$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa File: bffbf7d3-f229-458a-8400-7dc848730d21.roa (raw, json) Hash identifier: EnE7HlCtxurtPnKo6gjtbFxqf0g3jTrwWe7EBbvfPHA= Subject key identifier: BB:7F:58:EC:D7:62:D5:87:B6:64:1E:33:25:C5:F2:BB:02:54:8F:8D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 73E6DF4C6B42CE5A545C2AB85AA3E50D2E7B6B68 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa Signing time: Sat 07 Jun 2025 00:01:03 +0000 ROA not before: Sat 07 Jun 2025 00:01:03 +0000 ROA not after: Sat 12 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:c080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:e6:df:4c:6b:42:ce:5a:54:5c:2a:b8:5a:a3:e5:0d:2e:7b:6b:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jun 7 00:01:03 2025 GMT Not After : Jul 12 23:59:59 2025 GMT Subject: serialNumber=97a37d33f810373879ad3660ab2e0b06ec1453020c2285eb6c23c01452932fbf, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:68:38:29:e5:a9:68:41:d6:bb:1e:57:2a:2c: 95:43:38:13:71:d7:34:29:1d:8c:84:de:1e:56:d6: 73:20:0f:b3:36:c4:88:ec:27:83:11:aa:22:f5:a2: 9c:04:57:dd:2f:ea:eb:5d:31:c0:16:3f:8a:19:93: b6:39:1f:bc:39:e5:fe:ef:4f:ce:e6:58:1b:3c:4c: e3:c1:43:f8:86:4b:77:37:ca:85:b6:2c:a5:b1:a0: a1:54:90:f6:a3:6f:6e:2f:f8:7e:a1:11:8e:b1:33: 2e:0b:ca:6c:75:7f:5f:3b:d5:9a:1a:4e:c2:49:a2: 91:60:a3:f8:1b:63:47:49:cb:35:f7:fe:fa:7a:57: b2:79:5d:2e:f6:4c:64:a1:07:16:e1:a2:b9:92:71: 67:fc:6e:fe:df:fc:b6:fd:e8:a5:c3:95:d9:a8:31: d7:81:3f:d0:9e:f3:27:6e:58:a5:86:04:fc:c3:6f: 56:f9:a6:c4:bb:65:55:96:25:84:50:ac:9d:3b:4e: d0:c3:75:60:f1:54:f1:e5:de:85:66:25:0f:02:8e: f3:d4:d5:af:7c:b1:38:fa:d9:a4:10:ff:32:61:8a: 4e:e8:e0:6a:1b:44:74:38:4b:8d:f0:e1:fe:69:6a: 26:61:21:83:a5:db:57:76:c0:81:56:bb:f4:96:dd: 2b:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:7F:58:EC:D7:62:D5:87:B6:64:1E:33:25:C5:F2:BB:02:54:8F:8D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:c080::/48 Signature Algorithm: sha256WithRSAEncryption 57:22:fb:65:9f:3f:58:6e:85:f7:54:d5:b2:97:b8:da:89:dc: b9:e8:08:76:fc:e8:b7:3b:65:99:c7:a0:86:5b:0a:cd:87:0b: 4f:e5:cf:44:7c:d3:b0:47:db:ba:e9:b1:0a:26:89:69:0c:62: 68:a1:d8:00:74:f4:8b:f4:04:db:df:70:37:c0:e2:54:9c:cf: 93:89:de:29:b3:17:e3:7f:ec:f7:45:e2:b5:1d:d0:53:65:54: f6:98:eb:03:e1:5c:b7:65:1f:42:ec:a0:91:28:ec:59:5a:3a: d6:80:af:ba:07:be:9f:fe:c3:11:bf:27:02:29:14:13:e1:e8: 3c:95:c4:a3:95:1b:d1:4c:c4:71:55:16:48:02:0f:8a:dd:c0: 8b:fa:f4:2b:71:89:88:19:de:b3:64:8d:9e:ec:ff:ae:d1:2e: 32:a1:e9:b6:ee:11:b1:ed:dd:8c:b3:2c:39:8f:a1:9f:43:af: 08:41:e0:55:11:d0:c1:e0:d6:22:af:81:4e:79:2c:e8:af:f8: bb:ad:c0:e4:b4:51:0a:f1:7a:23:da:7a:81:15:c8:fc:f0:11: c8:2e:02:12:26:71:54:49:46:66:ad:27:c0:69:aa:f3:7d:51: fc:c7:3f:14:96:f1:46:57:3e:a4:cd:a0:57:e7:4e:cb:56:a9: e9:90:eb:c2 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUc+bfTGtCzlpUXCq4WqPlDS57a2gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDYwNzAwMDEwM1oX DTI1MDcxMjIzNTk1OVowejFJMEcGA1UEBRNAOTdhMzdkMzNmODEwMzczODc5YWQz NjYwYWIyZTBiMDZlYzE0NTMwMjBjMjI4NWViNmMyM2MwMTQ1MjkzMmZiZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWg4KeWpaEHWux5XKiyVQzgTcdc0 KR2MhN4eVtZzIA+zNsSI7CeDEaoi9aKcBFfdL+rrXTHAFj+KGZO2OR+8OeX+70/O 5lgbPEzjwUP4hkt3N8qFtiylsaChVJD2o29uL/h+oRGOsTMuC8psdX9fO9WaGk7C SaKRYKP4G2NHScs19/76eleyeV0u9kxkoQcW4aK5knFn/G7+3/y2/eilw5XZqDHX gT/QnvMnblilhgT8w29W+abEu2VVliWEUKydO07Qw3Vg8VTx5d6FZiUPAo7z1NWv fLE4+tmkEP8yYYpO6OBqG0R0OEuN8OH+aWomYSGDpdtXdsCBVrv0lt0rcQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLt/WOzXYtWHtmQeMyXF8rsCVI+NMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JmZmJmN2QzLWYyMjktNDU4YS04NDAwLTdkYzg0ODczMGQyMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8sCAMA0GCSqGSIb3DQEBCwUAA4IBAQBXIvtlnz9YboX3VNWy l7jaidy56Ah2/Oi3O2WZx6CGWwrNhwtP5c9EfNOwR9u66bEKJolpDGJoodgAdPSL 9ATb33A3wOJUnM+Tid4psxfjf+z3ReK1HdBTZVT2mOsD4Vy3ZR9C7KCRKOxZWjrW gK+6B76f/sMRvycCKRQT4eg8lcSjlRvRTMRxVRZIAg+K3cCL+vQrcYmIGd6zZI2e 7P+u0S4yoem27hGx7d2Msyw5j6GfQ68IQeBVEdDB4NYir4FOeSzor/i7rcDktFEK 8Xoj2nqBFcj88BHILgISJnFUSUZmrSfAaarzfVH8xz8UlvFGVz6kzaBX507LVqnp kOvC -----END CERTIFICATE-----Generated at Sat Jun 14 18:54:04 2025 by rpki-client