$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa File: 42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa (raw, json) Hash identifier: XtX1Lt4hwtZcaESN+kVQKSXd/w7LZpT0uMTT84yrAA8= Subject key identifier: 27:33:E7:63:86:97:8D:8A:D8:80:E1:FE:C2:F5:06:1D:D3:BD:E6:DD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 48F686DE78F4C2BC7CAD47AA528E4F3448230E72 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa Signing time: Mon 28 Jul 2025 15:00:41 +0000 ROA not before: Mon 28 Jul 2025 15:00:41 +0000 ROA not after: Mon 01 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:e0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:f6:86:de:78:f4:c2:bc:7c:ad:47:aa:52:8e:4f:34:48:23:0e:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 28 15:00:41 2025 GMT Not After : Sep 1 23:59:59 2025 GMT Subject: serialNumber=0ba4c7375baa7f1c065c70b330fc6e8684e84db9a04a26075eca8fdc303277b0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:e9:d7:9c:a6:28:65:fd:af:7f:83:c5:5b:26: 06:8f:08:1d:1d:2b:a1:a7:f8:c4:d9:26:c1:6f:7c: 4a:f8:e5:d9:e1:65:04:3f:e7:98:64:51:6e:1d:45: 93:9d:36:ba:64:f3:13:05:8b:2a:4d:39:59:3f:75: 71:d4:a8:90:89:2a:64:a6:d6:f9:92:0a:c5:3f:14: 7f:7a:4b:38:ad:27:f9:58:eb:d1:5c:08:30:71:a3: f0:b7:5c:05:67:ef:7a:01:d8:38:a8:08:31:d2:d3: 12:fd:0b:59:ec:35:86:2d:02:7e:d0:26:c5:aa:7e: 07:69:0f:31:92:c8:81:92:2d:da:90:f1:ed:77:91: f3:d6:0a:95:87:b4:c0:e6:6b:22:6f:08:f5:a7:76: 29:7d:10:6b:e3:9f:1f:74:f8:7e:a9:b6:dc:ea:2a: b0:88:ae:eb:4a:3c:ae:c3:20:82:d7:2b:09:a4:f5: 57:8d:27:25:31:9a:a2:ed:48:6b:e9:04:3c:c1:14: 57:ed:c7:33:4c:3d:81:b8:8a:7b:8b:38:bf:09:62: 93:38:9c:c0:b7:00:37:50:61:7b:21:40:4c:dd:7a: 07:34:11:23:48:63:21:c0:38:54:5e:05:0f:83:ae: 79:65:e7:eb:c3:70:b6:fc:fb:32:40:07:69:1e:43: 41:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:33:E7:63:86:97:8D:8A:D8:80:E1:FE:C2:F5:06:1D:D3:BD:E6:DD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:e0c0::/48 Signature Algorithm: sha256WithRSAEncryption a0:6d:02:53:77:8b:c5:cb:3b:10:83:84:00:b7:47:3f:e4:cb: 67:c3:16:d5:33:d3:f6:cd:ea:b7:3a:13:04:61:47:ca:11:70: eb:2a:01:5f:da:0c:a5:cf:24:fe:20:fd:b2:67:32:86:28:1a: 84:0d:58:7b:5a:4e:64:11:a9:ee:a3:22:f5:4a:57:9e:fc:0e: 8c:58:99:2d:bd:8a:28:fa:b7:da:e1:e8:a0:7b:7a:32:5f:11: 34:6f:1d:ca:fa:87:e6:aa:63:9c:c1:5b:b2:ac:07:54:65:a7: 11:c4:bc:c9:3a:43:d7:44:98:ca:80:55:d2:1a:be:d0:da:7a: 89:9e:64:4f:5d:c0:ac:85:8c:cf:05:e1:dd:07:7d:fb:30:47: 43:f0:38:2f:50:e2:72:5e:65:42:5f:59:7e:50:ae:15:e4:06: 82:3e:7b:80:cc:36:95:da:06:62:34:5d:cc:1f:e8:f8:46:d3: e6:a7:f8:db:f0:cd:23:2a:16:d4:d8:b1:7b:e3:17:38:92:6b: 25:4e:3f:df:83:5f:cf:d7:0a:1d:ec:fa:2f:cd:6a:c7:ee:5f: 12:a8:6f:26:c4:c2:16:9b:dc:c4:29:3b:92:45:19:75:c7:fe: 5d:b2:45:84:5c:d0:07:48:ce:f4:24:ee:ea:08:3f:f0:80:61: 5a:b7:16:7c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUSPaG3nj0wrx8rUeqUo5PNEgjDnIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyODE1MDA0MVoX DTI1MDkwMTIzNTk1OVowejFJMEcGA1UEBRNAMGJhNGM3Mzc1YmFhN2YxYzA2NWM3 MGIzMzBmYzZlODY4NGU4NGRiOWEwNGEyNjA3NWVjYThmZGMzMDMyNzdiMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+nXnKYoZf2vf4PFWyYGjwgdHSuh p/jE2SbBb3xK+OXZ4WUEP+eYZFFuHUWTnTa6ZPMTBYsqTTlZP3Vx1KiQiSpkptb5 kgrFPxR/eks4rSf5WOvRXAgwcaPwt1wFZ+96Adg4qAgx0tMS/QtZ7DWGLQJ+0CbF qn4HaQ8xksiBki3akPHtd5Hz1gqVh7TA5msibwj1p3YpfRBr458fdPh+qbbc6iqw iK7rSjyuwyCC1ysJpPVXjSclMZqi7Uhr6QQ8wRRX7cczTD2BuIp7izi/CWKTOJzA twA3UGF7IUBM3XoHNBEjSGMhwDhUXgUPg655Zefrw3C2/PsyQAdpHkNBvQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCcz52OGl42K2IDh/sL1Bh3TvebdMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQyZmQ1YTk2LTIxZTktNGVmOC1iMjdmLTVhN2Y5OTZiODRkMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8uDAMA0GCSqGSIb3DQEBCwUAA4IBAQCgbQJTd4vFyzsQg4QA t0c/5MtnwxbVM9P2zeq3OhMEYUfKEXDrKgFf2gylzyT+IP2yZzKGKBqEDVh7Wk5k EanuoyL1Slee/A6MWJktvYoo+rfa4eige3oyXxE0bx3K+ofmqmOcwVuyrAdUZacR xLzJOkPXRJjKgFXSGr7Q2nqJnmRPXcCshYzPBeHdB337MEdD8DgvUOJyXmVCX1l+ UK4V5AaCPnuAzDaV2gZiNF3MH+j4RtPmp/jb8M0jKhbU2LF74xc4kmslTj/fg1/P 1wod7PovzWrH7l8SqG8mxMIWm9zEKTuSRRl1x/5dskWEXNAHSM70JO7qCD/wgGFa txZ8 -----END CERTIFICATE-----Generated at Thu Jul 31 00:58:25 2025 by rpki-client