$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa File: bffbf7d3-f229-458a-8400-7dc848730d21.roa (raw, json) Hash identifier: z6eDI3As3hUQxwAUCOrBq/GsgmEXKN1/QWFIcEz2DUM= Subject key identifier: 80:B4:F6:4F:4B:15:76:66:9D:04:B0:77:D9:00:95:4D:9D:4F:50:50 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6AEDEAF54E2C2748083B9B234D67AE2D3417D994 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa Signing time: Mon 28 Jul 2025 15:00:16 +0000 ROA not before: Mon 28 Jul 2025 15:00:16 +0000 ROA not after: Mon 01 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:c080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:ed:ea:f5:4e:2c:27:48:08:3b:9b:23:4d:67:ae:2d:34:17:d9:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 28 15:00:16 2025 GMT Not After : Sep 1 23:59:59 2025 GMT Subject: serialNumber=1b20965a6aa6655599ac72c1f9a492edebd0d562b82846655b551aac423e417d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:3a:1d:a6:f1:a5:2e:cd:bc:20:27:c3:c0:2a: cb:9c:a5:34:2f:15:9d:9c:21:e5:0d:2e:61:11:3f: 8c:bc:32:fc:24:dd:1d:17:07:e0:8c:79:12:07:4c: f8:0e:f9:68:8f:56:c8:f9:a6:30:19:62:3a:d9:2a: ec:8d:0c:cf:f8:cf:5b:b4:44:cd:2f:94:6e:f7:75: 71:77:48:2a:28:14:11:9d:d1:9c:f2:3e:bf:2e:b4: be:97:f2:71:b5:36:fc:7d:a8:27:16:9c:87:1d:46: 37:8e:48:da:58:fe:32:99:61:37:51:13:67:0f:95: f9:98:98:8d:b0:ad:69:5d:bb:52:95:a7:94:55:1a: 41:f8:70:11:69:47:a0:81:38:9f:37:4f:2c:a0:2b: a9:f7:27:0a:7d:9a:15:ff:ca:cc:b8:1c:a2:6f:cb: 12:d0:db:95:30:57:30:3a:80:9f:98:cb:dd:0e:3f: 86:f8:d3:9d:66:d4:ef:05:98:7d:89:76:03:f5:59: 27:0a:a8:e5:10:f6:b8:df:28:ac:06:26:f0:fb:bc: df:5c:c5:d7:a5:e2:59:08:6d:64:40:31:12:f6:87: f6:dc:a8:d4:7f:12:6c:3b:cb:22:e2:50:03:f9:c2: cf:85:fc:ff:d0:7a:1e:82:5f:67:f4:7e:62:82:8b: 46:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:B4:F6:4F:4B:15:76:66:9D:04:B0:77:D9:00:95:4D:9D:4F:50:50 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:c080::/48 Signature Algorithm: sha256WithRSAEncryption 45:d9:24:c3:c1:a1:b2:64:c0:3e:63:17:b8:11:54:1b:a3:3e: 2a:0e:02:15:e8:99:20:c9:2d:a2:cc:1a:16:79:df:36:1b:77: 25:4e:91:a1:82:1b:c6:16:50:ed:08:62:c1:20:2a:86:55:bf: 62:f4:ec:33:d5:6e:89:2b:d6:5a:11:a7:06:1e:58:31:08:de: 0a:ee:aa:f9:9b:d1:ff:a3:40:a7:f0:c6:80:88:60:35:0c:9c: a0:a9:17:67:fd:bb:59:4a:04:0d:e6:74:d1:27:8a:28:9f:84: cc:81:ec:41:48:51:8a:1c:d4:64:b5:e9:c8:e8:5a:66:8c:e8: b5:1c:5a:4f:86:31:c7:38:9e:6f:ff:cf:d4:cd:f1:ee:e9:70: 8d:fd:ad:ea:20:3f:1b:3f:87:58:ae:7d:44:02:fd:19:d9:4e: 9c:a9:c7:ca:45:5c:92:cf:1d:67:5b:54:18:8f:3b:87:d4:72: 3a:79:5f:fe:e9:a9:2b:85:c8:1c:37:0e:40:47:0e:72:fd:26: f9:b0:4a:1e:9a:74:0b:16:b3:d7:1a:c7:c5:bf:95:50:66:68: e0:fc:14:03:7e:71:d8:8d:3d:38:ba:77:4f:4f:8d:24:c0:1e: 4a:86:9b:d1:3b:c6:9e:27:09:15:36:a7:8f:fd:36:4f:0b:c4: fa:ce:38:08 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUau3q9U4sJ0gIO5sjTWeuLTQX2ZQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyODE1MDAxNloX DTI1MDkwMTIzNTk1OVowejFJMEcGA1UEBRNAMWIyMDk2NWE2YWE2NjU1NTk5YWM3 MmMxZjlhNDkyZWRlYmQwZDU2MmI4Mjg0NjY1NWI1NTFhYWM0MjNlNDE3ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjodpvGlLs28ICfDwCrLnKU0LxWd nCHlDS5hET+MvDL8JN0dFwfgjHkSB0z4Dvloj1bI+aYwGWI62SrsjQzP+M9btETN L5Ru93Vxd0gqKBQRndGc8j6/LrS+l/JxtTb8fagnFpyHHUY3jkjaWP4ymWE3URNn D5X5mJiNsK1pXbtSlaeUVRpB+HARaUeggTifN08soCup9ycKfZoV/8rMuByib8sS 0NuVMFcwOoCfmMvdDj+G+NOdZtTvBZh9iXYD9VknCqjlEPa43yisBibw+7zfXMXX peJZCG1kQDES9of23KjUfxJsO8si4lAD+cLPhfz/0Hoegl9n9H5igotGQQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIC09k9LFXZmnQSwd9kAlU2dT1BQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JmZmJmN2QzLWYyMjktNDU4YS04NDAwLTdkYzg0ODczMGQyMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8sCAMA0GCSqGSIb3DQEBCwUAA4IBAQBF2STDwaGyZMA+Yxe4 EVQboz4qDgIV6JkgyS2izBoWed82G3clTpGhghvGFlDtCGLBICqGVb9i9Owz1W6J K9ZaEacGHlgxCN4K7qr5m9H/o0Cn8MaAiGA1DJygqRdn/btZSgQN5nTRJ4oon4TM gexBSFGKHNRktenI6FpmjOi1HFpPhjHHOJ5v/8/UzfHu6XCN/a3qID8bP4dYrn1E Av0Z2U6cqcfKRVySzx1nW1QYjzuH1HI6eV/+6akrhcgcNw5ARw5y/Sb5sEoemnQL FrPXGsfFv5VQZmjg/BQDfnHYjT04undPT40kwB5KhpvRO8aeJwkVNqeP/TZPC8T6 zjgI -----END CERTIFICATE-----Generated at Thu Jul 31 01:05:47 2025 by rpki-client