$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/faf03c26-86cc-4b80-a160-2861ff66c03b.roa File: faf03c26-86cc-4b80-a160-2861ff66c03b.roa (raw, json) Hash identifier: hhZSAzER29q6OR8x+TTq34LJ7zERODs1ZpQjaOG9vLg= Subject key identifier: 4A:C8:7F:DD:AB:30:52:93:4F:D2:29:53:6C:27:0F:99:6D:88:EB:8B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 74CC5E6EEB59E9C91BADA800CE71116F8EB36A05 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/faf03c26-86cc-4b80-a160-2861ff66c03b.roa Signing time: Fri 22 Aug 2025 00:00:16 +0000 ROA not before: Fri 22 Aug 2025 00:00:16 +0000 ROA not after: Fri 26 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:c0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:cc:5e:6e:eb:59:e9:c9:1b:ad:a8:00:ce:71:11:6f:8e:b3:6a:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 22 00:00:16 2025 GMT Not After : Sep 26 23:59:59 2025 GMT Subject: serialNumber=077cfedf59befe5f05f6a8ad5ea9bce4689f13dbbbb93014033f5e8fa052ba68, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:8e:6c:00:70:89:80:d6:b4:0a:7e:b6:fe:a2: 39:ff:ba:91:a0:5a:2f:c4:27:b9:0b:6e:b0:76:3a: 52:72:a5:cf:83:a4:c5:65:2a:f6:3a:ea:cc:f8:35: 75:2d:fa:82:d4:de:63:0c:4b:9b:a7:59:d8:55:ca: 72:16:a2:be:d5:5f:0e:3d:99:cd:48:12:11:44:ed: 33:0a:a1:39:a7:ed:a0:0a:af:ec:7b:a6:54:53:f9: f6:d9:1f:e8:d7:96:e3:4d:d8:fc:8f:96:b8:98:be: 2b:16:4d:fd:e8:40:3d:83:e7:4d:e5:e1:ca:e0:1b: 61:58:72:0d:a5:1b:aa:67:b4:77:b7:10:41:3a:bb: ec:bd:b0:8b:de:35:72:ff:c3:d6:7b:6a:9b:01:9c: 63:83:dd:de:53:5b:13:6a:09:24:86:34:11:1c:42: a7:32:a1:0d:05:9b:24:e9:17:d4:c7:2a:7c:d6:a4: 0b:1c:f2:b7:f9:89:ea:fa:5f:41:f2:12:8d:8f:52: b8:23:f3:6d:54:d1:0e:e3:0d:8f:9c:b9:ae:0e:84: ef:d4:e4:3b:62:9e:72:da:eb:ec:71:6e:16:05:43: 2b:ce:e3:2a:90:b5:9d:4e:70:cf:f1:66:3c:a7:64: 5b:93:73:b2:38:38:71:e0:ae:b8:3b:5d:da:b0:54: 84:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:C8:7F:DD:AB:30:52:93:4F:D2:29:53:6C:27:0F:99:6D:88:EB:8B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/faf03c26-86cc-4b80-a160-2861ff66c03b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:c0c0::/48 Signature Algorithm: sha256WithRSAEncryption 3c:cb:08:06:8f:32:79:12:a1:1e:3f:8f:95:9c:a3:d4:c6:8e: 64:b8:79:79:3b:6f:45:35:d9:c3:92:39:5c:ea:82:5b:53:4e: cc:98:50:fa:f6:82:8c:a7:c8:1b:1b:24:5d:01:bc:73:cc:4f: 26:dd:4f:c1:bc:14:70:21:8b:b3:3b:2f:eb:ab:2e:98:1e:3a: 96:b3:ac:d4:48:16:25:16:92:55:6d:f4:93:2a:35:e4:4e:b0: d2:83:96:a8:86:c7:51:b6:36:34:f0:eb:0f:52:0e:9d:d8:ae: 86:c7:68:a3:58:59:83:4e:d5:bc:59:5d:c9:3e:97:db:5b:8a: 47:73:cf:e5:f2:0d:0e:a3:0d:ee:8f:9c:b1:15:3d:18:84:4e: 52:f5:de:d2:68:df:e0:68:80:cb:81:e8:1f:92:e7:82:51:7c: c9:28:68:c0:89:56:0f:6f:1d:18:06:0c:48:35:1d:04:62:53: 68:ea:5a:7d:7e:9c:aa:1c:32:6a:99:ad:c6:5d:7f:90:1b:12: 16:50:30:5e:a7:6a:96:90:c1:b4:a0:89:7c:9f:41:82:3a:e0: 49:cc:d3:d9:d8:51:fb:9f:b1:00:fa:9a:3e:f5:db:3d:2d:cd: 9e:77:56:50:46:5a:53:4e:17:f0:6a:2d:bb:82:78:4c:cc:6b: 12:f2:16:b2 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUdMxebutZ6ckbragAznERb46zagUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMjAwMDAxNloX DTI1MDkyNjIzNTk1OVowejFJMEcGA1UEBRNAMDc3Y2ZlZGY1OWJlZmU1ZjA1ZjZh OGFkNWVhOWJjZTQ2ODlmMTNkYmJiYjkzMDE0MDMzZjVlOGZhMDUyYmE2ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA945sAHCJgNa0Cn62/qI5/7qRoFov xCe5C26wdjpScqXPg6TFZSr2OurM+DV1LfqC1N5jDEubp1nYVcpyFqK+1V8OPZnN SBIRRO0zCqE5p+2gCq/se6ZUU/n22R/o15bjTdj8j5a4mL4rFk396EA9g+dN5eHK 4BthWHINpRuqZ7R3txBBOrvsvbCL3jVy/8PWe2qbAZxjg93eU1sTagkkhjQRHEKn MqENBZsk6RfUxyp81qQLHPK3+Ynq+l9B8hKNj1K4I/NtVNEO4w2PnLmuDoTv1OQ7 Yp5y2uvscW4WBUMrzuMqkLWdTnDP8WY8p2Rbk3OyODhx4K64O13asFSEcwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFErIf92rMFKTT9IpU2wnD5ltiOuLMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZhZjAzYzI2LTg2Y2MtNGI4MC1hMTYwLTI4NjFmZjY2YzAzYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYcDAMA0GCSqGSIb3DQEBCwUAA4IBAQA8ywgGjzJ5EqEeP4+V nKPUxo5kuHl5O29FNdnDkjlc6oJbU07MmFD69oKMp8gbGyRdAbxzzE8m3U/BvBRw IYuzOy/rqy6YHjqWs6zUSBYlFpJVbfSTKjXkTrDSg5aohsdRtjY08OsPUg6d2K6G x2ijWFmDTtW8WV3JPpfbW4pHc8/l8g0Oow3uj5yxFT0YhE5S9d7SaN/gaIDLgegf kueCUXzJKGjAiVYPbx0YBgxINR0EYlNo6lp9fpyqHDJqma3GXX+QGxIWUDBep2qW kMG0oIl8n0GCOuBJzNPZ2FH7n7EA+po+9ds9Lc2ed1ZQRlpTThfwai27gnhMzGsS 8hay -----END CERTIFICATE-----Generated at Sat Aug 23 10:17:35 2025 by rpki-client