$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f87e20f6-9969-496b-826b-93811df4045b.roa File: f87e20f6-9969-496b-826b-93811df4045b.roa (raw, json) Hash identifier: an5WWRUto8sZAs49N54WaYR0vaTFssjrzmKxIq4BdW4= Subject key identifier: E3:8D:90:67:D3:85:20:C1:2F:CC:60:27:2D:89:26:40:79:FD:C9:A8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2037B146449F25D91DB292B4BB570AD51F77D469 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f87e20f6-9969-496b-826b-93811df4045b.roa Signing time: Sat 26 Jul 2025 00:00:58 +0000 ROA not before: Sat 26 Jul 2025 00:00:58 +0000 ROA not after: Sat 30 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:2880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Aug 2025 18:53:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:37:b1:46:44:9f:25:d9:1d:b2:92:b4:bb:57:0a:d5:1f:77:d4:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 26 00:00:58 2025 GMT Not After : Aug 30 23:59:59 2025 GMT Subject: serialNumber=caea4923ca78590d3f70d65f73afc77a12de93fab429b4dfd062443ed1b14111, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:ac:cf:47:0c:2c:96:0e:93:34:ed:98:69:cd: 4e:a8:46:13:cb:bf:89:61:e8:4a:b7:44:a9:d2:f6: bd:ad:d6:40:24:91:4a:88:3b:5e:f0:4b:ec:37:20: 2f:79:be:6e:42:f3:8f:42:c6:a7:f3:c5:d6:c8:38: 8d:07:c4:ff:23:f0:8c:c9:42:d7:ba:e9:4e:3e:9d: b8:b0:e4:8d:e0:ae:f3:de:50:42:8b:2b:92:de:d0: 5d:d8:70:b2:e0:af:9e:39:c1:9e:b7:17:65:4c:b8: e1:73:27:ab:39:d0:70:aa:17:0a:4b:e9:c9:64:05: 34:3c:8a:e0:fe:d3:1b:bf:d2:19:6c:1a:96:2b:00: c0:08:f2:6d:b1:40:74:0f:3c:eb:39:33:83:f5:9c: 9e:f6:ad:17:05:21:ce:08:68:69:ec:bc:d9:70:56: c6:9a:99:06:50:bd:e2:d0:36:9b:36:43:ec:99:ab: 2e:75:11:0d:de:b8:b0:c0:c0:be:f5:e5:71:07:10: f3:69:97:9d:9c:d9:33:47:e0:c8:0f:ac:da:f0:d3: 7d:cf:84:7e:cc:bb:81:a1:62:bb:0e:21:31:c2:96: ea:67:22:20:42:9e:0d:77:e6:cf:0a:ca:59:8f:aa: ab:9b:c6:e7:15:6c:3a:9f:c8:f4:5c:28:23:d9:5c: a1:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:8D:90:67:D3:85:20:C1:2F:CC:60:27:2D:89:26:40:79:FD:C9:A8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f87e20f6-9969-496b-826b-93811df4045b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:2880::/48 Signature Algorithm: sha256WithRSAEncryption c6:c5:18:2d:c2:bf:e5:6d:fc:04:92:cb:92:98:3f:d6:3c:1e: 54:00:b8:20:0b:a4:2a:4f:c6:2b:e9:08:c3:47:79:5a:04:6f: 37:aa:35:63:b4:75:0e:dd:2d:df:cc:9f:d6:bf:5e:1e:6b:99: 21:f7:bd:7e:1f:49:a6:31:e9:67:9d:8b:0a:ca:af:f2:c2:54: c2:00:cb:2b:39:94:db:91:d0:fa:f0:a2:92:ec:fe:1c:f5:b2: ab:82:70:39:d0:8b:ae:c5:21:06:57:3f:f5:6f:49:4d:ef:25: ac:77:2c:a2:e7:63:87:2a:3a:67:3b:6d:45:72:ba:fc:06:48: 8a:0b:ad:ee:98:e2:42:14:dc:90:64:57:02:5e:76:43:1c:62: 82:89:10:e5:83:e1:56:f8:0f:c4:56:1f:ef:79:d3:17:51:9b: 47:f8:fa:75:56:15:b1:c9:84:1f:36:0b:39:b0:2d:03:c1:5b: 18:97:aa:2a:93:7d:00:0a:9d:ce:93:b1:42:32:69:91:21:4a: 26:d0:ce:50:3f:13:50:0f:74:62:49:53:35:b6:8d:8e:95:c4: 24:9f:41:cd:82:0d:d1:c8:b1:10:56:29:4f:7b:27:32:5f:3c: ce:e5:7b:dd:af:4a:7a:aa:2a:15:69:67:d9:24:25:17:88:16: ae:1b:36:67 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUIDexRkSfJdkdspK0u1cK1R931GkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyNjAwMDA1OFoX DTI1MDgzMDIzNTk1OVowejFJMEcGA1UEBRNAY2FlYTQ5MjNjYTc4NTkwZDNmNzBk NjVmNzNhZmM3N2ExMmRlOTNmYWI0MjliNGRmZDA2MjQ0M2VkMWIxNDExMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA56zPRwwslg6TNO2Yac1OqEYTy7+J YehKt0Sp0va9rdZAJJFKiDte8EvsNyAveb5uQvOPQsan88XWyDiNB8T/I/CMyULX uulOPp24sOSN4K7z3lBCiyuS3tBd2HCy4K+eOcGetxdlTLjhcyerOdBwqhcKS+nJ ZAU0PIrg/tMbv9IZbBqWKwDACPJtsUB0DzzrOTOD9Zye9q0XBSHOCGhp7LzZcFbG mpkGUL3i0DabNkPsmasudREN3riwwMC+9eVxBxDzaZednNkzR+DID6za8NN9z4R+ zLuBoWK7DiExwpbqZyIgQp4Nd+bPCspZj6qrm8bnFWw6n8j0XCgj2VyhBQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOONkGfThSDBL8xgJy2JJkB5/cmoMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y4N2UyMGY2LTk5NjktNDk2Yi04MjZiLTkzODExZGY0MDQ1Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaACiAMA0GCSqGSIb3DQEBCwUAA4IBAQDGxRgtwr/lbfwEksuS mD/WPB5UALggC6QqT8Yr6QjDR3laBG83qjVjtHUO3S3fzJ/Wv14ea5kh971+H0mm MelnnYsKyq/ywlTCAMsrOZTbkdD68KKS7P4c9bKrgnA50IuuxSEGVz/1b0lN7yWs dyyi52OHKjpnO21Fcrr8BkiKC63umOJCFNyQZFcCXnZDHGKCiRDlg+FW+A/EVh/v edMXUZtH+Pp1VhWxyYQfNgs5sC0DwVsYl6oqk30ACp3Ok7FCMmmRIUom0M5QPxNQ D3RiSVM1to2OlcQkn0HNgg3RyLEQVilPeycyXzzO5Xvdr0p6qioVaWfZJCUXiBau GzZn -----END CERTIFICATE-----Generated at Thu Jul 31 00:59:16 2025 by rpki-client