$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/54b90195-351e-449b-8720-119c4baa2b80.roa File: 54b90195-351e-449b-8720-119c4baa2b80.roa (raw, json) Hash identifier: sUWlj9Do86ERoCussSRPubxP6fOgOjHp4O/8cQtyBec= Subject key identifier: 29:01:3A:75:EC:F9:8E:95:29:16:89:C7:B2:50:BA:BB:1E:A5:06:F3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 64F2ACA02D7AB4155F674ACD7BEBBA3E5252DCDB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/54b90195-351e-449b-8720-119c4baa2b80.roa Signing time: Mon 21 Jul 2025 15:00:14 +0000 ROA not before: Mon 21 Jul 2025 15:00:14 +0000 ROA not after: Mon 25 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:70c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 10 Aug 2025 00:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:f2:ac:a0:2d:7a:b4:15:5f:67:4a:cd:7b:eb:ba:3e:52:52:dc:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 21 15:00:14 2025 GMT Not After : Aug 25 23:59:59 2025 GMT Subject: serialNumber=b9e92559490863a933acffa00cf11c73f098c91808db2c4c1f8d6c587b3ad30d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:89:d8:20:6b:6a:7f:79:8d:02:98:a3:07:ad: 1a:04:56:4c:c2:a3:0c:d4:fd:12:62:69:35:cd:52: f4:bb:50:e3:54:4a:08:c8:f4:7a:f6:4c:a5:d8:73: e2:7b:2a:9d:29:93:46:c9:52:28:96:f2:66:23:67: d9:42:9e:47:19:27:7b:33:43:32:c9:dd:59:75:a3: 36:8d:25:51:21:18:cf:7b:f3:66:c8:6f:ed:6f:9a: a4:6b:f6:4b:5a:9f:f4:e3:23:5f:cc:64:ef:7e:d9: 9a:52:e5:9e:93:b3:e4:4b:3a:ba:31:7a:97:9e:2b: a2:60:2d:cb:a2:43:a3:3b:1f:7f:54:75:3d:ce:6d: c2:5b:b6:9d:b9:6a:00:4d:d6:3d:e6:0a:47:bb:9d: cf:3d:cc:9c:6e:fa:cf:b4:cb:5a:40:e3:05:8f:b8: 27:f8:4f:54:9d:97:1f:cc:9d:d6:3c:e2:e4:7a:b9: 7d:4c:12:7b:bb:16:fc:56:fd:6f:77:a9:62:0c:e4: 7b:5e:a6:f4:7d:e9:18:bd:24:d8:2f:db:cf:4d:d1: ce:52:ff:83:99:43:94:21:0c:d7:f2:17:e9:fe:2f: 27:8b:50:1c:59:3d:74:0d:49:75:32:5f:e4:1f:a3: 6c:0d:ef:b8:43:7e:5f:25:04:2f:ce:26:23:29:92: 9c:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:01:3A:75:EC:F9:8E:95:29:16:89:C7:B2:50:BA:BB:1E:A5:06:F3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/54b90195-351e-449b-8720-119c4baa2b80.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:70c0::/46 Signature Algorithm: sha256WithRSAEncryption 09:a3:97:db:46:36:81:1f:da:e3:2c:5d:0d:00:f0:cd:d0:66: 37:2e:b1:c4:a3:46:8f:23:f4:a1:8d:bd:ff:27:27:d7:26:b4: f8:37:ec:92:9d:f4:c0:ab:de:02:82:23:a1:30:15:e5:67:7d: ee:c7:5a:68:e5:1d:37:13:91:05:69:93:4c:be:0f:e7:75:36: e8:02:c7:42:7f:8f:a6:61:09:38:c8:52:fe:87:b9:b2:4c:83: 90:7e:aa:80:8d:ab:3f:dd:07:d0:e2:26:48:b8:99:71:1e:ac: d6:81:bf:a0:ba:71:fe:77:77:f6:83:31:d7:41:49:f0:59:a8: 72:49:81:71:59:c8:cf:45:f0:cf:2c:69:37:e8:91:f1:a4:72: 62:6c:fe:dc:21:e6:76:12:44:65:ee:18:00:65:db:c4:78:dd: 4f:78:84:1a:fb:06:27:65:60:a8:d1:49:0f:d7:51:fe:d7:32: 31:c1:d8:ee:e6:8c:02:31:6a:91:21:fc:21:62:77:0a:a5:e8: 65:ae:5e:02:fa:f8:be:7e:d6:00:10:99:e5:82:36:f8:55:3c: dc:35:67:eb:e5:76:5c:2d:aa:8c:1e:91:ec:51:aa:fc:06:ea: f1:d4:05:e4:83:93:67:e1:88:9c:be:89:f6:98:09:fc:cc:84: 6a:bc:12:35 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZPKsoC16tBVfZ0rNe+u6PlJS3NswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMTE1MDAxNFoX DTI1MDgyNTIzNTk1OVowejFJMEcGA1UEBRNAYjllOTI1NTk0OTA4NjNhOTMzYWNm ZmEwMGNmMTFjNzNmMDk4YzkxODA4ZGIyYzRjMWY4ZDZjNTg3YjNhZDMwZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4nYIGtqf3mNApijB60aBFZMwqMM 1P0SYmk1zVL0u1DjVEoIyPR69kyl2HPieyqdKZNGyVIolvJmI2fZQp5HGSd7M0My yd1ZdaM2jSVRIRjPe/NmyG/tb5qka/ZLWp/04yNfzGTvftmaUuWek7PkSzq6MXqX niuiYC3LokOjOx9/VHU9zm3CW7aduWoATdY95gpHu53PPcycbvrPtMtaQOMFj7gn +E9UnZcfzJ3WPOLkerl9TBJ7uxb8Vv1vd6liDOR7Xqb0fekYvSTYL9vPTdHOUv+D mUOUIQzX8hfp/i8ni1AcWT10DUl1Ml/kH6NsDe+4Q35fJQQvziYjKZKczwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCkBOnXs+Y6VKRaJx7JQursepQbzMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU0YjkwMTk1LTM1MWUtNDQ5Yi04NzIwLTExOWM0YmFhMmI4MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba83DAMA0GCSqGSIb3DQEBCwUAA4IBAQAJo5fbRjaBH9rjLF0N APDN0GY3LrHEo0aPI/Shjb3/JyfXJrT4N+ySnfTAq94CgiOhMBXlZ33ux1po5R03 E5EFaZNMvg/ndTboAsdCf4+mYQk4yFL+h7myTIOQfqqAjas/3QfQ4iZIuJlxHqzW gb+gunH+d3f2gzHXQUnwWahySYFxWcjPRfDPLGk36JHxpHJibP7cIeZ2EkRl7hgA ZdvEeN1PeIQa+wYnZWCo0UkP11H+1zIxwdju5owCMWqRIfwhYncKpehlrl4C+vi+ ftYAEJnlgjb4VTzcNWfr5XZcLaqMHpHsUar8Burx1AXkg5Nn4Yicvon2mAn8zIRq vBI1 -----END CERTIFICATE-----Generated at Wed Aug 6 11:21:46 2025 by rpki-client