$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e6bab3e6-c28e-47e7-bab4-a461b1539faa.roa File: e6bab3e6-c28e-47e7-bab4-a461b1539faa.roa (raw, json) Hash identifier: bayZ29MDPKLvXMQvxNhUjiZFAZw3iI45pwkv6EsMi24= Subject key identifier: 42:93:0B:AA:F9:33:46:16:3A:EB:69:15:27:1F:E3:F5:9A:7C:9B:69 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0308FC015DD40787FF116DBDCBFD5DBC4B2C2F01 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e6bab3e6-c28e-47e7-bab4-a461b1539faa.roa Signing time: Fri 15 Aug 2025 00:10:50 +0000 ROA not before: Fri 15 Aug 2025 00:10:50 +0000 ROA not after: Fri 19 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:f000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 00:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:08:fc:01:5d:d4:07:87:ff:11:6d:bd:cb:fd:5d:bc:4b:2c:2f:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 15 00:10:50 2025 GMT Not After : Sep 19 23:59:59 2025 GMT Subject: serialNumber=6610f52955e7e6d372425468d8445ca5579d43073b7afe1c51ba3fe9ccb19a8d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:1a:84:21:9a:09:80:a7:5f:9b:f1:58:0a:a3: e6:02:7d:d7:c7:10:fa:5b:86:63:af:f2:2d:81:8d: f9:29:38:e1:ab:97:54:3b:96:a9:54:e8:d5:14:82: 3c:0b:26:35:48:8e:95:23:7f:6c:06:3e:4e:0c:1a: f4:d2:86:19:75:1a:ce:3f:7c:a9:3a:22:ad:8b:a5: e8:05:a4:8e:fa:2e:6a:fe:ca:93:5b:bc:06:48:83: c1:ae:1c:8d:a5:17:ba:0f:c8:cc:de:20:a7:6e:b9: 86:84:3f:71:63:98:02:68:4f:c6:0a:29:dc:36:fd: 89:57:9e:44:a6:e1:13:5d:70:76:b5:91:9c:37:1c: 08:e4:28:67:0e:bc:e4:cd:df:27:f5:6e:36:6c:35: d9:15:21:4e:2a:26:70:bc:86:9e:90:a3:8d:62:74: bb:2a:ad:25:b1:09:0d:f4:65:b0:b9:a4:79:01:21: 3b:e8:ea:62:b5:84:60:f4:87:07:19:8b:d9:54:b3: 13:c8:66:87:70:1e:47:7c:56:7f:9e:28:7e:f0:93: 4c:00:7d:ef:eb:11:35:eb:f9:54:bd:8f:bd:ae:82: 73:5d:30:66:63:80:31:e4:2a:51:09:8e:06:46:de: b7:8d:2c:a2:1a:5d:4a:64:72:e0:72:16:0d:78:28: cd:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:93:0B:AA:F9:33:46:16:3A:EB:69:15:27:1F:E3:F5:9A:7C:9B:69 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e6bab3e6-c28e-47e7-bab4-a461b1539faa.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:f000::/40 Signature Algorithm: sha256WithRSAEncryption 02:9a:6e:f5:1f:45:45:d7:70:cb:81:39:96:b2:f7:a9:41:7c: 5a:b4:7a:a9:c6:59:d5:ca:70:73:bd:5d:c2:8f:88:02:fc:ee: 1e:e3:42:c1:70:72:49:84:9e:ed:45:c5:d8:ac:29:c6:d3:a7: 45:40:51:c0:ff:f6:d9:ce:52:43:51:9e:3a:cf:0a:fa:94:67: 4a:c8:2c:21:f3:1a:cf:c4:00:09:9a:2e:c6:a7:b0:f4:15:eb: cc:74:fb:0b:e6:a9:6d:84:e3:65:56:b2:66:da:1d:35:c9:6b: 16:6c:76:c5:e0:2e:f5:49:95:99:e1:0f:c3:92:b3:2e:dd:8c: 5c:3f:af:89:04:c7:ae:fe:b7:d3:45:57:fc:87:81:0f:95:b1: e0:77:ee:9d:4d:06:57:d7:30:04:16:f7:16:52:3d:09:c8:da: 10:0f:e6:05:37:ff:c3:60:0c:a7:66:17:18:d4:36:8f:68:2f: 0f:53:21:88:53:76:6f:d4:24:86:f1:1b:97:f7:e2:f1:70:88: 19:8f:26:bf:98:e4:5b:76:ec:21:ac:1a:74:99:c7:e3:fb:64: eb:03:bf:15:48:e0:70:aa:c9:9d:87:28:da:12:21:2b:23:f8: 17:46:19:1d:6e:1c:bc:1e:25:a5:a7:e4:0c:9b:fb:0e:31:03: 09:c0:f7:24 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUAwj8AV3UB4f/EW29y/1dvEssLwEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxNTAwMTA1MFoX DTI1MDkxOTIzNTk1OVowejFJMEcGA1UEBRNANjYxMGY1Mjk1NWU3ZTZkMzcyNDI1 NDY4ZDg0NDVjYTU1NzlkNDMwNzNiN2FmZTFjNTFiYTNmZTljY2IxOWE4ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhqEIZoJgKdfm/FYCqPmAn3XxxD6 W4Zjr/ItgY35KTjhq5dUO5apVOjVFII8CyY1SI6VI39sBj5ODBr00oYZdRrOP3yp OiKti6XoBaSO+i5q/sqTW7wGSIPBrhyNpRe6D8jM3iCnbrmGhD9xY5gCaE/GCinc Nv2JV55EpuETXXB2tZGcNxwI5ChnDrzkzd8n9W42bDXZFSFOKiZwvIaekKONYnS7 Kq0lsQkN9GWwuaR5ASE76OpitYRg9IcHGYvZVLMTyGaHcB5HfFZ/nih+8JNMAH3v 6xE16/lUvY+9roJzXTBmY4Ax5CpRCY4GRt63jSyiGl1KZHLgchYNeCjNWwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEKTC6r5M0YWOutpFScf4/WafJtpMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2U2YmFiM2U2LWMyOGUtNDdlNy1iYWI0LWE0NjFiMTUzOWZhYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8/AwDQYJKoZIhvcNAQELBQADggEBAAKabvUfRUXXcMuBOZay 96lBfFq0eqnGWdXKcHO9XcKPiAL87h7jQsFwckmEnu1FxdisKcbTp0VAUcD/9tnO UkNRnjrPCvqUZ0rILCHzGs/EAAmaLsansPQV68x0+wvmqW2E42VWsmbaHTXJaxZs dsXgLvVJlZnhD8OSsy7djFw/r4kEx67+t9NFV/yHgQ+VseB37p1NBlfXMAQW9xZS PQnI2hAP5gU3/8NgDKdmFxjUNo9oLw9TIYhTdm/UJIbxG5f34vFwiBmPJr+Y5Ft2 7CGsGnSZx+P7ZOsDvxVI4HCqyZ2HKNoSISsj+BdGGR1uHLweJaWn5Ayb+w4xAwnA 9yQ= -----END CERTIFICATE-----Generated at Wed Aug 20 10:40:00 2025 by rpki-client