$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af6b0407-66be-4076-87b3-370d845449ef.roa File: af6b0407-66be-4076-87b3-370d845449ef.roa (raw, json) Hash identifier: bNNU8m3A1fPws9DjHwhvRMGnYIYYVs6DEyPOIFg2C1o= Subject key identifier: 5A:DC:9F:55:C8:93:FA:17:A7:16:08:12:09:89:BF:71:79:7B:0D:3E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4353A3717374F8C211321480D35066F2957702A1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af6b0407-66be-4076-87b3-370d845449ef.roa Signing time: Fri 22 Aug 2025 00:11:00 +0000 ROA not before: Fri 22 Aug 2025 00:11:00 +0000 ROA not after: Fri 26 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:6040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:53:a3:71:73:74:f8:c2:11:32:14:80:d3:50:66:f2:95:77:02:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 22 00:11:00 2025 GMT Not After : Sep 26 23:59:59 2025 GMT Subject: serialNumber=282571fd51d11f360b6bb2bd8e2d5218ca25b9ca4fede45f3c3b69ad4a51f21c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:9e:93:95:c7:2b:04:6f:be:ef:a0:4e:c0:12: dc:b1:67:af:7a:f5:d4:4e:bf:56:49:af:14:a8:f9: 05:28:59:2d:c8:ca:b2:36:dd:08:36:6d:0c:be:b0: c1:10:19:56:da:8c:fc:2e:05:de:f9:4a:b9:24:0d: a8:98:a8:89:8a:5e:dc:4f:19:ca:1f:3f:07:e0:cd: ad:97:29:d7:41:0c:48:63:bc:60:26:1f:f5:aa:e3: eb:3e:1e:f4:f0:5f:04:78:3a:da:25:94:51:57:89: af:68:71:e5:5d:17:e8:3f:1f:e2:36:d0:c8:9b:06: 18:2b:f6:1e:3a:a5:f8:37:2c:02:38:d1:8c:44:3e: bb:78:a3:ad:c8:8f:61:c8:2a:0e:92:cd:38:0e:f0: 31:2a:df:fb:24:3f:a2:6f:89:ef:33:4e:5d:c4:44: 92:80:d3:33:57:68:ed:35:95:88:fa:87:00:91:83: d2:5c:06:ed:a0:9a:99:78:a7:4d:01:bb:ca:99:21: 99:3c:45:a0:6a:0b:25:35:e7:60:c0:c8:18:a0:8f: bb:18:7f:d7:d4:19:c6:43:cf:78:ee:16:35:c7:1b: 50:8d:9c:cb:55:7a:f0:75:17:a7:fa:fe:22:8a:37: 93:7d:b5:79:8e:f3:56:1b:e1:e7:ad:bf:9b:92:a1: 3d:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:DC:9F:55:C8:93:FA:17:A7:16:08:12:09:89:BF:71:79:7B:0D:3E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af6b0407-66be-4076-87b3-370d845449ef.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:6040::/48 Signature Algorithm: sha256WithRSAEncryption a1:93:1f:90:50:61:94:26:5c:c3:e4:b0:20:4f:f0:2c:a6:47: 8d:3c:e6:41:3a:a1:23:89:3c:ed:99:48:e1:01:80:d1:0b:32: 26:d5:91:7f:0f:a7:f1:46:2b:6f:01:91:93:4d:c6:d0:6b:47: 9c:20:9b:0a:87:d8:a6:ad:c3:35:96:09:b9:49:23:04:1b:51: c0:b4:40:71:e4:6a:bf:20:99:0a:45:ac:d8:04:df:27:4d:04: ef:dd:47:a2:62:bb:6b:f8:9e:85:b5:9d:b0:c0:1e:c9:71:e3: b1:62:40:24:f0:6d:06:3a:97:82:71:f2:c0:29:e8:18:a2:96: 5d:a4:4a:8f:2b:0d:2e:e0:3c:04:cc:53:4c:b8:c1:d9:1f:6d: b7:ed:5d:c3:7b:b2:86:44:6d:b7:56:d3:2c:06:25:f3:86:8d: 59:42:3f:be:08:83:96:3f:25:9c:87:39:b4:a1:39:df:a9:82: 53:37:30:17:39:51:21:93:f4:7a:ca:f8:39:41:d6:db:a4:0c: 87:52:4f:1f:24:67:a2:28:fe:c2:cf:98:d5:c2:ab:af:80:27: 87:10:62:8a:86:b3:3d:92:47:80:f0:c0:d7:41:01:1c:32:59: b3:b5:fc:55:4f:e5:70:17:62:95:5d:e1:0d:0f:a7:bc:ce:2f: 1e:55:94:c6 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUQ1OjcXN0+MIRMhSA01Bm8pV3AqEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMjAwMTEwMFoX DTI1MDkyNjIzNTk1OVowejFJMEcGA1UEBRNAMjgyNTcxZmQ1MWQxMWYzNjBiNmJi MmJkOGUyZDUyMThjYTI1YjljYTRmZWRlNDVmM2MzYjY5YWQ0YTUxZjIxYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk56TlccrBG++76BOwBLcsWevevXU Tr9WSa8UqPkFKFktyMqyNt0INm0MvrDBEBlW2oz8LgXe+Uq5JA2omKiJil7cTxnK Hz8H4M2tlynXQQxIY7xgJh/1quPrPh708F8EeDraJZRRV4mvaHHlXRfoPx/iNtDI mwYYK/YeOqX4NywCONGMRD67eKOtyI9hyCoOks04DvAxKt/7JD+ib4nvM05dxESS gNMzV2jtNZWI+ocAkYPSXAbtoJqZeKdNAbvKmSGZPEWgagslNedgwMgYoI+7GH/X 1BnGQ8947hY1xxtQjZzLVXrwdRen+v4iijeTfbV5jvNWG+Hnrb+bkqE9VQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFrcn1XIk/oXpxYIEgmJv3F5ew0+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FmNmIwNDA3LTY2YmUtNDA3Ni04N2IzLTM3MGQ4NDU0NDllZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8mBAMA0GCSqGSIb3DQEBCwUAA4IBAQChkx+QUGGUJlzD5LAg T/AspkeNPOZBOqEjiTztmUjhAYDRCzIm1ZF/D6fxRitvAZGTTcbQa0ecIJsKh9im rcM1lgm5SSMEG1HAtEBx5Gq/IJkKRazYBN8nTQTv3UeiYrtr+J6FtZ2wwB7JceOx YkAk8G0GOpeCcfLAKegYopZdpEqPKw0u4DwEzFNMuMHZH2237V3De7KGRG23VtMs BiXzho1ZQj++CIOWPyWchzm0oTnfqYJTNzAXOVEhk/R6yvg5QdbbpAyHUk8fJGei KP7Cz5jVwquvgCeHEGKKhrM9kkeA8MDXQQEcMlmztfxVT+VwF2KVXeEND6e8zi8e VZTG -----END CERTIFICATE-----Generated at Sat Aug 23 08:20:45 2025 by rpki-client