$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa File: 02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa (raw, json) Hash identifier: HVjrbfc0lZI3FyO4xOiHwUvFgk8VFkIE50ACfdu+1sE= Subject key identifier: AA:67:CF:8B:08:18:DA:7D:AE:B3:CD:28:32:46:8D:B1:EA:1B:53:79 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4DAE6D2AA8CD79A4BD7ABC3C5DE71CAB04862765 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa Signing time: Fri 01 Aug 2025 00:01:26 +0000 ROA not before: Fri 01 Aug 2025 00:01:26 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:ae:6d:2a:a8:cd:79:a4:bd:7a:bc:3c:5d:e7:1c:ab:04:86:27:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:01:26 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=b36b9f48fb9e8ee3317c959cd725c257170cc036d29c2184b87844262ce3db5a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:77:c0:dd:75:e0:a5:39:4c:d6:aa:8f:f4:5d: 76:30:d7:c8:34:8d:05:6f:55:c4:f0:5b:43:1a:9e: 80:c2:e3:a3:57:f8:dc:42:9e:39:c3:e9:b0:97:f6: a3:a3:ca:70:b9:d0:8d:03:15:37:16:73:d0:d2:d0: 6e:7d:ae:a9:3a:7e:10:19:b6:39:c3:e4:f0:1e:75: eb:bf:f9:9f:a2:08:5c:8d:ac:a9:8c:19:28:76:f1: 30:8a:ee:83:bb:92:f2:ba:58:02:4b:9a:fc:07:d7: f8:fa:00:be:e1:d5:a0:66:94:30:e8:7f:61:1e:44: 44:fa:9d:33:8a:91:eb:3e:04:96:13:af:68:54:2c: a1:a2:46:cf:22:d1:c5:04:39:6f:64:71:76:06:59: 6a:d4:36:98:1e:f8:6f:5e:3d:e4:2e:9a:e5:e7:1e: d5:8d:79:40:67:c3:99:29:d6:d8:ee:ea:76:b3:2f: 09:70:95:4e:51:2d:fa:f4:22:10:ca:b8:70:ee:48: 4b:6f:a2:60:09:b3:3a:02:5e:07:c8:b4:2f:55:a4: 4d:f9:eb:73:e6:40:16:e4:a7:f3:2b:19:ea:c2:fc: 04:d7:64:ca:6a:a0:b6:54:de:6e:c0:ab:0a:ce:b1: d0:a4:d9:f9:52:b7:73:d9:35:8a:16:62:5d:c6:b0: ef:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:67:CF:8B:08:18:DA:7D:AE:B3:CD:28:32:46:8D:B1:EA:1B:53:79 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:2000::/40 Signature Algorithm: sha256WithRSAEncryption 5e:bf:16:4f:95:b8:19:24:95:07:2b:f7:ec:60:52:71:22:a5: 08:2c:bf:97:11:5d:49:7a:c1:84:bf:cf:c9:41:6d:95:de:b8: d7:8d:b2:7a:2a:d5:c3:c2:fa:7d:58:2f:79:ec:ba:44:79:4d: fd:f9:f5:60:fd:cd:48:0a:16:35:0f:14:68:28:0d:d0:9c:c2: a6:d6:2c:f9:f2:b1:91:b2:d4:be:f1:b7:0c:db:ae:00:c9:a3: e0:9f:71:31:c6:1c:ae:27:0e:04:82:f5:ad:81:f5:21:b1:aa: 4f:57:74:53:55:7c:2f:78:61:b7:ef:6b:db:af:d5:94:ce:92: 3c:c2:24:8a:59:88:38:3a:04:11:7f:f8:0f:1a:21:58:7c:b9: 20:7e:58:6f:32:bd:52:76:9d:56:04:3a:72:c4:5e:a4:b4:93: dd:55:a3:bd:09:aa:6d:75:f0:d0:c4:19:38:4b:93:42:82:22: 6d:9d:68:28:86:7b:08:b1:a1:07:a1:44:34:4c:6f:76:9d:05: c2:06:88:47:39:8e:9a:4a:a7:18:aa:15:6f:ac:58:b0:3c:7e: aa:2a:3e:db:1a:95:5a:97:58:8e:ec:8d:4e:7d:90:96:d0:57: c8:f9:a5:a0:17:69:64:c3:59:cf:83:98:b3:5a:23:0b:2b:b2: 8a:32:2d:9e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUTa5tKqjNeaS9erw8XeccqwSGJ2UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwMDEyNloX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAYjM2YjlmNDhmYjllOGVlMzMxN2M5 NTljZDcyNWMyNTcxNzBjYzAzNmQyOWMyMTg0Yjg3ODQ0MjYyY2UzZGI1YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXfA3XXgpTlM1qqP9F12MNfINI0F b1XE8FtDGp6AwuOjV/jcQp45w+mwl/ajo8pwudCNAxU3FnPQ0tBufa6pOn4QGbY5 w+TwHnXrv/mfoghcjaypjBkodvEwiu6Du5LyulgCS5r8B9f4+gC+4dWgZpQw6H9h HkRE+p0zipHrPgSWE69oVCyhokbPItHFBDlvZHF2Bllq1DaYHvhvXj3kLprl5x7V jXlAZ8OZKdbY7up2sy8JcJVOUS369CIQyrhw7khLb6JgCbM6Al4HyLQvVaRN+etz 5kAW5KfzKxnqwvwE12TKaqC2VN5uwKsKzrHQpNn5Urdz2TWKFmJdxrDvaQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKpnz4sIGNp9rrPNKDJGjbHqG1N5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAyYTUxZTU0LTZiYjUtNDNlNy05NGQwLWE4ZTk1NzcxZjJhMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8SAwDQYJKoZIhvcNAQELBQADggEBAF6/Fk+VuBkklQcr9+xg UnEipQgsv5cRXUl6wYS/z8lBbZXeuNeNsnoq1cPC+n1YL3nsukR5Tf359WD9zUgK FjUPFGgoDdCcwqbWLPnysZGy1L7xtwzbrgDJo+CfcTHGHK4nDgSC9a2B9SGxqk9X dFNVfC94Ybfva9uv1ZTOkjzCJIpZiDg6BBF/+A8aIVh8uSB+WG8yvVJ2nVYEOnLE XqS0k91Vo70Jqm118NDEGThLk0KCIm2daCiGewixoQehRDRMb3adBcIGiEc5jppK pxiqFW+sWLA8fqoqPtsalVqXWI7sjU59kJbQV8j5paAXaWTDWc+DmLNaIwsrsooy LZ4= -----END CERTIFICATE-----Generated at Mon Aug 4 14:04:21 2025 by rpki-client