$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91b902a-3780-4e0a-8062-46df71087b57.roa File: a91b902a-3780-4e0a-8062-46df71087b57.roa (raw, json) Hash identifier: z0V0zSegQgHV01D8cds9NpVKtSAJ4WdZxcceDWzlX0Q= Subject key identifier: 79:BB:48:84:43:15:98:AE:2D:99:DD:E8:00:B7:E8:BC:B4:1F:55:40 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 08812F1AF96F0720A60157CDE3D922C37ACD7060 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91b902a-3780-4e0a-8062-46df71087b57.roa Signing time: Wed 30 Jul 2025 00:01:11 +0000 ROA not before: Wed 30 Jul 2025 00:01:11 +0000 ROA not after: Wed 03 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:81:2f:1a:f9:6f:07:20:a6:01:57:cd:e3:d9:22:c3:7a:cd:70:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 30 00:01:11 2025 GMT Not After : Sep 3 23:59:59 2025 GMT Subject: serialNumber=d762bcc34c0fd626f4ffc84e1ea444403606dc397e85ded6bb9fc08d1ca0672f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:a9:b7:c1:09:5f:9d:5a:4f:bd:14:bc:38:c8: 13:6e:83:44:8a:b2:39:20:68:f8:72:7e:95:a0:c0: 1d:22:a3:ba:4b:42:4e:7a:ae:7e:d1:06:a5:30:e8: d0:13:16:30:19:ef:73:4b:8c:43:50:b6:6c:fd:42: a0:46:78:5f:0b:69:ec:9b:62:84:c6:1b:bd:79:03: b6:b7:56:46:30:a3:e4:8c:68:e4:7e:58:e9:ae:eb: 27:e0:60:aa:86:14:7f:d4:c8:34:f8:01:67:a2:e5: 87:08:3b:0a:a4:e5:33:78:f4:52:ad:13:45:e3:e5: c7:a8:c0:d7:47:03:6b:1d:87:77:88:68:7c:de:f1: 6b:74:d7:f3:72:79:fd:9f:ba:50:8a:c4:72:e4:fa: ee:e3:0e:58:45:20:ab:ae:5d:9e:c4:8a:5d:0a:c3: ff:74:11:00:c6:30:63:68:2e:89:29:c3:75:b9:1e: 66:57:4e:d8:e1:c2:29:55:0e:b3:10:56:82:49:01: 2b:f7:62:0f:11:98:64:74:ba:07:da:61:16:cc:d3: 69:d4:9b:f1:a8:32:5c:5f:26:0e:5e:0f:c7:e4:1a: cc:78:63:e9:d1:ca:84:8f:4b:b8:e4:1b:d9:18:f3: 78:1e:23:96:39:e8:ea:91:aa:63:43:24:06:f6:b0: 0d:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:BB:48:84:43:15:98:AE:2D:99:DD:E8:00:B7:E8:BC:B4:1F:55:40 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91b902a-3780-4e0a-8062-46df71087b57.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:b000::/40 Signature Algorithm: sha256WithRSAEncryption 09:52:8f:60:3d:51:02:2b:a3:73:7a:e2:2c:d1:55:55:c7:f2: 1c:1e:8d:c6:ac:37:e0:34:3d:43:af:02:f4:be:38:a8:0c:d2: f8:a4:25:3f:02:25:6b:d9:61:e4:56:1c:64:41:8c:7f:55:4f: cd:60:36:b8:35:f3:27:eb:1c:25:23:bc:02:83:ce:a5:91:e6: 02:c5:c4:f0:db:a0:69:1d:34:89:30:f8:d7:a3:d5:d3:3c:c1: 7a:f7:26:de:c0:c4:8d:81:51:ab:ef:52:16:cf:ca:91:74:21: 14:c0:41:7d:f8:6f:ac:0e:43:6e:49:32:94:cf:0f:78:c5:7e: ab:65:50:27:98:9b:77:f7:96:13:ad:8b:58:06:8d:38:42:d4: 8e:97:ee:ba:e4:ee:0d:cd:91:90:70:1b:02:23:f5:18:4d:e4: 23:cc:d6:bb:ab:1a:3a:5b:45:37:8d:19:7e:26:9b:ba:e4:5d: 7c:61:ff:69:19:15:e2:7c:f8:65:7c:9c:6e:19:f5:6f:13:b1: c7:6c:65:d6:5e:a7:85:f0:6f:86:b9:a2:79:3b:2e:1d:d7:56: ce:c6:6b:e5:c5:f1:68:ce:87:43:68:7c:59:57:26:12:83:40: df:1e:aa:7e:af:32:01:d0:4a:5b:d3:02:4a:bb:90:36:7a:8d: fd:27:7a:99 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCIEvGvlvByCmAVfN49kiw3rNcGAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMDExMVoX DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAZDc2MmJjYzM0YzBmZDYyNmY0ZmZj ODRlMWVhNDQ0NDAzNjA2ZGMzOTdlODVkZWQ2YmI5ZmMwOGQxY2EwNjcyZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwam3wQlfnVpPvRS8OMgTboNEirI5 IGj4cn6VoMAdIqO6S0JOeq5+0QalMOjQExYwGe9zS4xDULZs/UKgRnhfC2nsm2KE xhu9eQO2t1ZGMKPkjGjkfljprusn4GCqhhR/1Mg0+AFnouWHCDsKpOUzePRSrRNF 4+XHqMDXRwNrHYd3iGh83vFrdNfzcnn9n7pQisRy5Pru4w5YRSCrrl2exIpdCsP/ dBEAxjBjaC6JKcN1uR5mV07Y4cIpVQ6zEFaCSQEr92IPEZhkdLoH2mEWzNNp1Jvx qDJcXyYOXg/H5BrMeGPp0cqEj0u45BvZGPN4HiOWOejqkapjQyQG9rANAwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHm7SIRDFZiuLZnd6AC36Ly0H1VAMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E5MWI5MDJhLTM3ODAtNGUwYS04MDYyLTQ2ZGY3MTA4N2I1Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/7AwDQYJKoZIhvcNAQELBQADggEBAAlSj2A9UQIro3N64izR VVXH8hwejcasN+A0PUOvAvS+OKgM0vikJT8CJWvZYeRWHGRBjH9VT81gNrg18yfr HCUjvAKDzqWR5gLFxPDboGkdNIkw+Nej1dM8wXr3Jt7AxI2BUavvUhbPypF0IRTA QX34b6wOQ25JMpTPD3jFfqtlUCeYm3f3lhOti1gGjThC1I6X7rrk7g3NkZBwGwIj 9RhN5CPM1rurGjpbRTeNGX4mm7rkXXxh/2kZFeJ8+GV8nG4Z9W8TscdsZdZep4Xw b4a5onk7Lh3XVs7Ga+XF8WjOh0NofFlXJhKDQN8eqn6vMgHQSlvTAkq7kDZ6jf0n epk= -----END CERTIFICATE-----Generated at Thu Jul 31 01:05:46 2025 by rpki-client