$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbf31b97-a191-4a60-a9de-6f29bbef8b2e.roa File: cbf31b97-a191-4a60-a9de-6f29bbef8b2e.roa (raw, json) Hash identifier: EVuciuieEVgXtKlZozH91Vq6Wb0sDf2hLepXjgsVcjg= Subject key identifier: E1:CB:27:34:8D:3E:47:82:17:01:8C:F7:EF:63:7F:64:16:DC:00:DE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2D4411F716AF96DCF995998C85870DB2859BA256 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbf31b97-a191-4a60-a9de-6f29bbef8b2e.roa Signing time: Mon 07 Jul 2025 15:00:43 +0000 ROA not before: Mon 07 Jul 2025 15:00:43 +0000 ROA not after: Mon 11 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:44:11:f7:16:af:96:dc:f9:95:99:8c:85:87:0d:b2:85:9b:a2:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 7 15:00:43 2025 GMT Not After : Aug 11 23:59:59 2025 GMT Subject: serialNumber=0e9cef1bdf42074837fbded049aa2e6bb46d690f71efa4511219bea3419937c6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:d6:78:9c:a0:b1:6f:68:0e:5f:d5:c3:bc:9e: 2b:88:85:44:a8:06:9e:dc:f2:d8:4c:34:a1:f2:2f: 40:09:e0:e6:59:a3:59:65:e4:50:f5:e1:d9:39:3e: 32:1c:9b:e0:48:35:96:11:cd:12:70:9b:c7:05:08: d7:9d:2c:af:15:36:aa:43:e1:05:14:44:e6:fb:40: 21:f5:ae:49:a4:fe:f3:a7:65:6f:d9:58:a7:58:ec: 56:79:82:17:9b:a3:60:04:c0:0c:d1:5b:12:b1:26: 5e:be:1b:56:6c:7b:02:ae:62:dd:82:2b:9c:9a:cd: 16:fe:41:12:5e:89:14:4c:7b:aa:90:54:ac:02:4f: 0e:f2:ab:0a:d5:96:05:27:f1:14:f9:c3:c8:41:b8: 96:6b:a5:ff:9d:70:10:4e:a6:c4:8b:d6:cd:7f:de: 32:b6:5f:9e:8f:43:07:cf:8a:55:63:49:8b:7e:b8: b9:55:a3:6b:c7:76:75:b1:b5:b0:4d:e5:c0:31:11: ec:ab:fd:0f:8c:eb:c5:c8:56:f3:12:f8:9c:ae:c1: a7:a4:62:e0:2b:e5:9c:50:14:27:c4:c0:40:0d:11: 5f:ed:57:49:01:7a:1e:da:e3:32:ef:f7:ed:ce:c8: 50:b5:77:d9:14:bd:2e:c0:3d:11:ba:bb:cd:9b:85: 43:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:CB:27:34:8D:3E:47:82:17:01:8C:F7:EF:63:7F:64:16:DC:00:DE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbf31b97-a191-4a60-a9de-6f29bbef8b2e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:c000::/40 Signature Algorithm: sha256WithRSAEncryption 51:a8:31:7b:e1:9a:df:d0:b4:90:95:52:ad:90:5c:07:8b:9e: b2:47:cd:0f:d5:9a:1c:74:17:2b:a4:7a:8c:f5:be:7b:78:1c: 1e:ec:ae:30:98:1a:de:97:8d:25:04:71:b3:9a:2a:28:20:d8: d4:cb:9e:78:2e:5c:b1:13:b5:bc:3c:5c:2b:53:24:64:f6:10: 81:cb:a0:64:98:69:d6:4a:d7:4c:29:f7:4d:86:eb:47:fe:0b: 0e:70:d8:76:22:f2:fc:08:98:41:7e:7f:24:44:bb:18:dc:04: 99:fa:a4:e4:ab:5d:bd:df:f3:33:b0:95:bd:be:1a:4e:46:4d: 3f:9c:88:d8:15:44:57:e2:e2:e1:04:53:a6:8a:d9:1a:9a:48: 7d:f6:ca:53:4b:65:06:80:16:e7:e0:0c:18:ee:9c:24:8f:5d: 21:5b:fb:89:86:84:63:4d:cd:5e:c2:fd:cb:d7:4e:bb:65:1f: 2c:65:dd:ae:29:ef:81:ba:38:f9:65:a6:69:52:fd:1e:cf:ff: f3:c6:47:d2:02:9f:79:21:37:3c:70:59:df:97:d5:68:c2:f5: ca:44:57:97:a7:e4:62:84:00:ee:97:8b:12:45:b7:97:86:e4: 01:ec:33:a7:3e:93:56:d0:16:1a:c1:16:56:e3:94:02:26:43: 08:1c:f8:9b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULUQR9xavltz5lZmMhYcNsoWbolYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE1MDA0M1oX DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAMGU5Y2VmMWJkZjQyMDc0ODM3ZmJk ZWQwNDlhYTJlNmJiNDZkNjkwZjcxZWZhNDUxMTIxOWJlYTM0MTk5MzdjNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptZ4nKCxb2gOX9XDvJ4riIVEqAae 3PLYTDSh8i9ACeDmWaNZZeRQ9eHZOT4yHJvgSDWWEc0ScJvHBQjXnSyvFTaqQ+EF FETm+0Ah9a5JpP7zp2Vv2VinWOxWeYIXm6NgBMAM0VsSsSZevhtWbHsCrmLdgiuc ms0W/kESXokUTHuqkFSsAk8O8qsK1ZYFJ/EU+cPIQbiWa6X/nXAQTqbEi9bNf94y tl+ej0MHz4pVY0mLfri5VaNrx3Z1sbWwTeXAMRHsq/0PjOvFyFbzEvicrsGnpGLg K+WcUBQnxMBADRFf7VdJAXoe2uMy7/ftzshQtXfZFL0uwD0RurvNm4VDaQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOHLJzSNPkeCFwGM9+9jf2QW3ADeMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NiZjMxYjk3LWExOTEtNGE2MC1hOWRlLTZmMjliYmVmOGIyZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9MAwDQYJKoZIhvcNAQELBQADggEBAFGoMXvhmt/QtJCVUq2Q XAeLnrJHzQ/Vmhx0Fyukeoz1vnt4HB7srjCYGt6XjSUEcbOaKigg2NTLnnguXLET tbw8XCtTJGT2EIHLoGSYadZK10wp902G60f+Cw5w2HYi8vwImEF+fyREuxjcBJn6 pOSrXb3f8zOwlb2+Gk5GTT+ciNgVRFfi4uEEU6aK2RqaSH32ylNLZQaAFufgDBju nCSPXSFb+4mGhGNNzV7C/cvXTrtlHyxl3a4p74G6OPllpmlS/R7P//PGR9ICn3kh NzxwWd+X1WjC9cpEV5en5GKEAO6XixJFt5eG5AHsM6c+k1bQFhrBFlbjlAImQwgc +Js= -----END CERTIFICATE-----Generated at Thu Jul 31 00:58:25 2025 by rpki-client