+bDg9pEjg+GBJY+sC3PHiFtaPk uyCpf76vqVq3OjBimOtnr/B3wx0sE1+7xcbR9wz0QAkQC5P8mCoANrSur8ZJ1T7K /bBs -----END CERTIFICATE-----Generated at Wed Aug 20 10:42:45 2025 by rpki-client