$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/87bdbd43-8748-4d90-9b3d-91c88f2d844d.roa File: 87bdbd43-8748-4d90-9b3d-91c88f2d844d.roa (raw, json) Hash identifier: VFcgTodCWigFmO+/2Es596P6KSg/mkSW8ntwDAoz4Qk= Subject key identifier: 87:BE:E9:AD:B4:F8:AE:77:59:36:F7:37:B6:CE:25:82:B0:88:50:F7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 12C04B2C4C3AF41F0F3064BBB8E519E637B78421 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/87bdbd43-8748-4d90-9b3d-91c88f2d844d.roa Signing time: Wed 30 Jul 2025 00:01:08 +0000 ROA not before: Wed 30 Jul 2025 00:01:08 +0000 ROA not after: Wed 03 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:20c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:c0:4b:2c:4c:3a:f4:1f:0f:30:64:bb:b8:e5:19:e6:37:b7:84:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 30 00:01:08 2025 GMT Not After : Sep 3 23:59:59 2025 GMT Subject: serialNumber=f10180ee83b35f4de1fd2dba26596113d892ff2da4b656bdb6e21a19d53e83ad, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:a3:d8:35:ec:12:55:c2:f8:e9:37:0e:0a:37: c2:03:99:2f:74:17:2a:92:f9:4f:1c:43:a9:4d:b1: af:ed:c6:5f:91:3e:42:cf:d2:16:43:00:e4:32:22: b9:2e:dd:a8:f2:3d:e4:d0:e2:53:39:83:bd:61:b8: 04:4f:e5:12:a5:ca:59:23:1d:51:9a:f9:27:14:ad: e6:1e:30:3e:5b:b5:2e:60:4c:33:a6:b4:c3:5e:3c: e9:c5:59:bb:cc:1d:63:74:53:d3:1c:fb:23:57:9b: fa:b0:64:52:4e:3b:36:ec:4b:03:00:ef:28:c9:7c: b5:94:18:ce:a2:ba:d3:da:4c:88:c9:e4:a7:b7:c2: 67:35:1a:a0:7a:70:4a:dd:ab:d0:ee:82:2c:bc:43: 2a:5c:ad:56:ce:21:42:09:ec:93:6f:e0:2e:f6:66: 8a:98:ee:04:a3:4f:e3:9a:15:c2:09:7f:ca:88:cb: e5:bd:eb:85:9c:14:00:39:6f:45:c3:44:0c:64:b6: 04:88:c3:b2:5a:d3:93:a1:2c:9b:32:61:0f:ea:e2: 6b:de:20:27:de:e8:9b:df:aa:8f:49:d6:8a:dc:03: 81:37:23:64:63:cc:3f:7c:59:d7:70:25:5e:d2:3a: 0b:d6:49:d8:67:af:6b:d6:b4:64:80:88:ef:3c:73: 33:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:BE:E9:AD:B4:F8:AE:77:59:36:F7:37:B6:CE:25:82:B0:88:50:F7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/87bdbd43-8748-4d90-9b3d-91c88f2d844d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:20c0::/48 Signature Algorithm: sha256WithRSAEncryption bf:00:5b:7a:bd:3d:ed:23:d7:dc:24:04:dd:48:dc:46:48:b1: a7:43:b0:8c:ef:68:67:e6:60:ae:21:4d:e3:ba:d2:e4:ad:1c: 3e:ab:65:11:7e:33:db:a3:07:d1:43:67:0b:2d:2c:1d:12:b1: af:f4:5f:b1:a6:f7:cd:6b:40:a5:68:5c:09:8d:fa:0a:44:6f: 77:01:d3:84:69:d7:88:a4:8f:3b:13:04:4d:51:f9:45:4b:4d: 2a:09:14:55:82:6f:f9:45:22:3c:8d:99:05:2e:f8:7b:bc:12: 49:fe:a9:ce:00:e4:da:c5:ed:05:28:ca:74:81:ea:30:89:53: 33:52:e8:49:7e:f3:0a:fa:02:5a:53:b7:42:8c:fd:21:b5:e1: 02:f0:13:1a:a8:67:d2:75:34:8c:53:66:22:07:ab:c0:8e:b8: 6e:54:9d:14:80:4f:2a:f5:93:46:78:cb:06:48:94:0c:ca:33: 92:cf:df:c2:3e:f5:ca:08:a7:06:ff:18:fe:e0:1a:51:23:81: 64:5d:22:63:f9:a5:7e:95:71:c7:80:17:3e:fd:b8:b6:90:2d: 5f:f1:0e:5e:83:d7:8e:48:f5:6f:19:17:b4:a4:12:27:2f:55: c8:21:24:12:e5:13:04:dc:bb:ba:61:e2:c7:42:ee:d6:fb:17: 96:36:68:d9 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUEsBLLEw69B8PMGS7uOUZ5je3hCEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMDEwOFoX DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAZjEwMTgwZWU4M2IzNWY0ZGUxZmQy ZGJhMjY1OTYxMTNkODkyZmYyZGE0YjY1NmJkYjZlMjFhMTlkNTNlODNhZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqPYNewSVcL46TcOCjfCA5kvdBcq kvlPHEOpTbGv7cZfkT5Cz9IWQwDkMiK5Lt2o8j3k0OJTOYO9YbgET+USpcpZIx1R mvknFK3mHjA+W7UuYEwzprTDXjzpxVm7zB1jdFPTHPsjV5v6sGRSTjs27EsDAO8o yXy1lBjOorrT2kyIyeSnt8JnNRqgenBK3avQ7oIsvEMqXK1WziFCCeyTb+Au9maK mO4Eo0/jmhXCCX/KiMvlveuFnBQAOW9Fw0QMZLYEiMOyWtOToSybMmEP6uJr3iAn 3uib36qPSdaK3AOBNyNkY8w/fFnXcCVe0joL1knYZ69r1rRkgIjvPHMznQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIe+6a20+K53WTb3N7bOJYKwiFD3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg3YmRiZDQzLTg3NDgtNGQ5MC05YjNkLTkxYzg4ZjJkODQ0ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8iDAMA0GCSqGSIb3DQEBCwUAA4IBAQC/AFt6vT3tI9fcJATd SNxGSLGnQ7CM72hn5mCuIU3jutLkrRw+q2URfjPbowfRQ2cLLSwdErGv9F+xpvfN a0ClaFwJjfoKRG93AdOEadeIpI87EwRNUflFS00qCRRVgm/5RSI8jZkFLvh7vBJJ /qnOAOTaxe0FKMp0geowiVMzUuhJfvMK+gJaU7dCjP0hteEC8BMaqGfSdTSMU2Yi B6vAjrhuVJ0UgE8q9ZNGeMsGSJQMyjOSz9/CPvXKCKcG/xj+4BpRI4FkXSJj+aV+ lXHHgBc+/bi2kC1f8Q5eg9eOSPVvGRe0pBInL1XIISQS5RME3Lu6YeLHQu7W+xeW NmjZ -----END CERTIFICATE-----Generated at Thu Jul 31 01:02:33 2025 by rpki-client