$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/acf96eac-505d-42a3-ad3b-20402c0f43ed.roa File: acf96eac-505d-42a3-ad3b-20402c0f43ed.roa (raw, json) Hash identifier: cj/SDZr4JedplAdr5itX0bdaou/sK34lvXnryuxw8tg= Subject key identifier: C2:E9:7A:F8:63:1C:F6:02:3B:52:FA:8C:BA:F1:4C:A6:97:0F:CF:7E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 76A2D2A4EFB9CAD0C173C1A35ED499199CD240CC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/acf96eac-505d-42a3-ad3b-20402c0f43ed.roa Signing time: Fri 01 Aug 2025 00:50:37 +0000 ROA not before: Fri 01 Aug 2025 00:50:37 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1d::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:a2:d2:a4:ef:b9:ca:d0:c1:73:c1:a3:5e:d4:99:19:9c:d2:40:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 1 00:50:37 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=e5f963b77add1632439210f04fcf048a7f48f35cef08ea2433d32aa6569af7a9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:71:86:89:9c:5c:ef:30:1d:a7:ef:5d:0e:b7: 04:a9:37:65:d1:07:b1:c9:e2:25:8f:10:b2:d8:c6: 68:04:05:c4:89:cd:fa:39:9f:19:ab:55:62:6b:cb: 0a:f4:71:12:b1:8e:72:bd:b3:69:cd:57:c9:f2:4c: ab:aa:c9:01:86:27:91:f0:15:4b:36:49:fe:d7:82: 6d:65:12:cf:f8:93:e5:f5:6f:19:47:2b:76:a7:12: e8:8a:c2:f5:a6:be:f6:2e:20:8e:6b:9b:20:78:56: c2:4a:49:c7:0d:a6:ee:60:6e:c2:b0:f0:fe:0c:9f: 99:3a:41:8f:6d:91:1d:21:4f:b8:71:0b:43:91:e1: 41:00:4c:a9:39:ac:14:2d:63:92:e1:e8:64:28:9e: 63:3a:e4:76:46:b3:8b:e5:5b:bf:d5:a9:8d:23:79: 7a:68:80:65:7b:66:e5:f8:5a:a9:10:37:20:dc:c5: 48:db:f8:0a:a4:9e:02:9f:17:bc:df:9c:7a:4c:d8: 30:78:2d:67:4b:32:ec:8c:62:eb:f7:2f:b2:92:57: 20:0a:cb:94:90:63:30:ac:89:dd:87:4e:81:50:d8: 6e:ff:47:01:e8:69:09:46:db:0e:6e:7a:2e:b4:3e: 56:df:99:49:b0:14:f2:ed:fd:5d:7e:12:46:3a:cc: d2:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:E9:7A:F8:63:1C:F6:02:3B:52:FA:8C:BA:F1:4C:A6:97:0F:CF:7E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/acf96eac-505d-42a3-ad3b-20402c0f43ed.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1d::/36 Signature Algorithm: sha256WithRSAEncryption 93:2a:33:39:93:a1:88:6a:25:69:db:18:6c:3f:cb:75:44:bb: 63:7d:a3:d3:68:a4:1c:e9:c1:d9:96:96:f9:0c:88:b8:7f:70: a9:94:f5:3c:8e:f5:38:a9:e9:15:5d:6e:ec:b2:45:e5:76:87: 55:c6:08:8c:b4:3f:2d:8b:9a:30:58:26:92:5c:83:94:c1:6d: 6c:fb:39:a2:b6:bc:ab:34:a6:5e:f1:4e:15:63:58:de:85:f2: f2:bf:e2:00:3b:78:50:ba:69:3a:c4:6f:80:af:8d:4b:c5:4e: fc:3c:a1:87:7e:b6:e9:2f:a0:3f:16:a6:11:df:57:84:40:e2: 81:8c:27:86:c0:5c:70:7e:69:05:a7:13:32:25:20:ff:e0:5f: 1a:0b:43:ba:1e:7f:4c:4d:be:dd:3b:7c:95:4e:84:a0:15:9b: 54:cc:6b:47:1e:36:d3:ef:86:65:b1:e5:24:18:1f:85:3f:f3: d5:a8:a9:aa:c8:bb:7a:3e:3a:00:50:2f:80:95:f9:d5:82:1d: ed:d5:fe:81:5e:44:8e:28:24:45:17:5f:ee:ef:fd:c8:3a:de: 63:8f:b7:12:79:73:d0:1c:ae:51:b7:ca:a3:cc:e0:28:58:a3: 65:0d:60:64:d8:98:50:b9:43:df:ac:f8:ea:e0:69:63:81:5e: 90:2a:1f:2a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdqLSpO+5ytDBc8GjXtSZGZzSQMwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMTAwNTAzN1oX DTI1MDkwNTIzNTk1OVowejFJMEcGA1UEBRNAZTVmOTYzYjc3YWRkMTYzMjQzOTIx MGYwNGZjZjA0OGE3ZjQ4ZjM1Y2VmMDhlYTI0MzNkMzJhYTY1NjlhZjdhOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynGGiZxc7zAdp+9dDrcEqTdl0Qex yeIljxCy2MZoBAXEic36OZ8Zq1Via8sK9HESsY5yvbNpzVfJ8kyrqskBhieR8BVL Nkn+14JtZRLP+JPl9W8ZRyt2pxLoisL1pr72LiCOa5sgeFbCSknHDabuYG7CsPD+ DJ+ZOkGPbZEdIU+4cQtDkeFBAEypOawULWOS4ehkKJ5jOuR2RrOL5Vu/1amNI3l6 aIBle2bl+FqpEDcg3MVI2/gKpJ4Cnxe835x6TNgweC1nSzLsjGLr9y+yklcgCsuU kGMwrIndh06BUNhu/0cB6GkJRtsObnoutD5W35lJsBTy7f1dfhJGOszS1wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMLpevhjHPYCO1L6jLrxTKaXD89+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FjZjk2ZWFjLTUwNWQtNDJhMy1hZDNiLTIwNDAyYzBmNDNlZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaHQAwDQYJKoZIhvcNAQELBQADggEBAJMqMzmToYhqJWnbGGw/ y3VEu2N9o9NopBzpwdmWlvkMiLh/cKmU9TyO9Tip6RVdbuyyReV2h1XGCIy0Py2L mjBYJpJcg5TBbWz7OaK2vKs0pl7xThVjWN6F8vK/4gA7eFC6aTrEb4CvjUvFTvw8 oYd+tukvoD8WphHfV4RA4oGMJ4bAXHB+aQWnEzIlIP/gXxoLQ7oef0xNvt07fJVO hKAVm1TMa0ceNtPvhmWx5SQYH4U/89WoqarIu3o+OgBQL4CV+dWCHe3V/oFeRI4o JEUXX+7v/cg63mOPtxJ5c9AcrlG3yqPM4ChYo2UNYGTYmFC5Q9+s+OrgaWOBXpAq Hyo= -----END CERTIFICATE-----Generated at Mon Aug 4 14:58:33 2025 by rpki-client