$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa File: f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa (raw, json) Hash identifier: y6WbA4WcoLoO5PmrhWoVjrhDY8otreiFvniQUEn6Rz8= Subject key identifier: 1E:41:57:46:D6:7E:24:C5:18:C9:AB:6C:A3:DA:FC:A0:74:ED:8C:42 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0C7E8DDCFED10A028E5F5826FC24FB34BCDDDAF5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa Signing time: Tue 29 Jul 2025 00:30:23 +0000 ROA not before: Tue 29 Jul 2025 00:30:23 +0000 ROA not after: Tue 02 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:2020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:7e:8d:dc:fe:d1:0a:02:8e:5f:58:26:fc:24:fb:34:bc:dd:da:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 29 00:30:23 2025 GMT Not After : Sep 2 23:59:59 2025 GMT Subject: serialNumber=ff6a3f46fb327892df6bd8edbd92723b76e1eac2222ee4be0b6ad6d8e225cf6f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:32:58:c0:1b:8b:e6:66:5e:79:6a:1d:e8:58: 71:65:ae:20:66:3e:7c:16:8d:b7:2c:10:ad:b7:39: 05:d7:63:72:ac:53:2b:4f:d9:be:71:49:92:6f:21: af:71:81:7e:6b:a2:e4:78:01:12:cb:8d:ca:82:ee: e3:76:f6:a3:d7:09:3c:23:e3:04:b9:69:02:fb:be: e0:bf:5e:ef:91:2c:62:1d:00:0d:cb:e1:91:20:47: 48:66:59:82:9c:da:6b:da:f4:cf:07:1f:72:fd:a3: 38:9e:b2:9b:24:46:4b:94:29:eb:55:f1:c6:cf:42: 3a:3c:11:6e:14:ca:ed:d3:cd:d6:5c:5b:c7:2c:0d: b6:5d:68:ff:2d:13:dd:b5:89:13:30:cd:b6:14:6c: 2f:22:d0:c7:9f:3f:0b:1d:b4:1a:71:4a:78:9f:f6: b7:9c:b9:c9:3b:58:3a:8b:7d:9b:ad:cf:04:a3:5b: 36:be:bd:86:4c:2a:f9:1b:23:fd:8e:e8:2e:36:83: 73:aa:b9:c4:4f:e0:17:b7:73:2b:0e:5c:ec:a9:3f: 2b:03:2b:63:e0:52:44:f2:85:fa:aa:89:2e:5e:4f: de:c8:e1:a7:be:78:df:44:b6:c9:1a:97:cc:ad:0b: 45:3b:8a:48:30:36:81:3d:8f:a8:1a:17:64:e7:3a: 9f:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:41:57:46:D6:7E:24:C5:18:C9:AB:6C:A3:DA:FC:A0:74:ED:8C:42 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:2020::/48 Signature Algorithm: sha256WithRSAEncryption 02:c7:72:59:d8:4d:f9:7c:09:ae:95:f2:07:bd:89:84:83:e6: 63:31:e4:ae:99:9c:02:95:52:85:9a:d8:6a:65:3c:b3:30:28: 28:74:3f:51:ea:54:e9:59:20:25:41:f6:22:24:6e:37:02:57: ef:cf:b8:3b:44:1a:05:c3:0a:3e:7f:c9:e0:b1:fd:5c:45:42: 13:8f:c6:11:10:63:fa:3a:9f:42:c8:fb:5d:dd:cd:32:4d:3f: fc:55:80:84:67:0e:77:64:11:23:bb:de:3d:3f:40:2b:8a:40: a6:8f:a1:16:66:7f:4c:a1:6f:05:7a:eb:7b:02:4a:2d:34:49: 02:cf:6c:4e:37:a6:b4:3d:1f:ef:d2:36:84:90:53:fe:8a:ef: 61:56:b7:e7:ae:5b:9e:75:1c:22:82:6d:9d:cc:f9:1f:c4:23: 4d:21:4e:3f:55:d9:36:5b:45:da:53:08:2f:50:b3:1a:e9:62: b1:60:8a:49:32:32:c4:5e:0a:1f:28:66:ee:f0:7a:4e:b6:20: 16:65:f0:07:7d:9c:10:0b:55:ba:ea:7b:c8:40:02:43:7e:fe: ee:cb:1b:14:1d:df:71:55:2d:26:f7:22:26:67:3c:bc:46:31: 43:52:25:e7:62:4f:84:92:e3:a9:f7:b5:20:25:67:2b:05:1d: 4a:09:4c:57 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUDH6N3P7RCgKOX1gm/CT7NLzd2vUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwMzAyM1oX DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNAZmY2YTNmNDZmYjMyNzg5MmRmNmJk OGVkYmQ5MjcyM2I3NmUxZWFjMjIyMmVlNGJlMGI2YWQ2ZDhlMjI1Y2Y2ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4TJYwBuL5mZeeWod6FhxZa4gZj58 Fo23LBCttzkF12NyrFMrT9m+cUmSbyGvcYF+a6LkeAESy43Kgu7jdvaj1wk8I+ME uWkC+77gv17vkSxiHQANy+GRIEdIZlmCnNpr2vTPBx9y/aM4nrKbJEZLlCnrVfHG z0I6PBFuFMrt083WXFvHLA22XWj/LRPdtYkTMM22FGwvItDHnz8LHbQacUp4n/a3 nLnJO1g6i32brc8Eo1s2vr2GTCr5GyP9juguNoNzqrnET+AXt3MrDlzsqT8rAytj 4FJE8oX6qokuXk/eyOGnvnjfRLbJGpfMrQtFO4pIMDaBPY+oGhdk5zqfZQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFB5BV0bWfiTFGMmrbKPa/KB07YxCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YzYmEzMjUxLWE1MDItNGNmOC05YmM1LTQ0OWIxMzc2YmUwZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYSAgMA0GCSqGSIb3DQEBCwUAA4IBAQACx3JZ2E35fAmulfIH vYmEg+ZjMeSumZwClVKFmthqZTyzMCgodD9R6lTpWSAlQfYiJG43Alfvz7g7RBoF wwo+f8ngsf1cRUITj8YREGP6Op9CyPtd3c0yTT/8VYCEZw53ZBEju949P0ArikCm j6EWZn9MoW8Feut7AkotNEkCz2xON6a0PR/v0jaEkFP+iu9hVrfnrluedRwigm2d zPkfxCNNIU4/Vdk2W0XaUwgvULMa6WKxYIpJMjLEXgofKGbu8HpOtiAWZfAHfZwQ C1W66nvIQAJDfv7uyxsUHd9xVS0m9yImZzy8RjFDUiXnYk+EkuOp97UgJWcrBR1K CUxX -----END CERTIFICATE-----Generated at Thu Jul 31 00:59:15 2025 by rpki-client