$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ff7aeb9b-4fc4-44e8-aa35-b92698a6c334.roa File: ff7aeb9b-4fc4-44e8-aa35-b92698a6c334.roa (raw, json) Hash identifier: 1SMlpelcUluobF6ZlFhO+PsFVMjUS9Jm27iz/sb6CNA= Subject key identifier: BE:6E:3D:3E:71:89:6D:E0:BE:72:4B:F0:E0:FC:0E:6A:12:AB:7B:F6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 440CA44294430606E57038E944290A8588255C91 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ff7aeb9b-4fc4-44e8-aa35-b92698a6c334.roa Signing time: Fri 22 Aug 2025 00:11:39 +0000 ROA not before: Fri 22 Aug 2025 00:11:39 +0000 ROA not after: Fri 26 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:28c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 00:50:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:0c:a4:42:94:43:06:06:e5:70:38:e9:44:29:0a:85:88:25:5c:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 22 00:11:39 2025 GMT Not After : Sep 26 23:59:59 2025 GMT Subject: serialNumber=db5454a6f4d45894cbf362164220df8716d30d8a7033612c35d7696528eb1f0d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:23:9d:5d:2a:47:d7:de:73:9a:91:df:1b:42: d3:03:2c:e3:82:b7:26:2d:6c:93:f6:14:a7:8e:68: 70:37:cc:c2:db:e2:36:7c:74:d7:ab:25:b0:2a:aa: 09:13:ca:5b:20:4a:f8:33:4e:b5:6a:42:b1:5f:ac: 65:ae:ba:9c:67:78:f7:37:64:4b:ae:f7:88:bf:af: a5:bc:7c:35:e8:86:8e:52:aa:76:49:8a:c4:31:c5: 02:ae:32:ae:ed:45:c3:3e:e0:49:7f:38:f9:ec:38: 9a:4f:b7:4f:1c:b0:f6:01:47:89:8b:fd:6c:88:4b: 80:df:31:92:ed:42:57:25:bc:1a:f9:60:1c:5e:7e: 99:25:f2:5a:57:b8:0b:41:22:5a:44:b1:1d:60:50: d1:fd:56:0e:69:c2:16:c4:e0:c5:2a:3a:5e:0f:4a: 71:7b:35:a6:03:cf:8d:8f:db:b9:45:c0:95:cb:74: 90:2a:54:76:d4:04:48:4e:41:3b:43:fb:ca:74:34: a4:0e:a3:d5:61:73:d8:14:27:80:94:73:53:fc:0b: a7:52:6a:df:61:55:0a:40:33:8d:cf:97:46:66:04: cc:a5:da:cc:85:a1:6f:7c:a1:bb:3d:e3:05:ef:9b: e6:e2:e2:d6:74:eb:75:2e:d5:ba:ad:a6:39:09:ce: 1c:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:6E:3D:3E:71:89:6D:E0:BE:72:4B:F0:E0:FC:0E:6A:12:AB:7B:F6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ff7aeb9b-4fc4-44e8-aa35-b92698a6c334.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:28c0::/48 Signature Algorithm: sha256WithRSAEncryption 3f:c2:1d:0d:6e:28:ec:2a:cc:2d:03:ad:93:32:71:9d:98:93: 40:a3:77:08:df:44:fe:61:23:32:22:2b:5b:2b:9a:ed:12:64: 58:1f:a6:bb:20:c0:f1:2e:c6:78:59:42:7d:f5:e7:5a:2a:8b: c0:f8:49:0f:dc:82:ec:3e:57:72:97:59:c4:2e:47:1f:7c:97: 15:93:a2:01:8a:51:08:b9:cc:64:c3:8f:ce:ae:73:25:84:39: 0d:98:fb:83:21:1f:d6:c6:6f:d6:55:a8:6d:dd:30:3d:8b:3c: 52:47:79:1a:45:ab:c3:34:c1:69:9b:a8:bb:09:e7:75:33:0d: bf:b1:42:c3:cb:15:00:eb:85:f3:d0:e3:c4:76:0d:cb:04:8b: 08:70:29:23:42:ca:2c:13:1d:84:1d:f6:93:c4:f9:e8:8b:fa: 5e:51:f5:6f:17:20:91:85:a1:f5:89:72:cc:57:8e:58:d9:21: 6b:49:04:13:62:f4:c8:e5:9d:78:c5:21:94:83:94:07:d3:1a: 9e:78:02:f6:1c:eb:d8:28:b3:b5:f7:af:d5:2c:0d:2b:35:6a: 7f:9e:9a:03:7f:2b:2d:55:88:b0:85:00:68:81:04:46:7b:77: 81:36:e1:c0:e1:6c:ac:6f:40:83:53:db:70:56:fe:57:ea:cb: 55:55:57:1b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIURAykQpRDBgblcDjpRCkKhYglXJEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyMjAwMTEzOVoX DTI1MDkyNjIzNTk1OVowejFJMEcGA1UEBRNAZGI1NDU0YTZmNGQ0NTg5NGNiZjM2 MjE2NDIyMGRmODcxNmQzMGQ4YTcwMzM2MTJjMzVkNzY5NjUyOGViMWYwZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyOdXSpH195zmpHfG0LTAyzjgrcm LWyT9hSnjmhwN8zC2+I2fHTXqyWwKqoJE8pbIEr4M061akKxX6xlrrqcZ3j3N2RL rveIv6+lvHw16IaOUqp2SYrEMcUCrjKu7UXDPuBJfzj57DiaT7dPHLD2AUeJi/1s iEuA3zGS7UJXJbwa+WAcXn6ZJfJaV7gLQSJaRLEdYFDR/VYOacIWxODFKjpeD0px ezWmA8+Nj9u5RcCVy3SQKlR21ARITkE7Q/vKdDSkDqPVYXPYFCeAlHNT/AunUmrf YVUKQDONz5dGZgTMpdrMhaFvfKG7PeMF75vm4uLWdOt1LtW6raY5Cc4cvQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFL5uPT5xiW3gvnJL8OD8DmoSq3v2MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZmN2FlYjliLTRmYzQtNDRlOC1hYTM1LWI5MjY5OGE2YzMzNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOCjAMA0GCSqGSIb3DQEBCwUAA4IBAQA/wh0NbijsKswtA62T MnGdmJNAo3cI30T+YSMyIitbK5rtEmRYH6a7IMDxLsZ4WUJ99edaKovA+EkP3ILs Pldyl1nELkcffJcVk6IBilEIucxkw4/OrnMlhDkNmPuDIR/Wxm/WVaht3TA9izxS R3kaRavDNMFpm6i7Ced1Mw2/sULDyxUA64Xz0OPEdg3LBIsIcCkjQsosEx2EHfaT xPnoi/peUfVvFyCRhaH1iXLMV45Y2SFrSQQTYvTI5Z14xSGUg5QH0xqeeAL2HOvY KLO196/VLA0rNWp/npoDfystVYiwhQBogQRGe3eBNuHA4Wysb0CDU9twVv5X6stV VVcb -----END CERTIFICATE-----Generated at Sat Aug 23 08:09:19 2025 by rpki-client