$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1f704d7c-8714-47ad-ab1e-df728b87b2a4.roa File: 1f704d7c-8714-47ad-ab1e-df728b87b2a4.roa (raw, json) Hash identifier: 0cesBKYPqgspqyN29B5DFUpDcl5QqDQDa4oG4JvQ7R8= Subject key identifier: 08:54:1F:2C:BE:4B:22:EB:F1:AE:5E:9C:3B:3B:B1:D6:C7:77:6A:B4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 724ABB290E74FBD8874613485A51E33BE421BD17 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1f704d7c-8714-47ad-ab1e-df728b87b2a4.roa Signing time: Tue 26 Aug 2025 00:10:56 +0000 ROA not before: Tue 26 Aug 2025 00:10:56 +0000 ROA not after: Tue 30 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Sep 2025 00:20:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:4a:bb:29:0e:74:fb:d8:87:46:13:48:5a:51:e3:3b:e4:21:bd:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 26 00:10:56 2025 GMT Not After : Sep 30 23:59:59 2025 GMT Subject: serialNumber=921e4b5184613a97a2cdf4fbfd27396b780e7fd220715aa44ddc3f8ec37f9332, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:db:10:80:c0:65:48:cb:cd:a1:e7:95:e3:e0: 95:9d:78:0f:aa:5e:45:19:6c:a7:3f:54:4d:dd:60: b7:df:bb:f0:6f:2a:f3:88:1e:09:ca:c9:64:31:7c: 43:82:3f:06:6d:89:cc:24:3c:f6:71:a9:bd:3d:87: e9:80:91:7a:fc:f7:ac:5c:fb:74:7b:ff:30:0c:fb: 57:08:3e:92:3e:f5:01:8a:32:01:9d:d9:ff:b7:43: 0a:c0:52:dd:55:11:da:c2:08:ac:4d:d9:9a:69:ae: be:e2:61:93:c7:cc:0f:7e:2d:da:27:62:ef:dc:1f: 0d:44:55:84:d0:41:59:9e:6b:7b:22:47:53:88:ce: 4e:ac:d0:2a:35:2e:50:d8:04:50:8f:a9:95:0c:17: 35:a7:4f:cc:50:47:45:21:ac:30:ec:e8:90:b8:7e: 8a:ac:68:c4:42:2d:3c:c3:ee:33:6b:bd:7c:de:5a: d8:67:ac:f7:7e:b3:2e:97:4a:9a:b4:5a:05:84:80: b0:cd:2e:a7:cc:a9:f7:43:62:da:32:17:c7:a3:49: 8b:78:54:7a:32:81:ee:6d:89:c4:91:00:35:f5:5f: 28:6d:8a:49:98:6c:a0:bf:17:6e:35:77:30:8a:9f: 4f:f6:39:1f:2c:94:8d:1c:70:ce:53:24:aa:f4:ad: a7:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:54:1F:2C:BE:4B:22:EB:F1:AE:5E:9C:3B:3B:B1:D6:C7:77:6A:B4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1f704d7c-8714-47ad-ab1e-df728b87b2a4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:7000::/40 Signature Algorithm: sha256WithRSAEncryption 46:5b:94:6a:33:ed:53:bc:71:2f:2a:5c:d4:12:44:6d:bc:12: 1f:1e:84:53:87:2e:72:dd:b1:75:4d:54:da:40:7f:97:7f:28: 5b:7e:d3:f1:a9:80:f8:ac:da:86:be:2c:81:2a:93:7f:ee:3d: bf:12:7a:29:f7:e5:a3:8e:fe:a2:66:91:2c:35:a8:03:22:04: 27:fb:c1:21:1c:c7:06:84:b6:64:77:8d:a7:06:b0:ec:f5:24: 97:88:1d:ad:1d:cd:b0:2d:2d:4e:f4:9f:d6:78:a4:22:8a:38: 9f:ec:14:24:15:86:c6:0b:e6:01:11:b5:65:5b:e7:65:92:9e: 73:e4:f3:13:16:ad:f6:ce:b4:2a:53:39:b1:76:f4:ad:99:a7: f6:77:a2:97:58:6d:6d:53:74:c6:75:a2:2c:0d:1c:c3:27:0d: 1b:46:b7:c0:ec:19:d4:78:95:e1:42:95:f5:ab:bb:a0:73:e7: 9a:9d:01:27:85:46:4f:9e:23:ce:75:e2:68:36:81:07:f2:54: 6c:bf:72:c7:a4:b1:dd:f5:b1:ff:62:7d:d9:6e:4b:2a:6a:2d: 0a:3c:ee:52:5f:46:51:ed:11:03:32:6a:30:f0:7d:7f:a4:1d: ba:a2:c7:b4:d2:0c:4c:25:23:09:70:02:d6:ae:e4:10:ce:f1: 08:2a:3b:b4 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUckq7KQ50+9iHRhNIWlHjO+QhvRcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgyNjAwMTA1NloX DTI1MDkzMDIzNTk1OVowejFJMEcGA1UEBRNAOTIxZTRiNTE4NDYxM2E5N2EyY2Rm NGZiZmQyNzM5NmI3ODBlN2ZkMjIwNzE1YWE0NGRkYzNmOGVjMzdmOTMzMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49sQgMBlSMvNoeeV4+CVnXgPql5F GWynP1RN3WC337vwbyrziB4JyslkMXxDgj8GbYnMJDz2cam9PYfpgJF6/PesXPt0 e/8wDPtXCD6SPvUBijIBndn/t0MKwFLdVRHawgisTdmaaa6+4mGTx8wPfi3aJ2Lv 3B8NRFWE0EFZnmt7IkdTiM5OrNAqNS5Q2ARQj6mVDBc1p0/MUEdFIaww7OiQuH6K rGjEQi08w+4za7183lrYZ6z3frMul0qatFoFhICwzS6nzKn3Q2LaMhfHo0mLeFR6 MoHubYnEkQA19V8obYpJmGygvxduNXcwip9P9jkfLJSNHHDOUySq9K2n3wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAhUHyy+SyLr8a5enDs7sdbHd2q0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFmNzA0ZDdjLTg3MTQtNDdhZC1hYjFlLWRmNzI4Yjg3YjJhNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+HAwDQYJKoZIhvcNAQELBQADggEBAEZblGoz7VO8cS8qXNQS RG28Eh8ehFOHLnLdsXVNVNpAf5d/KFt+0/GpgPis2oa+LIEqk3/uPb8Sein35aOO /qJmkSw1qAMiBCf7wSEcxwaEtmR3jacGsOz1JJeIHa0dzbAtLU70n9Z4pCKKOJ/s FCQVhsYL5gERtWVb52WSnnPk8xMWrfbOtCpTObF29K2Zp/Z3opdYbW1TdMZ1oiwN HMMnDRtGt8DsGdR4leFClfWru6Bz55qdASeFRk+eI8514mg2gQfyVGy/cseksd31 sf9ifdluSypqLQo87lJfRlHtEQMyajDwfX+kHbqix7TSDEwlIwlwAtau5BDO8Qgq O7Q= -----END CERTIFICATE-----Generated at Fri Sep 19 10:29:21 2025 by rpki-client