$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b2fa8e7a-5f8e-4d0e-901b-262d25f5dc1e.roa File: b2fa8e7a-5f8e-4d0e-901b-262d25f5dc1e.roa (raw, json) Hash identifier: AtOh+/WwVhLu9h38JMKl8sZw4VKzcV2KAubziDSc9IM= Subject key identifier: 82:9D:23:C0:26:2F:08:E5:11:CD:12:C0:9B:B7:28:EB:48:1F:12:BF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 452FC9CA1D57C501C913EEDA0EDB426CB16A52C0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b2fa8e7a-5f8e-4d0e-901b-262d25f5dc1e.roa Signing time: Sat 06 Sep 2025 00:00:06 +0000 ROA not before: Sat 06 Sep 2025 00:00:06 +0000 ROA not after: Sat 11 Oct 2025 23:59:59 +0000 asID: 8987 IP address blocks: 2406:da30::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:2f:c9:ca:1d:57:c5:01:c9:13:ee:da:0e:db:42:6c:b1:6a:52:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 6 00:00:06 2025 GMT Not After : Oct 11 23:59:59 2025 GMT Subject: serialNumber=6161c9a39c14c8ae77aaf0bce9c19ed78d9f304253986389435263467b46c5d5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ff:87:b4:b8:25:3b:6b:74:f4:f2:83:db:d7: 89:67:67:86:7f:82:b2:9d:58:36:40:55:d1:5e:15: b1:57:62:a0:a7:0d:25:38:5a:96:cc:8c:cd:2a:a9: 36:da:2b:37:da:1c:89:2e:bc:02:a1:4d:99:a1:f9: b3:52:f0:e3:05:39:1e:9d:7a:ff:3c:34:98:9f:48: 15:64:73:a5:99:2f:0c:10:6e:75:ad:6c:c1:8f:30: 88:f0:bd:e3:64:71:f8:99:ea:19:c7:c5:49:d4:de: 6a:f2:97:c7:25:41:72:5f:f4:6c:08:09:22:2c:14: 62:0c:9a:8b:ae:29:d2:0d:7b:0a:72:d0:8d:dd:f5: c9:26:1d:0f:75:bf:01:b2:87:7b:ec:4d:d8:85:6c: 74:a7:c8:40:61:13:ee:61:85:50:ae:af:af:3e:4a: 2d:63:50:8a:f4:db:98:37:6f:1c:fb:e9:56:31:c9: f5:6e:25:a3:5c:ca:a5:54:38:3e:49:22:3f:b9:5e: 3c:98:c6:11:7f:05:76:07:92:ed:ac:dc:9b:3a:8a: 62:fc:bc:6f:56:b8:94:54:bd:13:f8:e0:44:2b:ce: c3:e1:40:1e:62:7c:5e:2e:b6:18:b0:c3:d9:14:e4: 9c:4f:0e:73:56:6b:80:84:69:12:a0:28:28:2d:8a: 71:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:9D:23:C0:26:2F:08:E5:11:CD:12:C0:9B:B7:28:EB:48:1F:12:BF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b2fa8e7a-5f8e-4d0e-901b-262d25f5dc1e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da30::/32 Signature Algorithm: sha256WithRSAEncryption 31:29:55:3d:15:b5:4b:85:e3:40:98:5a:e4:90:88:7e:63:d8: e5:21:99:29:04:1c:29:ad:4b:9a:aa:2c:d4:f4:01:d3:af:7e: 00:c8:66:d8:0e:a4:80:5c:8f:a4:e1:6e:8d:19:a0:a2:f7:78: 56:d9:4a:0b:3c:5e:c2:1a:dd:78:c3:11:32:74:1b:f1:77:ed: 7a:7c:82:5b:39:dc:d4:ec:88:45:11:69:80:5f:5d:85:75:b0: ba:e2:ed:78:5f:69:96:93:15:0d:67:e2:7a:35:90:5f:75:57: 09:f7:cf:8c:5f:b1:05:5c:f1:38:dd:0e:b3:c5:ba:c0:de:16: 07:f7:98:54:fa:24:d8:22:68:c4:a0:e9:0b:17:de:e7:57:91: d7:98:07:33:c2:86:b7:90:5a:bd:41:3e:93:7e:36:15:19:ad: 24:35:86:7d:78:33:8d:03:c0:f3:13:94:74:dc:93:83:10:95: a5:a7:17:c2:63:1f:76:fc:f6:d7:f9:d3:06:34:12:48:4b:02: 42:c4:04:2d:07:68:f4:5c:95:85:5d:94:98:50:d2:1c:ef:0e: 50:75:b8:9c:6d:e1:d5:fc:5b:48:d1:b6:e4:5d:0e:fe:da:fb: 4c:75:76:12:dd:c8:74:d8:fa:d7:b4:b6:9d:de:f2:70:da:16: 47:58:89:b5 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIURS/Jyh1XxQHJE+7aDttCbLFqUsAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDkwNjAwMDAwNloX DTI1MTAxMTIzNTk1OVowejFJMEcGA1UEBRNANjE2MWM5YTM5YzE0YzhhZTc3YWFm MGJjZTljMTllZDc4ZDlmMzA0MjUzOTg2Mzg5NDM1MjYzNDY3YjQ2YzVkNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyf+HtLglO2t09PKD29eJZ2eGf4Ky nVg2QFXRXhWxV2Kgpw0lOFqWzIzNKqk22is32hyJLrwCoU2ZofmzUvDjBTkenXr/ PDSYn0gVZHOlmS8MEG51rWzBjzCI8L3jZHH4meoZx8VJ1N5q8pfHJUFyX/RsCAki LBRiDJqLrinSDXsKctCN3fXJJh0Pdb8Bsod77E3YhWx0p8hAYRPuYYVQrq+vPkot Y1CK9NuYN28c++lWMcn1biWjXMqlVDg+SSI/uV48mMYRfwV2B5LtrNybOopi/Lxv VriUVL0T+OBEK87D4UAeYnxeLrYYsMPZFOScTw5zVmuAhGkSoCgoLYpxxwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFIKdI8AmLwjlEc0SwJu3KOtIHxK/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IyZmE4ZTdhLTVmOGUtNGQwZS05MDFiLTI2MmQyNWY1ZGMxZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbaMDANBgkqhkiG9w0BAQsFAAOCAQEAMSlVPRW1S4XjQJha5JCI fmPY5SGZKQQcKa1Lmqos1PQB069+AMhm2A6kgFyPpOFujRmgovd4VtlKCzxewhrd eMMRMnQb8XftenyCWznc1OyIRRFpgF9dhXWwuuLteF9plpMVDWfiejWQX3VXCffP jF+xBVzxON0Os8W6wN4WB/eYVPok2CJoxKDpCxfe51eR15gHM8KGt5BavUE+k342 FRmtJDWGfXgzjQPA8xOUdNyTgxCVpacXwmMfdvz21/nTBjQSSEsCQsQELQdo9FyV hV2UmFDSHO8OUHW4nG3h1fxbSNG25F0O/tr7THV2Et3IdNj617S2nd7ycNoWR1iJ tQ== -----END CERTIFICATE-----Generated at Sun Sep 7 13:45:31 2025 by rpki-client