$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa File: fb17f286-f77e-445f-a084-0fef8b29ef6e.roa (raw, json) Hash identifier: 9u/fOqs16F16QlmOa66wSXPXXw7aLwgF+WubG4mJ/gI= Subject key identifier: F8:AD:A1:9C:61:7A:C4:6A:FB:92:29:68:EF:F5:84:AC:D8:BD:92:48 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2BCAC42DBD3308A22B92B18A4964054514D407A4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa Signing time: Sat 02 Aug 2025 00:00:01 +0000 ROA not before: Sat 02 Aug 2025 00:00:01 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:ca:c4:2d:bd:33:08:a2:2b:92:b1:8a:49:64:05:45:14:d4:07:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Aug 2 00:00:01 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=6f4c75338e2c74361dabd22f8fc042c228769ceb112abfb5806996a12cd224d7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:16:d7:55:46:33:2d:df:2d:70:7e:c9:a8:46: 29:9f:12:41:a9:e6:d1:22:3a:78:9d:79:a2:d5:d0: 64:20:94:a2:22:0d:dc:52:7d:b4:eb:d7:7b:28:57: 7e:de:6c:f9:2f:76:7d:c9:0e:15:0e:0c:62:aa:50: 70:72:7a:26:db:7f:05:f3:e9:aa:45:92:1c:eb:a4: ef:48:e5:97:6b:a4:34:d4:6b:49:5b:18:3b:6f:d5: 4d:91:68:1f:d6:7d:fe:dc:b5:d9:35:6c:ff:8d:34: cf:49:d0:96:ea:54:02:f6:ea:77:fc:f0:dd:62:bd: d6:d6:60:be:ac:6d:a4:7e:f7:7c:5a:ab:a7:29:b5: 71:66:eb:5a:5b:a4:75:ae:92:a5:27:de:49:b1:11: 96:19:32:8b:1e:58:1d:b1:76:df:17:5e:af:4a:7f: f6:1e:ce:a7:22:54:b9:df:85:a5:3e:74:4c:f6:b6: 77:11:f0:90:ca:f1:bc:2d:50:d2:45:09:18:84:6c: a3:42:56:f6:9f:47:4c:00:12:3f:d0:db:90:65:ec: 1b:52:6f:cc:de:46:d8:d0:70:e6:83:09:aa:b5:cc: 39:a1:66:15:a2:96:ed:cb:a9:94:fd:65:1d:10:da: 53:91:34:4e:f2:6c:3e:a7:55:bc:fd:d9:e2:4e:25: 59:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:AD:A1:9C:61:7A:C4:6A:FB:92:29:68:EF:F5:84:AC:D8:BD:92:48 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:800::/40 Signature Algorithm: sha256WithRSAEncryption a5:74:5d:9e:b9:15:89:42:a8:3f:ac:ee:f6:40:cc:9b:f3:2f: f5:b9:11:42:65:30:d9:af:5e:d6:9a:b3:d8:ef:c2:04:f1:9f: 45:a6:f6:ac:cc:51:e4:a6:ff:85:f3:f7:98:67:95:d0:a3:42: 82:9c:c3:9a:39:c8:31:19:51:7f:5d:3c:27:25:8b:10:d2:e7: 91:88:65:07:d2:70:27:9f:21:b9:26:4f:39:d2:d2:f9:ef:a9: 97:28:8a:c7:e0:18:de:e9:dd:7e:6f:68:26:5f:f1:27:f2:5a: 43:4c:c7:da:a8:9c:89:01:8a:83:51:d9:02:f8:29:11:de:eb: e2:17:7e:34:b6:38:da:e2:da:d0:08:99:0b:36:9c:9e:a6:f9: fa:52:e8:ea:ca:c9:94:85:ba:50:a5:42:03:ab:6e:69:25:09: e0:4b:ba:50:23:dd:34:90:04:98:04:a0:05:0b:1d:c6:1c:a8: 06:09:13:d8:a4:66:70:01:be:2f:0a:4c:49:ef:d3:8d:0e:af: 70:bd:e9:3c:95:08:fe:9a:47:31:c9:79:e6:ff:3c:04:9b:41: 0d:ca:dc:1a:a5:ed:5c:72:6a:d8:00:b1:3b:5b:4b:e4:23:7a: 65:11:79:58:7e:e1:b4:54:da:1f:f5:fe:2a:92:fe:e6:ee:41: 0b:2e:cf:4b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUK8rELb0zCKIrkrGKSWQFRRTUB6QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDgwMjAwMDAwMVoX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNANmY0Yzc1MzM4ZTJjNzQzNjFkYWJk MjJmOGZjMDQyYzIyODc2OWNlYjExMmFiZmI1ODA2OTk2YTEyY2QyMjRkNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBbXVUYzLd8tcH7JqEYpnxJBqebR Ijp4nXmi1dBkIJSiIg3cUn2069d7KFd+3mz5L3Z9yQ4VDgxiqlBwcnom238F8+mq RZIc66TvSOWXa6Q01GtJWxg7b9VNkWgf1n3+3LXZNWz/jTTPSdCW6lQC9up3/PDd Yr3W1mC+rG2kfvd8WqunKbVxZutaW6R1rpKlJ95JsRGWGTKLHlgdsXbfF16vSn/2 Hs6nIlS534WlPnRM9rZ3EfCQyvG8LVDSRQkYhGyjQlb2n0dMABI/0NuQZewbUm/M 3kbY0HDmgwmqtcw5oWYVopbty6mU/WUdENpTkTRO8mw+p1W8/dniTiVZHwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPitoZxhesRq+5IpaO/1hKzYvZJIMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZiMTdmMjg2LWY3N2UtNDQ1Zi1hMDg0LTBmZWY4YjI5ZWY2ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauAgwDQYJKoZIhvcNAQELBQADggEBAKV0XZ65FYlCqD+s7vZA zJvzL/W5EUJlMNmvXtaas9jvwgTxn0Wm9qzMUeSm/4Xz95hnldCjQoKcw5o5yDEZ UX9dPCclixDS55GIZQfScCefIbkmTznS0vnvqZcoisfgGN7p3X5vaCZf8SfyWkNM x9qonIkBioNR2QL4KRHe6+IXfjS2ONri2tAImQs2nJ6m+fpS6OrKyZSFulClQgOr bmklCeBLulAj3TSQBJgEoAULHcYcqAYJE9ikZnABvi8KTEnv040Or3C96TyVCP6a RzHJeeb/PASbQQ3K3Bql7VxyatgAsTtbS+QjemUReVh+4bRU2h/1/iqS/ubuQQsu z0s= -----END CERTIFICATE-----Generated at Mon Aug 4 14:15:12 2025 by rpki-client