$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ce69eb4f-756d-483a-bdf3-9ba3d77f137a.roa File: ce69eb4f-756d-483a-bdf3-9ba3d77f137a.roa (raw, json) Hash identifier: kwiom0JDuhN9LpwCcERX6rQsyT71aGvIuSyKqommxsA= Subject key identifier: 6F:43:F4:81:BC:6E:BF:71:C0:97:38:62:ED:5A:CD:33:C2:5E:4F:C5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2E5EC6153F0586CCAD5FB4C8A208F749BDE43E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ce69eb4f-756d-483a-bdf3-9ba3d77f137a.roa Signing time: Sat 09 Aug 2025 00:00:13 +0000 ROA not before: Sat 09 Aug 2025 00:00:13 +0000 ROA not after: Sat 13 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da28:8800::/37 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 00:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:5e:c6:15:3f:05:86:cc:ad:5f:b4:c8:a2:08:f7:49:bd:e4:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 9 00:00:13 2025 GMT Not After : Sep 13 23:59:59 2025 GMT Subject: serialNumber=780ffc93b5b5e9efe6c8774ecd4d755a913d5dbc8ca27ef9dca2925374cbc7cf, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:3d:bd:d0:26:31:84:f5:e4:ae:94:7c:70:3d: 82:08:35:7f:6d:04:db:4f:62:c0:5e:f3:2d:ac:65: 3d:ea:f6:16:3d:7b:3d:fd:e5:cd:be:5c:e8:8d:34: 5c:e7:a3:92:15:1b:af:59:d6:bd:64:a3:04:dc:fd: 0b:d1:43:be:20:a9:ce:9e:3a:8a:87:d0:a2:37:4b: d5:c9:8a:8f:de:8e:91:4d:01:99:70:98:9a:f6:9d: bc:1f:9e:3c:bc:f0:17:ba:5b:67:37:56:93:8f:d2: 97:6a:59:c3:f7:33:41:bd:75:c4:a7:9d:47:e4:c7: 92:37:9e:b9:04:2f:5f:94:4f:89:d1:46:d0:6c:2f: 2f:d8:11:59:a9:e1:c5:c1:02:8f:c5:b5:87:45:ef: 6d:21:f8:e4:d1:6a:3f:c6:69:9f:ed:46:50:e5:53: 1e:a5:4d:2e:d0:05:0f:70:ba:4e:57:5a:09:42:97: 4c:9e:e8:2c:bc:8c:c9:3f:5e:44:0a:e6:7f:38:bc: 41:a0:5c:87:a7:c8:34:91:3b:60:87:0f:fe:33:7f: 1a:41:48:28:a2:af:d0:31:1e:62:88:80:0e:d7:d5: bb:45:59:a2:9e:94:30:b9:90:91:f5:b0:6e:c8:b3: 72:41:f5:f5:d6:69:1c:ee:2b:42:35:2b:8e:0b:00: 04:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:43:F4:81:BC:6E:BF:71:C0:97:38:62:ED:5A:CD:33:C2:5E:4F:C5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ce69eb4f-756d-483a-bdf3-9ba3d77f137a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da28:8800::/37 Signature Algorithm: sha256WithRSAEncryption 1c:5a:96:9c:ac:f6:7c:08:be:b5:6a:dd:58:fc:6a:b7:da:12: bc:bc:a9:0d:e4:20:43:84:1b:ac:67:61:84:c8:59:3d:2e:4f: 0d:25:6b:51:d6:d2:bc:a1:dc:1f:27:a8:29:bd:a6:1b:e6:75: c1:7a:f6:d1:a8:df:0d:c0:91:72:7a:db:cf:bb:df:28:9e:dd: 8b:c2:ed:b7:e5:a3:d5:6b:b5:d1:da:58:8e:a2:63:7b:dc:65: d3:82:76:01:9b:8b:13:0d:23:05:99:58:4e:50:6d:38:c3:e9: d6:0b:04:00:75:a0:32:15:5a:86:22:50:91:60:fc:09:b2:35: 5f:7f:81:ee:92:e1:8c:c6:ad:89:9f:c1:3f:93:66:cb:e5:ce: 3a:ae:39:43:ee:28:7a:8a:28:ad:30:b6:ef:e7:0f:71:50:65: 42:e6:ff:a4:24:0a:5b:74:c5:8f:66:da:9e:3f:31:b7:25:61: b1:c3:84:ac:ca:ed:70:4e:93:11:48:78:64:68:70:b0:78:2c: 8c:89:78:0d:60:d4:ae:3b:e3:5f:c1:40:7f:49:af:bd:b3:40: 2b:1e:83:75:d9:69:e6:e8:42:ab:be:da:f4:78:10:82:cf:fc: 95:c1:b2:a4:fc:e0:14:9c:bd:ac:b4:10:44:ad:89:a0:a7:3d: 3f:3f:62:f4 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgITLl7GFT8FhsytX7TIogj3Sb3kPjANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjUwODA5MDAwMDEzWhcN MjUwOTEzMjM1OTU5WjB6MUkwRwYDVQQFE0A3ODBmZmM5M2I1YjVlOWVmZTZjODc3 NGVjZDRkNzU1YTkxM2Q1ZGJjOGNhMjdlZjlkY2EyOTI1Mzc0Y2JjN2NmMS0wKwYD VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCePb3QJjGE9eSulHxwPYIINX9tBNtP YsBe8y2sZT3q9hY9ez395c2+XOiNNFzno5IVG69Z1r1kowTc/QvRQ74gqc6eOoqH 0KI3S9XJio/ejpFNAZlwmJr2nbwfnjy88Be6W2c3VpOP0pdqWcP3M0G9dcSnnUfk x5I3nrkEL1+UT4nRRtBsLy/YEVmp4cXBAo/FtYdF720h+OTRaj/GaZ/tRlDlUx6l TS7QBQ9wuk5XWglCl0ye6Cy8jMk/XkQK5n84vEGgXIenyDSRO2CHD/4zfxpBSCii r9AxHmKIgA7X1btFWaKelDC5kJH1sG7Is3JB9fXWaRzuK0I1K44LAAT/AgMBAAGj ggJKMIICRjAdBgNVHQ4EFgQUb0P0gbxuv3HAlzhi7VrNM8JeT8UwHwYDVR0jBBgw FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv Y2U2OWViNGYtNzU2ZC00ODNhLWJkZjMtOWJhM2Q3N2YxMzdhLnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E AgACMAgDBgMkBtooiDANBgkqhkiG9w0BAQsFAAOCAQEAHFqWnKz2fAi+tWrdWPxq t9oSvLypDeQgQ4QbrGdhhMhZPS5PDSVrUdbSvKHcHyeoKb2mG+Z1wXr20ajfDcCR cnrbz7vfKJ7di8Ltt+Wj1Wu10dpYjqJje9xl04J2AZuLEw0jBZlYTlBtOMPp1gsE AHWgMhVahiJQkWD8CbI1X3+B7pLhjMatiZ/BP5Nmy+XOOq45Q+4oeooorTC27+cP cVBlQub/pCQKW3TFj2banj8xtyVhscOErMrtcE6TEUh4ZGhwsHgsjIl4DWDUrjvj X8FAf0mvvbNAKx6Dddlp5uhCq77a9HgQgs/8lcGypPzgFJy9rLQQRK2JoKc9Pz9i 9A== -----END CERTIFICATE-----Generated at Wed Aug 20 10:43:36 2025 by rpki-client