$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b334fca2-b2bc-4db5-956c-e3ff8d975b51.roa File: b334fca2-b2bc-4db5-956c-e3ff8d975b51.roa (raw, json) Hash identifier: oli7qMH4TKJHJntFQEbe8YWrQY5BzSNRAQqSIgTGzbo= Subject key identifier: 80:EB:CE:85:02:D0:26:76:B5:E7:79:B0:76:E1:EF:9D:29:94:F7:7B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 49EE05BF8A02AF1A7995B7E72EDD97B0BA633837 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b334fca2-b2bc-4db5-956c-e3ff8d975b51.roa Signing time: Fri 22 Aug 2025 00:01:02 +0000 ROA not before: Fri 22 Aug 2025 00:01:02 +0000 ROA not after: Fri 26 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:4840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:ee:05:bf:8a:02:af:1a:79:95:b7:e7:2e:dd:97:b0:ba:63:38:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 22 00:01:02 2025 GMT Not After : Sep 26 23:59:59 2025 GMT Subject: serialNumber=d5ef4f50bf6ad5272f2bf0ab497049cc2236fc0c186f67517fed22a2511a69f7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:90:d9:05:e7:cb:15:22:ac:16:aa:af:0f:df: 53:c1:6c:72:84:54:43:fe:03:b1:01:f6:05:5c:90: 01:82:a6:ac:2a:8a:81:31:07:ab:5d:6f:d0:f0:97: fd:8b:e3:3f:ff:7b:8d:ae:d8:a3:cc:86:29:31:84: 67:72:97:93:55:1c:d1:9f:3e:ea:d7:9e:97:00:27: 2f:30:27:54:60:84:c2:32:af:55:c5:61:3a:17:26: 91:e3:b8:e4:22:35:df:3c:65:0e:be:3a:22:4f:04: 45:e6:e0:f6:e1:37:ba:ad:aa:f2:13:c4:da:e8:70: 1a:4b:06:fc:38:bc:df:90:32:9e:27:13:fd:c2:7a: 22:6c:e1:9e:85:b9:e2:fb:2c:da:de:6b:af:be:bf: 59:68:a4:99:c0:a1:b5:95:08:51:b3:05:58:bf:03: dd:b1:67:70:6e:10:41:27:ff:fb:93:0b:f3:2e:f5: 9c:76:c7:a9:9f:2c:f3:7d:f6:cf:23:15:3a:20:a4: 60:e3:ae:36:84:5d:ba:5a:be:24:a1:10:a2:43:fe: 5e:55:00:7f:01:33:03:62:af:f4:be:3f:38:80:19: 3e:a0:4d:82:fc:77:42:b1:9a:b2:2e:d0:da:d2:58: 5a:af:1f:b4:ff:6d:56:ac:19:d1:d6:53:ea:bd:2c: 6b:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:EB:CE:85:02:D0:26:76:B5:E7:79:B0:76:E1:EF:9D:29:94:F7:7B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b334fca2-b2bc-4db5-956c-e3ff8d975b51.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:4840::/48 Signature Algorithm: sha256WithRSAEncryption 1c:e9:8f:e4:d9:82:d8:3e:bb:ff:84:bc:bc:95:22:54:bf:df: b7:e7:f7:7b:f4:11:43:47:a9:32:0b:c8:33:e7:30:a0:42:9f: 65:5f:48:21:b8:f7:90:bc:6f:66:ca:7b:a5:64:9c:f7:cf:8c: 81:40:ae:ef:21:87:30:e9:f3:c4:31:9b:50:1c:06:c3:37:d7: ec:f5:fc:e5:7f:09:f8:0c:c0:ef:a0:2d:a7:a9:cf:4d:11:34: 75:5c:e7:1d:30:35:72:6b:b7:f5:1d:0a:0c:b6:9a:00:79:64: 8f:1a:18:6a:81:b8:99:5d:9a:a2:1f:9e:4b:0c:ff:df:cc:40: f9:00:81:3c:a5:d2:cb:d1:19:8e:7c:a7:ab:73:45:51:1f:59: 07:07:8e:02:19:43:09:9b:f1:34:90:f2:a5:dd:99:63:fc:ca: ae:15:9a:6d:01:59:6c:da:89:95:7f:16:21:f4:7d:f4:fc:7d: ec:30:b2:c5:b2:80:b0:62:bb:15:00:bd:8e:5b:c6:c0:5f:01: ee:81:26:82:22:70:c8:90:27:aa:9c:35:e1:3b:cf:19:e4:27: 49:4d:80:76:be:77:f5:0c:d3:f2:7a:3c:29:4a:db:f5:09:4f: e8:d9:a0:2c:52:94:c0:84:f0:a7:e9:c0:9f:5c:cf:50:b8:7f: 44:f3:95:3e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUSe4Fv4oCrxp5lbfnLt2XsLpjODcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMjAwMDEwMloX DTI1MDkyNjIzNTk1OVowejFJMEcGA1UEBRNAZDVlZjRmNTBiZjZhZDUyNzJmMmJm MGFiNDk3MDQ5Y2MyMjM2ZmMwYzE4NmY2NzUxN2ZlZDIyYTI1MTFhNjlmNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5DZBefLFSKsFqqvD99TwWxyhFRD /gOxAfYFXJABgqasKoqBMQerXW/Q8Jf9i+M//3uNrtijzIYpMYRncpeTVRzRnz7q 156XACcvMCdUYITCMq9VxWE6FyaR47jkIjXfPGUOvjoiTwRF5uD24Te6raryE8Ta 6HAaSwb8OLzfkDKeJxP9wnoibOGehbni+yza3muvvr9ZaKSZwKG1lQhRswVYvwPd sWdwbhBBJ//7kwvzLvWcdsepnyzzffbPIxU6IKRg4642hF26Wr4koRCiQ/5eVQB/ ATMDYq/0vj84gBk+oE2C/HdCsZqyLtDa0lharx+0/21WrBnR1lPqvSxriQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIDrzoUC0CZ2ted5sHbh750plPd7MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IzMzRmY2EyLWIyYmMtNGRiNS05NTZjLWUzZmY4ZDk3NWI1MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8khAMA0GCSqGSIb3DQEBCwUAA4IBAQAc6Y/k2YLYPrv/hLy8 lSJUv9+35/d79BFDR6kyC8gz5zCgQp9lX0ghuPeQvG9mynulZJz3z4yBQK7vIYcw 6fPEMZtQHAbDN9fs9fzlfwn4DMDvoC2nqc9NETR1XOcdMDVya7f1HQoMtpoAeWSP GhhqgbiZXZqiH55LDP/fzED5AIE8pdLL0RmOfKerc0VRH1kHB44CGUMJm/E0kPKl 3Zlj/MquFZptAVls2omVfxYh9H30/H3sMLLFsoCwYrsVAL2OW8bAXwHugSaCInDI kCeqnDXhO88Z5CdJTYB2vnf1DNPyejwpStv1CU/o2aAsUpTAhPCn6cCfXM9QuH9E 85U+ -----END CERTIFICATE-----Generated at Sat Aug 23 11:51:43 2025 by rpki-client