$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bc7f9b2-dbc3-4b20-a592-a46685e789c7.roa File: 8bc7f9b2-dbc3-4b20-a592-a46685e789c7.roa (raw, json) Hash identifier: 01nSOgH+dob1lhYkukSA8164KKaGpnS0EYSrZwOAUv4= Subject key identifier: 52:65:55:87:C9:01:25:B2:67:24:5C:12:74:0E:B4:7D:08:D2:DE:B1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3EAC171FBCBC82CB47CDAF1DC0ADC7B4F6FCDB8E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bc7f9b2-dbc3-4b20-a592-a46685e789c7.roa Signing time: Wed 30 Jul 2025 17:52:17 +0000 ROA not before: Wed 30 Jul 2025 17:52:17 +0000 ROA not after: Wed 03 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:ac:17:1f:bc:bc:82:cb:47:cd:af:1d:c0:ad:c7:b4:f6:fc:db:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 30 17:52:17 2025 GMT Not After : Sep 3 23:59:59 2025 GMT Subject: serialNumber=a2a064525f8cc5d3733e0e5b8823efa7f9ec8866f2bb70259634be16fa908f4e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:68:e5:c1:c7:23:93:18:fe:bd:39:d3:27:43: 01:51:e0:01:f0:b9:e3:ed:6e:0f:67:a2:88:99:c4: ee:33:20:44:61:80:cf:5d:7f:e3:e7:d7:bc:68:4e: c9:0f:0b:34:30:4f:89:8f:ed:69:13:b2:8e:ac:d0: 0c:86:14:e9:d5:e7:b4:e9:6d:d5:3d:22:64:b0:8e: 46:fd:b3:3b:c2:f7:1b:93:a1:92:81:04:ff:59:06: 51:c4:f3:1b:17:f2:1a:0a:8c:49:00:16:65:9e:e2: 89:27:ab:dc:99:14:e5:20:77:ab:7b:d8:ff:1e:1c: b3:14:ed:aa:8e:bc:4b:4e:87:d2:c4:37:22:c5:72: 27:d1:19:36:ee:45:7c:77:41:b4:f1:61:a5:4b:3d: 72:5f:bd:6f:f1:33:b4:8a:43:b0:97:2c:e6:7e:8e: 1d:91:03:37:fe:11:be:50:b8:c4:cf:cd:67:10:2a: 36:5f:e3:1e:b9:33:86:8d:e9:35:99:74:0f:2a:62: 35:ab:5b:f0:38:84:91:21:7d:ed:a0:7a:72:9b:a3: 94:2a:0f:39:71:8e:d3:ee:a6:2e:fb:43:ad:59:78: d5:cd:41:8f:e9:15:30:10:5a:a7:d1:55:63:ca:3b: a2:56:61:a6:44:6a:1c:bd:15:bb:f1:4a:9c:d9:ac: f4:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:65:55:87:C9:01:25:B2:67:24:5C:12:74:0E:B4:7D:08:D2:DE:B1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bc7f9b2-dbc3-4b20-a592-a46685e789c7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:c000::/40 Signature Algorithm: sha256WithRSAEncryption b7:17:13:22:11:64:79:c0:82:88:35:65:6e:2c:99:b1:a4:53: 94:2d:4c:95:ed:65:eb:02:a6:9e:ac:54:9a:9f:bb:4c:d0:5c: 86:ac:a5:4a:bf:c0:24:c0:ce:ac:a5:d9:aa:59:be:82:a3:e0: 0b:ef:95:36:4e:d3:84:23:c8:e5:08:e1:d3:0c:de:25:32:af: f4:5a:84:33:b9:3d:ff:d8:98:1a:29:8f:9d:68:87:3a:e8:d1: 7a:b3:dd:56:0f:ea:3e:8f:05:bb:f9:40:cf:12:69:6e:02:f7: 8c:56:1d:54:0e:d6:5f:bf:93:25:bc:68:72:5d:48:a0:a4:9b: f1:b0:89:36:35:49:29:2d:75:72:bb:1f:e8:39:fe:6b:c0:ad: ba:7e:6e:ef:8c:aa:e5:6c:0d:f7:e1:06:f7:49:3b:56:1a:d1: de:6e:d2:b9:f3:19:93:54:3b:66:76:95:47:37:d5:65:c2:c7: 0c:46:b7:53:e2:e4:7c:30:6d:d7:73:8d:f9:50:05:9a:65:51: 85:3d:2e:1f:4d:d0:ad:9c:b0:18:19:d7:80:2f:36:e0:24:19: a3:32:b8:a8:27:e4:d7:1d:c9:05:2b:7e:08:88:ee:56:0e:cd: 66:66:fa:5a:39:76:c5:1d:53:2a:9f:2d:72:7f:9e:69:8a:c1: 0d:fe:ca:ad -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPqwXH7y8gstHza8dwK3HtPb8244wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDE3NTIxN1oX DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAYTJhMDY0NTI1ZjhjYzVkMzczM2Uw ZTViODgyM2VmYTdmOWVjODg2NmYyYmI3MDI1OTYzNGJlMTZmYTkwOGY0ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Gjlwccjkxj+vTnTJ0MBUeAB8Lnj 7W4PZ6KImcTuMyBEYYDPXX/j59e8aE7JDws0ME+Jj+1pE7KOrNAMhhTp1ee06W3V PSJksI5G/bM7wvcbk6GSgQT/WQZRxPMbF/IaCoxJABZlnuKJJ6vcmRTlIHere9j/ HhyzFO2qjrxLTofSxDcixXIn0Rk27kV8d0G08WGlSz1yX71v8TO0ikOwlyzmfo4d kQM3/hG+ULjEz81nECo2X+MeuTOGjek1mXQPKmI1q1vwOISRIX3toHpym6OUKg85 cY7T7qYu+0OtWXjVzUGP6RUwEFqn0VVjyjuiVmGmRGocvRW78Uqc2az0RwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFJlVYfJASWyZyRcEnQOtH0I0t6xMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhiYzdmOWIyLWRiYzMtNGIyMC1hNTkyLWE0NjY4NWU3ODljNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+8AwDQYJKoZIhvcNAQELBQADggEBALcXEyIRZHnAgog1ZW4s mbGkU5QtTJXtZesCpp6sVJqfu0zQXIaspUq/wCTAzqyl2apZvoKj4AvvlTZO04Qj yOUI4dMM3iUyr/RahDO5Pf/YmBopj51ohzro0Xqz3VYP6j6PBbv5QM8SaW4C94xW HVQO1l+/kyW8aHJdSKCkm/GwiTY1SSktdXK7H+g5/mvArbp+bu+MquVsDffhBvdJ O1Ya0d5u0rnzGZNUO2Z2lUc31WXCxwxGt1Pi5HwwbddzjflQBZplUYU9Lh9N0K2c sBgZ14AvNuAkGaMyuKgn5NcdyQUrfgiI7lYOzWZm+lo5dsUdUyqfLXJ/nmmKwQ3+ yq0= -----END CERTIFICATE-----Generated at Mon Aug 4 18:21:09 2025 by rpki-client