$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afd5a2d0-5e14-4939-9e39-1f9f26e2f67e.roa File: afd5a2d0-5e14-4939-9e39-1f9f26e2f67e.roa (raw, json) Hash identifier: 09dl8QGYSDDxjQ6z1F9cOdyGuQiMknFRAfG8C11fJcY= Subject key identifier: 63:03:36:FD:2E:E5:3B:93:F7:8D:1A:9D:79:09:5A:7E:A5:62:69:9A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1421881A4C48E46800ABD5FF51F4883D2AA6688B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afd5a2d0-5e14-4939-9e39-1f9f26e2f67e.roa Signing time: Sat 12 Jul 2025 00:00:55 +0000 ROA not before: Sat 12 Jul 2025 00:00:55 +0000 ROA not after: Sat 16 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1a:8000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:21:88:1a:4c:48:e4:68:00:ab:d5:ff:51:f4:88:3d:2a:a6:68:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 12 00:00:55 2025 GMT Not After : Aug 16 23:59:59 2025 GMT Subject: serialNumber=0aceb808aebd19024e750df40f8685850730fafe9183060b511139562f446f14, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:0b:02:43:a4:fc:56:2a:f0:5f:0a:cb:b2:55: ca:5a:09:50:9d:80:20:67:57:a5:42:13:df:2a:e7: b7:42:96:2f:4b:6d:91:ba:af:9e:ad:da:ca:3d:d9: f7:08:7f:e8:ca:3b:77:ad:7e:7d:8d:2f:99:c0:3c: d7:5c:41:9f:18:0f:d2:19:f7:4d:96:2b:99:dd:d4: 25:e2:bd:9f:c9:81:df:e6:65:a3:d7:be:72:02:fd: 96:fc:3b:c8:e4:c7:54:fb:8a:06:d6:b9:c2:a2:ed: 4b:a6:84:c3:0f:5a:4e:6e:6e:a4:73:c7:7d:32:7b: ee:2c:e4:05:fa:c8:4e:48:05:de:71:ce:60:10:84: 88:d4:4f:f9:0c:a4:3a:ba:73:d1:22:2f:54:63:e5: 99:4a:a0:e5:7f:5f:20:55:3d:4e:52:99:1a:86:73: 5b:2b:f0:c4:06:da:d8:01:ed:60:c7:26:b9:d2:8f: b6:f8:59:c0:1e:85:42:f1:7f:1d:27:90:90:16:75: 7a:d2:54:d1:92:1b:ef:28:7a:7b:0e:29:be:03:0c: 03:63:ca:ca:00:52:49:a5:b2:a9:67:fb:f2:fb:d7: 3d:94:f7:c2:07:b4:51:b2:7e:cf:cc:24:b7:c9:a2: 2d:36:42:29:22:fa:9b:33:b1:a0:a0:52:98:f8:0f: b9:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:03:36:FD:2E:E5:3B:93:F7:8D:1A:9D:79:09:5A:7E:A5:62:69:9A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afd5a2d0-5e14-4939-9e39-1f9f26e2f67e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1a:8000::/36 Signature Algorithm: sha256WithRSAEncryption 95:6e:85:ef:c0:e9:38:21:fe:0c:22:aa:b2:44:a8:78:d8:40: 86:0b:4d:ee:29:ca:2f:f0:c8:72:96:cd:f1:97:c2:b9:6e:98: d5:4d:f2:b1:a6:cd:8b:e9:5b:05:72:8e:d7:9c:7a:93:dc:ca: 42:03:6d:c9:83:88:4c:f5:7a:7b:0c:f3:95:93:a2:d8:c9:61: ed:03:a6:2f:ba:97:92:a3:75:73:52:4c:97:29:38:f9:7e:8a: 6f:12:4d:cc:88:f3:36:9e:09:03:76:05:8b:2b:d4:de:1c:f3: a5:55:31:32:94:7a:ca:4e:18:fa:df:23:02:5c:8f:72:0a:88: b1:9e:6a:a1:4b:0d:8d:17:f7:cd:5d:02:2d:a0:1a:c0:12:60: b6:01:7e:2c:87:78:7c:1b:6c:0b:e9:91:c2:18:aa:49:4d:0d: 01:84:6f:3b:16:0d:60:ba:23:96:cf:19:04:09:0f:f5:bb:50: 50:1e:47:c8:45:b1:45:84:05:22:3c:a9:c0:b2:ba:91:c1:90: 9f:2f:a1:2e:e0:52:08:8f:50:53:b9:ba:85:12:44:8a:6a:ee: cb:57:dc:a3:40:dd:1e:59:f7:48:1b:40:d0:08:e4:4f:2c:92: 28:81:c0:5d:44:3e:eb:a0:ee:62:53:e2:4e:e7:68:9a:ef:8f: d1:ff:dc:05 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFCGIGkxI5GgAq9X/UfSIPSqmaIswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcxMjAwMDA1NVoX DTI1MDgxNjIzNTk1OVowejFJMEcGA1UEBRNAMGFjZWI4MDhhZWJkMTkwMjRlNzUw ZGY0MGY4Njg1ODUwNzMwZmFmZTkxODMwNjBiNTExMTM5NTYyZjQ0NmYxNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8AsCQ6T8VirwXwrLslXKWglQnYAg Z1elQhPfKue3QpYvS22Ruq+erdrKPdn3CH/oyjt3rX59jS+ZwDzXXEGfGA/SGfdN liuZ3dQl4r2fyYHf5mWj175yAv2W/DvI5MdU+4oG1rnCou1LpoTDD1pObm6kc8d9 MnvuLOQF+shOSAXecc5gEISI1E/5DKQ6unPRIi9UY+WZSqDlf18gVT1OUpkahnNb K/DEBtrYAe1gxya50o+2+FnAHoVC8X8dJ5CQFnV60lTRkhvvKHp7Dim+AwwDY8rK AFJJpbKpZ/vy+9c9lPfCB7RRsn7PzCS3yaItNkIpIvqbM7GgoFKY+A+5hwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGMDNv0u5TuT940anXkJWn6lYmmaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FmZDVhMmQwLTVlMTQtNDkzOS05ZTM5LTFmOWYyNmUyZjY3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaGoAwDQYJKoZIhvcNAQELBQADggEBAJVuhe/A6Tgh/gwiqrJE qHjYQIYLTe4pyi/wyHKWzfGXwrlumNVN8rGmzYvpWwVyjtecepPcykIDbcmDiEz1 ensM85WTotjJYe0Dpi+6l5KjdXNSTJcpOPl+im8STcyI8zaeCQN2BYsr1N4c86VV MTKUespOGPrfIwJcj3IKiLGeaqFLDY0X981dAi2gGsASYLYBfiyHeHwbbAvpkcIY qklNDQGEbzsWDWC6I5bPGQQJD/W7UFAeR8hFsUWEBSI8qcCyupHBkJ8voS7gUgiP UFO5uoUSRIpq7stX3KNA3R5Z90gbQNAI5E8skiiBwF1EPuug7mJT4k7naJrvj9H/ 3AU= -----END CERTIFICATE-----Generated at Thu Jul 31 00:58:52 2025 by rpki-client