$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be8702e9-72df-463a-bb7d-aa1daff3f574.roa File: be8702e9-72df-463a-bb7d-aa1daff3f574.roa (raw, json) Hash identifier: OExWzB+AEQFr4+l3oHtJGgz6EHFswtbshmCmPTfphHU= Subject key identifier: A2:EE:0C:95:3D:A6:6A:8F:1E:36:7B:CB:32:19:0A:EC:D7:FB:47:17 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 40445F4349B768E052B77F7695B108A7321AE034 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be8702e9-72df-463a-bb7d-aa1daff3f574.roa Signing time: Sat 23 Aug 2025 00:30:12 +0000 ROA not before: Sat 23 Aug 2025 00:30:12 +0000 ROA not after: Sat 27 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:44:5f:43:49:b7:68:e0:52:b7:7f:76:95:b1:08:a7:32:1a:e0:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 23 00:30:12 2025 GMT Not After : Sep 27 23:59:59 2025 GMT Subject: serialNumber=2eb259866a442dcdf0cd16301598b0d7fc42921ca0400c67625cc7ec5bc14c6d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:90:7c:a5:c1:59:92:82:76:f5:65:c2:61:35: 80:e9:32:fa:d6:9f:86:5f:b1:00:28:2b:f4:0a:8d: 9b:51:98:b4:65:e5:e4:6c:fa:9b:7d:a3:f9:84:c6: 92:c1:3f:54:28:b4:9e:29:d4:26:f1:17:8f:be:17: 5e:c8:e5:71:9e:54:ef:4a:0b:80:be:8b:5f:e0:b7: 4c:85:3a:29:c0:32:fe:42:62:0f:c4:4b:ec:79:7a: 1a:2f:5d:ad:29:ce:23:95:28:73:c3:43:66:82:4d: 79:44:30:f4:25:14:ce:31:a7:c3:91:e2:88:7b:94: 9b:ae:2c:82:4a:f5:26:0f:3b:ef:dc:41:ac:19:29: e0:ec:0a:9c:26:c3:31:22:1e:90:10:43:e2:8e:5f: 06:5f:3a:79:fb:b2:72:44:08:af:d8:28:f9:5c:71: 52:64:ce:5f:3d:be:90:44:88:44:c8:d1:85:45:3f: a1:51:e6:d3:29:c7:62:77:f6:cc:e2:04:2f:68:67: 86:b1:10:93:fc:d3:5c:2e:b1:b5:9f:91:31:fd:82: 94:3f:b3:48:f6:aa:d6:c8:f7:3f:f9:57:3b:d6:be: 80:9c:ef:85:52:a6:ca:ab:f6:79:36:7d:49:9e:3e: fc:dc:96:5e:a6:06:66:b2:20:de:ef:f8:b3:9c:cc: 3a:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:EE:0C:95:3D:A6:6A:8F:1E:36:7B:CB:32:19:0A:EC:D7:FB:47:17 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be8702e9-72df-463a-bb7d-aa1daff3f574.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:a000::/40 Signature Algorithm: sha256WithRSAEncryption 2f:56:f9:69:3d:3c:b6:b9:2a:99:6e:1e:f2:88:5c:34:15:cf: 04:23:90:63:a5:ef:91:e2:15:a3:a6:46:2a:94:bc:2b:9b:a8: 40:08:89:e2:8e:be:56:6e:d0:9e:ba:1e:a9:10:ba:47:7b:1f: b9:30:d3:2d:44:9b:f5:28:53:1d:af:0d:25:a1:5d:26:fd:ea: 5c:b6:77:6f:88:35:0c:bd:b8:25:33:ba:e7:c2:07:84:44:9f: 72:cc:c8:6a:e9:a0:62:3b:f0:0b:3d:4c:60:3b:dd:e5:6f:41: 1f:6d:14:ba:85:8d:eb:45:70:f4:7c:3a:3e:1a:fd:80:bd:10: 97:7c:9e:cd:da:38:68:ee:0e:3d:59:43:c8:b0:e9:b7:f7:9d: d4:dc:81:d7:d8:18:96:07:e3:f7:89:4e:ec:1d:b3:da:3f:8e: 05:64:15:1e:63:9a:a9:f2:da:48:47:ab:d2:98:70:63:7c:96: d1:29:61:08:84:fa:da:7e:84:34:3a:8c:3b:e5:ff:19:26:72: 9d:6c:14:98:b6:47:da:70:df:ea:60:68:8e:c9:4e:c3:19:0d: 1f:3e:ce:1e:aa:2e:3a:11:1a:b5:6f:91:95:79:65:74:0d:a0: 05:c2:32:45:b8:de:9b:09:d9:6a:05:1d:b7:44:1b:fd:7f:20: 6f:b0:e1:86 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQERfQ0m3aOBSt392lbEIpzIa4DQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMzAwMzAxMloX DTI1MDkyNzIzNTk1OVowejFJMEcGA1UEBRNAMmViMjU5ODY2YTQ0MmRjZGYwY2Qx NjMwMTU5OGIwZDdmYzQyOTIxY2EwNDAwYzY3NjI1Y2M3ZWM1YmMxNGM2ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5B8pcFZkoJ29WXCYTWA6TL61p+G X7EAKCv0Co2bUZi0ZeXkbPqbfaP5hMaSwT9UKLSeKdQm8RePvhdeyOVxnlTvSguA votf4LdMhTopwDL+QmIPxEvseXoaL12tKc4jlShzw0Nmgk15RDD0JRTOMafDkeKI e5SbriyCSvUmDzvv3EGsGSng7AqcJsMxIh6QEEPijl8GXzp5+7JyRAiv2Cj5XHFS ZM5fPb6QRIhEyNGFRT+hUebTKcdid/bM4gQvaGeGsRCT/NNcLrG1n5Ex/YKUP7NI 9qrWyPc/+Vc71r6AnO+FUqbKq/Z5Nn1Jnj783JZepgZmsiDe7/iznMw6owIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKLuDJU9pmqPHjZ7yzIZCuzX+0cXMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JlODcwMmU5LTcyZGYtNDYzYS1iYjdkLWFhMWRhZmYzZjU3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/6AwDQYJKoZIhvcNAQELBQADggEBAC9W+Wk9PLa5KpluHvKI XDQVzwQjkGOl75HiFaOmRiqUvCubqEAIieKOvlZu0J66HqkQukd7H7kw0y1Em/Uo Ux2vDSWhXSb96ly2d2+INQy9uCUzuufCB4REn3LMyGrpoGI78As9TGA73eVvQR9t FLqFjetFcPR8Oj4a/YC9EJd8ns3aOGjuDj1ZQ8iw6bf3ndTcgdfYGJYH4/eJTuwd s9o/jgVkFR5jmqny2khHq9KYcGN8ltEpYQiE+tp+hDQ6jDvl/xkmcp1sFJi2R9pw 3+pgaI7JTsMZDR8+zh6qLjoRGrVvkZV5ZXQNoAXCMkW43psJ2WoFHbdEG/1/IG+w 4YY= -----END CERTIFICATE-----Generated at Sat Aug 23 06:40:34 2025 by rpki-client