$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bc161549-58e9-4322-ac5f-3df66a9c6022.roa File: bc161549-58e9-4322-ac5f-3df66a9c6022.roa (raw, json) Hash identifier: 4uLWt7B1iWefzFlKaeR1uD6QFcCZ9A65c2r7SbIX6KY= Subject key identifier: 5A:E4:B7:90:7D:DB:72:29:33:86:5E:91:E2:61:A9:17:84:11:7D:33 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 02501976A744C9509BFED2AD1B4E675963312716 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bc161549-58e9-4322-ac5f-3df66a9c6022.roa Signing time: Tue 29 Jul 2025 00:10:08 +0000 ROA not before: Tue 29 Jul 2025 00:10:08 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:40a0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:50:19:76:a7:44:c9:50:9b:fe:d2:ad:1b:4e:67:59:63:31:27:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:10:08 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=5d0580f9c437f6ede2df6e112628e20e4a568dea715358d8660cc5de16c170af, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:02:4a:a6:55:8b:34:fe:01:c1:0e:b0:c4:e5: 15:33:2c:12:6b:90:a3:e1:33:f2:33:23:f4:c5:6b: ee:70:7b:fa:90:0a:ce:06:fa:56:c6:af:5a:5c:72: 36:37:44:4c:b5:58:8f:16:4c:f4:91:32:13:1f:47: 7e:f4:47:2b:e0:e8:62:89:62:a0:58:21:76:fa:ea: c4:67:b3:9f:7c:c6:43:81:5b:c9:87:ff:79:07:68: 98:96:a6:a7:c4:6d:cd:c4:6e:c1:52:18:5c:12:76: a5:a5:9e:35:20:b8:76:2c:28:ab:5a:9c:8d:4e:a3: 29:2a:32:10:1a:fd:42:01:2c:5f:3e:14:36:49:3d: 7f:a3:8b:7e:76:39:cf:e2:46:a1:ac:ea:fe:e2:c6: b1:76:4f:7c:05:df:b9:c1:41:39:39:61:53:34:2b: b5:04:c1:b9:66:81:86:83:e1:19:37:35:05:ae:c1: be:f0:cf:89:d0:9b:a8:0b:6f:9a:58:8b:4e:64:db: 06:70:c5:ac:3b:68:f8:d7:b9:2f:5e:cb:38:e1:1b: fc:94:11:b8:c2:23:d0:21:21:fc:b4:08:97:55:43: 3a:97:81:45:cd:88:a1:9c:da:ba:ea:f1:b3:4a:77: 0e:dc:2e:de:3c:fb:10:f2:a5:8a:2e:54:4f:95:c7: 08:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:E4:B7:90:7D:DB:72:29:33:86:5E:91:E2:61:A9:17:84:11:7D:33 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bc161549-58e9-4322-ac5f-3df66a9c6022.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:40a0::/48 Signature Algorithm: sha256WithRSAEncryption 40:73:0e:4a:8f:a9:0e:9c:22:53:a7:15:fa:1f:de:db:e9:59: 45:f2:80:d6:78:31:a1:b6:1f:32:ad:45:3c:b5:47:89:fb:4e: b8:7c:bd:9e:0f:d6:a2:31:84:24:83:0f:39:70:d6:ce:7c:7c: 02:f7:5b:c0:06:ad:b8:33:47:eb:18:c9:8a:5d:99:7e:c5:6e: 26:9d:6a:f7:3d:9b:53:1c:78:dd:eb:6c:11:0c:73:36:82:97: b2:44:9a:0f:78:48:d3:2c:34:70:9b:6d:b5:11:92:0e:40:36: 0f:27:d7:bb:3d:cf:d4:7c:56:f2:fc:53:31:e7:27:0d:34:30: d8:27:86:7f:89:e2:16:39:81:2b:12:b5:ab:63:51:a1:47:50: 30:39:6f:2d:9b:43:fe:f5:4f:b0:b3:52:61:4e:64:50:b6:ea: f4:8e:33:5a:69:e2:cf:81:0c:7f:07:b8:74:69:78:75:7c:f5: de:d4:95:b0:c7:15:e0:a6:7b:33:e1:c8:7f:fd:34:5b:a8:a6: fb:c0:29:22:4d:d0:1b:ce:98:9c:21:d5:42:58:8a:8b:98:2f: 81:ce:c8:f8:e6:18:74:b1:65:b7:f4:99:1e:fa:f0:4e:18:e5: 3a:27:1f:88:d8:38:d9:d1:fd:9d:27:b6:ba:ea:d9:1c:22:67: 05:b3:10:47 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUAlAZdqdEyVCb/tKtG05nWWMxJxYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwMTAwOFoX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNANWQwNTgwZjljNDM3ZjZlZGUyZGY2 ZTExMjYyOGUyMGU0YTU2OGRlYTcxNTM1OGQ4NjYwY2M1ZGUxNmMxNzBhZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAJKplWLNP4BwQ6wxOUVMywSa5Cj 4TPyMyP0xWvucHv6kArOBvpWxq9aXHI2N0RMtViPFkz0kTITH0d+9Ecr4OhiiWKg WCF2+urEZ7OffMZDgVvJh/95B2iYlqanxG3NxG7BUhhcEnalpZ41ILh2LCirWpyN TqMpKjIQGv1CASxfPhQ2ST1/o4t+djnP4kahrOr+4saxdk98Bd+5wUE5OWFTNCu1 BMG5ZoGGg+EZNzUFrsG+8M+J0JuoC2+aWItOZNsGcMWsO2j417kvXss44Rv8lBG4 wiPQISH8tAiXVUM6l4FFzYihnNq66vGzSncO3C7ePPsQ8qWKLlRPlccIVQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFrkt5B923IpM4ZekeJhqReEEX0zMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JjMTYxNTQ5LTU4ZTktNDMyMi1hYzVmLTNkZjY2YTljNjAyMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/0CgMA0GCSqGSIb3DQEBCwUAA4IBAQBAcw5Kj6kOnCJTpxX6 H97b6VlF8oDWeDGhth8yrUU8tUeJ+064fL2eD9aiMYQkgw85cNbOfHwC91vABq24 M0frGMmKXZl+xW4mnWr3PZtTHHjd62wRDHM2gpeyRJoPeEjTLDRwm221EZIOQDYP J9e7Pc/UfFby/FMx5ycNNDDYJ4Z/ieIWOYErErWrY1GhR1AwOW8tm0P+9U+ws1Jh TmRQtur0jjNaaeLPgQx/B7h0aXh1fPXe1JWwxxXgpnsz4ch//TRbqKb7wCkiTdAb zpicIdVCWIqLmC+Bzsj45hh0sWW39Jke+vBOGOU6Jx+I2DjZ0f2dJ7a66tkcImcF sxBH -----END CERTIFICATE-----Generated at Thu Jul 31 01:02:33 2025 by rpki-client