$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa File: bffbf7d3-f229-458a-8400-7dc848730d21.roa (raw, json) Hash identifier: Pp1YiAgGHhDTRmYQLJHq1F0SaQqJkhhc4Wl7tf02KMU= Subject key identifier: DE:A7:1F:6B:AB:76:57:C9:F3:8D:9F:6C:89:5D:4C:1C:14:18:AC:E3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 75EB19F8FCC0F08BF1E8647F2A5A83503780E24F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa Signing time: Fri 22 Aug 2025 00:00:58 +0000 ROA not before: Fri 22 Aug 2025 00:00:58 +0000 ROA not after: Fri 26 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:c080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:eb:19:f8:fc:c0:f0:8b:f1:e8:64:7f:2a:5a:83:50:37:80:e2:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 22 00:00:58 2025 GMT Not After : Sep 26 23:59:59 2025 GMT Subject: serialNumber=fba9fa56526c88cf4db23426210176262d9a66c2e0a190cb2b2276e93c98b860, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:7f:cc:c6:38:98:b0:af:fb:05:bb:d2:6d:a0: ea:2a:68:fb:66:a3:e2:05:e7:a2:e9:48:82:33:a3: 6a:86:bd:ef:04:4c:05:0b:35:4b:94:1b:2e:5d:39: 92:d6:de:9d:ed:d6:5b:c4:bc:a6:66:f0:8f:b8:fc: 89:01:34:e4:2e:85:89:2e:a7:47:1c:24:bd:9f:ce: ec:29:e3:a8:bd:ab:d1:18:5f:b5:06:14:69:eb:8f: 4e:33:33:a2:11:aa:45:7e:34:c8:01:67:06:4c:48: 36:c7:04:6c:06:d7:29:f0:a9:6d:04:a8:00:bc:32: 52:5e:49:b8:6b:7a:f5:26:a3:cf:66:bc:ab:bf:d3: 29:01:5a:02:bc:af:28:5b:75:c9:8c:c5:81:3e:7d: 5e:51:d7:de:e2:f9:ad:ac:27:65:6e:88:9b:d1:5c: d4:98:f1:da:41:c1:a2:1f:e4:c6:14:8f:2b:22:ae: 10:06:66:26:f9:3a:e7:f3:cc:d7:84:80:41:65:51: 7d:a0:df:fc:fc:00:63:0a:fa:1f:fb:bd:da:8e:b7: 99:46:68:87:ed:c5:92:43:39:23:03:1f:a8:cb:f5: 36:82:17:19:a5:89:ef:bd:38:f3:9e:64:6c:08:07: 73:05:4b:88:43:49:b9:8c:87:96:01:6b:f2:cd:8d: a8:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:A7:1F:6B:AB:76:57:C9:F3:8D:9F:6C:89:5D:4C:1C:14:18:AC:E3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:c080::/48 Signature Algorithm: sha256WithRSAEncryption 1c:d9:56:82:cb:1e:3a:1f:bb:e9:7a:55:8c:f4:67:8a:b0:59: 12:8c:18:41:cd:af:03:32:7e:b1:93:1f:af:e3:a2:aa:44:d7: ec:f2:07:6b:a9:d4:16:51:06:43:5a:a2:01:6c:e7:fa:2f:7c: 55:9a:4e:dc:dd:fe:ce:c1:5d:6c:14:8e:54:c3:cd:52:95:60: 3f:f4:ea:e4:60:6a:2d:6a:43:7d:3a:a7:e2:1b:5f:61:ec:b8: 82:7e:dc:ab:33:d0:a6:6d:6b:5f:5d:36:c8:2d:d1:95:75:c6: bd:5e:a6:5e:a3:0d:42:0c:be:46:c8:8d:a8:4b:b2:89:b1:11: cc:f7:71:04:4c:0c:b5:e5:55:9f:ff:76:88:7f:a3:e7:45:57: 50:14:35:e6:b9:d1:01:81:04:df:77:f0:4c:21:8a:5d:73:ee: af:2d:9c:78:02:03:7b:7e:b6:ea:4b:8b:5e:28:bf:5e:bf:0e: 36:f1:ad:82:cc:16:53:b7:b6:37:1a:ca:e2:13:ec:41:81:db: 5b:03:df:b6:5e:b2:e1:7c:6b:dc:1d:e4:e8:2a:12:cb:c3:81: fc:d0:d8:2a:e3:31:96:35:a7:73:62:b3:18:50:dd:dd:e2:e6: 12:8a:66:14:c0:8f:41:32:10:81:dd:33:f7:55:09:3d:9a:c0: e3:3c:9f:46 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUdesZ+PzA8Ivx6GR/KlqDUDeA4k8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMjAwMDA1OFoX DTI1MDkyNjIzNTk1OVowejFJMEcGA1UEBRNAZmJhOWZhNTY1MjZjODhjZjRkYjIz NDI2MjEwMTc2MjYyZDlhNjZjMmUwYTE5MGNiMmIyMjc2ZTkzYzk4Yjg2MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3/MxjiYsK/7BbvSbaDqKmj7ZqPi Beei6UiCM6Nqhr3vBEwFCzVLlBsuXTmS1t6d7dZbxLymZvCPuPyJATTkLoWJLqdH HCS9n87sKeOovavRGF+1BhRp649OMzOiEapFfjTIAWcGTEg2xwRsBtcp8KltBKgA vDJSXkm4a3r1JqPPZryrv9MpAVoCvK8oW3XJjMWBPn1eUdfe4vmtrCdlboib0VzU mPHaQcGiH+TGFI8rIq4QBmYm+Trn88zXhIBBZVF9oN/8/ABjCvof+73ajreZRmiH 7cWSQzkjAx+oy/U2ghcZpYnvvTjznmRsCAdzBUuIQ0m5jIeWAWvyzY2oiQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFN6nH2urdlfJ842fbIldTBwUGKzjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JmZmJmN2QzLWYyMjktNDU4YS04NDAwLTdkYzg0ODczMGQyMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8sCAMA0GCSqGSIb3DQEBCwUAA4IBAQAc2VaCyx46H7vpelWM 9GeKsFkSjBhBza8DMn6xkx+v46KqRNfs8gdrqdQWUQZDWqIBbOf6L3xVmk7c3f7O wV1sFI5Uw81SlWA/9OrkYGotakN9OqfiG19h7LiCftyrM9CmbWtfXTbILdGVdca9 XqZeow1CDL5GyI2oS7KJsRHM93EETAy15VWf/3aIf6PnRVdQFDXmudEBgQTfd/BM IYpdc+6vLZx4AgN7frbqS4teKL9evw428a2CzBZTt7Y3GsriE+xBgdtbA9+2XrLh fGvcHeToKhLLw4H80Ngq4zGWNadzYrMYUN3d4uYSimYUwI9BMhCB3TP3VQk9msDj PJ9G -----END CERTIFICATE-----Generated at Sat Aug 23 08:26:37 2025 by rpki-client