$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/79dfb2fb-1f9f-40a2-9a76-854d738f28fd.roa File: 79dfb2fb-1f9f-40a2-9a76-854d738f28fd.roa (raw, json) Hash identifier: nKbFHi4JOQe4fzHCpQsiZO7+d62X/5W8vUm8LV/M1Mg= Subject key identifier: 8C:23:AD:93:B6:24:FE:DF:E1:A1:31:79:1C:BA:98:20:25:91:09:19 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 62E1633528CFA013202A938807D5A37F2313A3E4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/79dfb2fb-1f9f-40a2-9a76-854d738f28fd.roa Signing time: Mon 21 Jul 2025 15:01:05 +0000 ROA not before: Mon 21 Jul 2025 15:01:05 +0000 ROA not after: Mon 25 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:880::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:e1:63:35:28:cf:a0:13:20:2a:93:88:07:d5:a3:7f:23:13:a3:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 21 15:01:05 2025 GMT Not After : Aug 25 23:59:59 2025 GMT Subject: serialNumber=429ea0350ad9b0ad8167e9d2d26aee1d4dee9bc164dee83d00565e2b7cd2ca9d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:6d:1d:5e:1c:c0:c8:8f:26:e3:b9:53:ec:d8: 6d:95:3b:61:2a:39:9c:17:34:39:42:68:f1:83:2c: 3f:75:fa:95:73:0c:ee:e4:5a:c5:d4:58:cf:56:b2: 06:fb:de:32:f1:0c:cf:16:98:ad:1e:00:09:4b:cd: 0a:6a:dd:e8:86:ef:16:69:98:c2:21:d0:c2:09:1c: 3e:78:45:03:e6:98:c6:66:34:c4:77:7a:6f:6a:4a: 31:07:25:6a:25:d5:88:38:fa:b4:d1:8a:47:34:bf: 76:2a:ae:79:a6:ff:a4:d3:22:36:a9:b3:56:e2:c8: a0:1c:4b:61:18:8b:1d:72:60:8b:97:e5:5a:47:68: 5a:5f:e2:5e:ca:94:80:ab:be:5f:f2:cc:56:15:64: ab:20:f2:3d:2f:67:5d:b8:9a:61:86:79:6e:16:46: b1:91:60:57:fe:23:97:d2:f0:ee:90:a0:b3:85:70: 7e:c5:8e:7e:bf:13:c9:e2:7e:d6:70:93:a2:75:7f: f0:23:8f:03:ad:2f:c3:f7:4c:0b:48:e1:1f:31:ab: b4:34:9a:81:4a:e3:e2:f4:99:4b:d3:61:95:5a:7e: 81:a9:d5:ad:65:08:f0:4d:a8:42:d4:e9:6e:3d:71: 17:f0:71:fc:3f:33:f1:44:79:0e:f3:82:40:68:88: 54:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:23:AD:93:B6:24:FE:DF:E1:A1:31:79:1C:BA:98:20:25:91:09:19 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/79dfb2fb-1f9f-40a2-9a76-854d738f28fd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:880::/46 Signature Algorithm: sha256WithRSAEncryption 9a:bb:7e:8a:7f:77:b4:fb:f0:0c:95:9d:d9:d5:c2:6e:f2:0e: dd:bc:b2:7f:8e:12:b1:f4:89:8b:7b:cb:b6:fa:66:d7:f7:29: a3:1d:40:46:fa:03:ee:7a:fb:36:ac:1b:91:ca:02:fe:5b:ac: 3d:92:92:86:bf:77:2a:d0:10:7a:4f:1b:f4:6d:f5:c3:31:66: 59:7c:86:3b:c9:bd:01:ff:b3:6b:72:bc:a6:c5:82:af:73:ad: 68:b2:88:c8:71:8d:f4:32:cf:63:8b:7f:d4:3b:bb:b8:41:63: 23:c9:be:60:e5:89:11:d6:39:95:32:72:02:ab:13:06:34:ef: a9:1f:1a:b7:22:80:bc:db:05:4a:d7:07:75:92:2f:d6:4c:b0: 08:da:a8:f9:f1:51:a8:a0:b8:96:ac:d0:e5:c9:37:72:8a:a5: bc:1d:2a:99:61:da:e6:c6:da:53:66:2a:61:f3:ff:4f:21:42: 18:1d:f7:4f:c8:e0:30:a5:aa:55:0f:bc:00:43:18:9d:5a:98: 74:4f:a7:9e:99:76:e4:56:cf:18:df:60:e9:e3:cf:f5:5c:98: b3:fe:5a:0f:68:f3:ed:2c:18:56:59:60:2c:ba:32:8e:22:65: 3e:63:e0:6c:71:73:c5:e0:26:52:50:e8:d5:a9:3f:83:a2:3e: 35:1a:d0:3e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYuFjNSjPoBMgKpOIB9WjfyMTo+QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyMTE1MDEwNVoX DTI1MDgyNTIzNTk1OVowejFJMEcGA1UEBRNANDI5ZWEwMzUwYWQ5YjBhZDgxNjdl OWQyZDI2YWVlMWQ0ZGVlOWJjMTY0ZGVlODNkMDA1NjVlMmI3Y2QyY2E5ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzW0dXhzAyI8m47lT7NhtlTthKjmc FzQ5Qmjxgyw/dfqVcwzu5FrF1FjPVrIG+94y8QzPFpitHgAJS80Kat3ohu8WaZjC IdDCCRw+eEUD5pjGZjTEd3pvakoxByVqJdWIOPq00YpHNL92Kq55pv+k0yI2qbNW 4sigHEthGIsdcmCLl+VaR2haX+JeypSAq75f8sxWFWSrIPI9L2dduJphhnluFkax kWBX/iOX0vDukKCzhXB+xY5+vxPJ4n7WcJOidX/wI48DrS/D90wLSOEfMau0NJqB SuPi9JlL02GVWn6BqdWtZQjwTahC1OluPXEX8HH8PzPxRHkO84JAaIhUWQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIwjrZO2JP7f4aExeRy6mCAlkQkZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc5ZGZiMmZiLTFmOWYtNDBhMi05YTc2LTg1NGQ3MzhmMjhmZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba8wiAMA0GCSqGSIb3DQEBCwUAA4IBAQCau36Kf3e0+/AMlZ3Z 1cJu8g7dvLJ/jhKx9ImLe8u2+mbX9ymjHUBG+gPuevs2rBuRygL+W6w9kpKGv3cq 0BB6Txv0bfXDMWZZfIY7yb0B/7NrcrymxYKvc61osojIcY30Ms9ji3/UO7u4QWMj yb5g5YkR1jmVMnICqxMGNO+pHxq3IoC82wVK1wd1ki/WTLAI2qj58VGooLiWrNDl yTdyiqW8HSqZYdrmxtpTZiph8/9PIUIYHfdPyOAwpapVD7wAQxidWph0T6eemXbk Vs8Y32Dp48/1XJiz/loPaPPtLBhWWWAsujKOImU+Y+BscXPF4CZSUOjVqT+Doj41 GtA+ -----END CERTIFICATE-----Generated at Mon Aug 4 13:57:46 2025 by rpki-client