$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b3ed934e-b507-4d1e-8108-d901f3b37b6d.roa File: b3ed934e-b507-4d1e-8108-d901f3b37b6d.roa (raw, json) Hash identifier: /e/pU7ITss5IvXkpo6jO/fB0lvA3RsY42lMqQSePnGc= Subject key identifier: 7B:D1:81:31:C6:A1:71:C6:1F:65:F0:8F:A6:D4:43:C5:1E:6E:E5:CC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4AD6D809863964FF3AB6E6C907E379FEFBD8B657 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b3ed934e-b507-4d1e-8108-d901f3b37b6d.roa Signing time: Sat 23 Aug 2025 00:30:15 +0000 ROA not before: Sat 23 Aug 2025 00:30:15 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:d6:d8:09:86:39:64:ff:3a:b6:e6:c9:07:e3:79:fe:fb:d8:b6:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:30:15 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=1216fed0d353c13967f95e27c024493a9a4e533850874d87aad7b61c5d063e69, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:e9:10:8c:73:95:54:77:26:91:a6:c0:09:e3: cd:f9:24:53:38:c8:80:cd:f0:71:82:b6:75:0d:57: f3:48:f5:fe:58:61:37:af:bf:65:63:a2:da:66:95: 08:6b:1b:85:c5:02:8f:4c:3c:8c:8c:c2:0d:cf:f2: e4:80:6d:9a:e1:7b:24:82:e7:36:1b:2c:9a:6d:11: 7f:30:4e:1b:77:ab:e7:35:62:be:ef:5c:22:1d:a1: d6:d7:fa:30:6a:ba:2d:9f:17:2c:03:23:25:39:ea: 88:61:23:72:40:20:d6:c2:40:4f:b8:ed:37:e2:9e: 53:21:53:6f:4e:42:c0:6e:80:de:dc:d6:7e:9b:f3: b7:61:02:70:d9:b1:1d:bb:d0:0c:7d:4a:12:a3:6f: 11:b7:85:f7:80:88:35:de:9b:b9:8c:c8:37:d5:50: bd:d4:39:b7:78:21:83:d7:c3:4b:a8:d0:7b:f9:aa: 2e:0e:e1:f0:0b:cb:d7:f8:b3:66:fc:09:18:f4:6b: bd:c6:8a:b6:1a:87:6f:29:17:53:c9:27:f0:9f:70: b3:8a:7f:56:eb:d1:89:5b:fd:23:44:75:6b:6a:c8: 9c:b6:52:22:2d:2e:e8:70:cd:80:38:e0:ef:81:eb: 50:92:b5:d1:62:4e:d5:07:6d:c7:31:19:a4:f1:ea: 53:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:D1:81:31:C6:A1:71:C6:1F:65:F0:8F:A6:D4:43:C5:1E:6E:E5:CC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b3ed934e-b507-4d1e-8108-d901f3b37b6d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:1000::/40 Signature Algorithm: sha256WithRSAEncryption 36:ec:8f:63:6b:27:49:73:48:68:fb:25:60:5a:1b:16:64:97: 4f:9c:0c:64:d2:39:8e:25:11:05:d5:43:68:13:a5:28:eb:1a: f0:a6:dd:f2:cd:16:04:9f:43:8c:64:1f:4b:fc:9f:56:a2:7b: ec:0b:e1:97:95:c7:63:39:7c:a9:31:2f:7b:43:06:46:f6:75: 6f:4f:63:8d:ff:df:95:63:cb:0b:2a:4b:46:c5:5e:0b:17:87: b4:14:b7:f5:41:32:df:c0:3c:0f:a8:62:1a:c6:c4:b5:06:18: 83:b3:ca:73:db:06:79:93:65:91:34:84:74:be:c0:0a:86:db: 9f:35:bb:97:a5:0b:20:a6:32:58:2f:3e:b1:4a:9c:fd:9a:dd: 67:c0:19:ff:65:0e:74:3c:44:9d:7a:51:6b:3d:dc:70:03:97: f5:0f:4d:ac:16:00:0f:17:83:32:2d:22:6f:fb:f6:1e:cb:9e: fc:92:d0:6e:35:30:27:bc:e5:50:53:f4:88:18:fe:b7:0b:52: f0:ce:2a:3a:72:e6:09:89:0e:b0:96:29:9a:10:96:95:1b:f5: fe:e7:9a:06:b7:94:02:97:e2:cf:d4:36:fc:64:fc:a6:49:21: c2:e2:74:83:61:30:8e:a2:d9:53:73:3f:15:7d:fc:39:25:04: f1:11:61:4d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUStbYCYY5ZP86tubJB+N5/vvYtlcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMzAxNVoX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAMTIxNmZlZDBkMzUzYzEzOTY3Zjk1 ZTI3YzAyNDQ5M2E5YTRlNTMzODUwODc0ZDg3YWFkN2I2MWM1ZDA2M2U2OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+kQjHOVVHcmkabACePN+SRTOMiA zfBxgrZ1DVfzSPX+WGE3r79lY6LaZpUIaxuFxQKPTDyMjMINz/LkgG2a4Xskguc2 GyyabRF/ME4bd6vnNWK+71wiHaHW1/owarotnxcsAyMlOeqIYSNyQCDWwkBPuO03 4p5TIVNvTkLAboDe3NZ+m/O3YQJw2bEdu9AMfUoSo28Rt4X3gIg13pu5jMg31VC9 1Dm3eCGD18NLqNB7+aouDuHwC8vX+LNm/AkY9Gu9xoq2GodvKRdTySfwn3Czin9W 69GJW/0jRHVrasictlIiLS7ocM2AOODvgetQkrXRYk7VB23HMRmk8epTfQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHvRgTHGoXHGH2Xwj6bUQ8UebuXMMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IzZWQ5MzRlLWI1MDctNGQxZS04MTA4LWQ5MDFmM2IzN2I2ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/xAwDQYJKoZIhvcNAQELBQADggEBADbsj2NrJ0lzSGj7JWBa GxZkl0+cDGTSOY4lEQXVQ2gTpSjrGvCm3fLNFgSfQ4xkH0v8n1aie+wL4ZeVx2M5 fKkxL3tDBkb2dW9PY43/35VjywsqS0bFXgsXh7QUt/VBMt/APA+oYhrGxLUGGIOz ynPbBnmTZZE0hHS+wAqG2581u5elCyCmMlgvPrFKnP2a3WfAGf9lDnQ8RJ16UWs9 3HADl/UPTawWAA8XgzItIm/79h7LnvyS0G41MCe85VBT9IgY/rcLUvDOKjpy5gmJ DrCWKZoQlpUb9f7nmga3lAKX4s/UNvxk/KZJIcLidINhMI6i2VNzPxV9/DklBPER YU0= -----END CERTIFICATE-----Generated at Sat Aug 23 12:11:26 2025 by rpki-client