$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4afcfbcc-a6d2-42d7-bee5-3b08bf62a861.roa File: 4afcfbcc-a6d2-42d7-bee5-3b08bf62a861.roa (raw, json) Hash identifier: hO/DS40+4ZiqIo4Vpo1EfXT5iCZlr/EqLpEtg6JbXR4= Subject key identifier: B1:C6:62:6B:12:3E:9F:0B:60:BA:5A:33:D1:AF:B8:76:F1:DB:F8:7C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 23517F23C24F4F2DC607A452CBC9863E36125098 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4afcfbcc-a6d2-42d7-bee5-3b08bf62a861.roa Signing time: Fri 15 Aug 2025 00:10:24 +0000 ROA not before: Fri 15 Aug 2025 00:10:24 +0000 ROA not after: Fri 19 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:a080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 00:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:51:7f:23:c2:4f:4f:2d:c6:07:a4:52:cb:c9:86:3e:36:12:50:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 15 00:10:24 2025 GMT Not After : Sep 19 23:59:59 2025 GMT Subject: serialNumber=4a7e536b0aa9f1e870a0c457825a4215836a558a577276c3f7e3a71208a1e91d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:ce:f3:d0:21:fd:1f:db:6e:7b:3a:f4:89:95: e3:b2:2f:ba:14:08:b0:44:6d:22:08:27:0e:c1:a5: 00:e6:81:58:9c:91:e1:cb:08:40:34:0e:85:ae:79: f8:c2:54:12:22:89:e5:3f:fe:96:4b:44:1d:c6:81: 7e:89:48:36:39:e1:95:e5:87:00:13:79:68:53:25: d6:e7:ff:dd:f5:59:14:b2:5c:dc:b7:41:2d:76:b4: 73:33:ea:5e:f3:57:c2:a3:bc:12:00:45:5d:24:e1: 07:35:e8:da:3c:a9:75:e7:ba:62:52:d6:2b:e0:00: 63:b8:76:12:25:d8:c3:75:25:4c:43:72:c7:e2:37: b4:56:1d:65:0c:78:4b:3e:61:75:72:d6:0f:d1:dd: d0:4b:ef:c0:92:56:87:75:a1:2e:23:72:fd:1c:83: b2:a9:d9:e1:64:4a:66:5b:5c:87:26:1c:32:7a:62: a3:64:1e:30:bc:d2:9b:5b:92:ea:0d:1b:03:df:a1: c2:8b:74:4d:c9:1f:8c:61:f3:49:dd:fa:36:bd:fa: f9:13:fa:19:1f:76:b8:5d:b7:a7:8f:47:46:16:04: a2:19:67:7b:a1:10:39:0f:a5:de:4c:52:09:ff:b6: 29:91:98:32:e7:10:3b:92:8a:72:1b:7b:e9:b1:91: 28:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:C6:62:6B:12:3E:9F:0B:60:BA:5A:33:D1:AF:B8:76:F1:DB:F8:7C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4afcfbcc-a6d2-42d7-bee5-3b08bf62a861.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:a080::/46 Signature Algorithm: sha256WithRSAEncryption 9b:88:3e:e9:dc:5d:97:52:7a:1c:87:ae:ca:d7:52:a6:7d:56: 10:16:1d:d7:0c:1e:3c:8e:9a:f4:16:5d:65:87:52:45:10:c4: a7:24:89:bd:db:8f:23:40:6e:1c:0b:fd:27:cd:80:f7:35:16: 25:54:1d:1d:ba:b8:07:13:dd:57:4f:78:35:86:97:2c:04:1b: b0:6d:34:a9:7c:69:2d:97:3f:27:f0:d9:bc:71:91:e8:4a:79: 0c:4e:8e:ba:68:2c:2b:c7:c8:ff:36:03:ac:d6:83:17:70:f7: 04:70:4c:a8:e2:db:34:28:75:5d:9b:90:ae:e1:ed:73:d7:71: 5a:8e:66:0e:79:8b:8d:28:87:6d:f8:f5:30:f1:77:54:26:b9: 57:ba:ba:79:17:a8:82:3e:40:3e:af:5f:70:bc:a9:8a:e1:8b: 27:16:03:46:03:a6:3f:ea:d9:fc:86:4d:b8:f1:90:e0:5f:f6: ca:c4:03:e8:f5:ed:d5:ad:e3:64:76:26:f4:9d:83:0c:24:4f: e6:69:e4:7a:6b:ea:25:fd:d8:d1:cd:b3:93:8a:f3:4d:a6:52: c9:ec:37:61:c9:72:1b:fd:ab:f9:20:f1:fe:db:23:af:f8:ca: 3d:b4:51:f9:19:3b:a4:74:3a:cf:9f:8f:fc:50:97:62:60:48: 5f:47:c0:67 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUI1F/I8JPTy3GB6RSy8mGPjYSUJgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgxNTAwMTAyNFoX DTI1MDkxOTIzNTk1OVowejFJMEcGA1UEBRNANGE3ZTUzNmIwYWE5ZjFlODcwYTBj NDU3ODI1YTQyMTU4MzZhNTU4YTU3NzI3NmMzZjdlM2E3MTIwOGExZTkxZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsc7z0CH9H9tuezr0iZXjsi+6FAiw RG0iCCcOwaUA5oFYnJHhywhANA6Frnn4wlQSIonlP/6WS0QdxoF+iUg2OeGV5YcA E3loUyXW5//d9VkUslzct0EtdrRzM+pe81fCo7wSAEVdJOEHNejaPKl157piUtYr 4ABjuHYSJdjDdSVMQ3LH4je0Vh1lDHhLPmF1ctYP0d3QS+/AklaHdaEuI3L9HIOy qdnhZEpmW1yHJhwyemKjZB4wvNKbW5LqDRsD36HCi3RNyR+MYfNJ3fo2vfr5E/oZ H3a4Xbenj0dGFgSiGWd7oRA5D6XeTFIJ/7YpkZgy5xA7kopyG3vpsZEo2wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLHGYmsSPp8LYLpaM9GvuHbx2/h8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRhZmNmYmNjLWE2ZDItNDJkNy1iZWU1LTNiMDhiZjYyYTg2MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba86CAMA0GCSqGSIb3DQEBCwUAA4IBAQCbiD7p3F2XUnoch67K 11KmfVYQFh3XDB48jpr0Fl1lh1JFEMSnJIm9248jQG4cC/0nzYD3NRYlVB0durgH E91XT3g1hpcsBBuwbTSpfGktlz8n8Nm8cZHoSnkMTo66aCwrx8j/NgOs1oMXcPcE cEyo4ts0KHVdm5Cu4e1z13FajmYOeYuNKIdt+PUw8XdUJrlXurp5F6iCPkA+r19w vKmK4YsnFgNGA6Y/6tn8hk248ZDgX/bKxAPo9e3VreNkdib0nYMMJE/maeR6a+ol /djRzbOTivNNplLJ7DdhyXIb/av5IPH+2yOv+Mo9tFH5GTukdDrPn4/8UJdiYEhf R8Bn -----END CERTIFICATE-----Generated at Wed Aug 20 10:39:48 2025 by rpki-client