$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/05228447-3f22-4780-bbc7-8543ea233efb.roa File: 05228447-3f22-4780-bbc7-8543ea233efb.roa (raw, json) Hash identifier: vje9O4GxbybmFT50fn/42YVbFK+7brHJWH/tq45Kr5E= Subject key identifier: C9:2F:18:E8:97:BD:85:8A:89:D5:59:AA:E1:53:90:D2:AF:02:61:02 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6E09E00A9B75B4FD468C915A0557293F7449E12B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/05228447-3f22-4780-bbc7-8543ea233efb.roa Signing time: Fri 26 Sep 2025 00:01:33 +0000 ROA not before: Fri 26 Sep 2025 00:01:33 +0000 ROA not after: Fri 31 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daef:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:09:e0:0a:9b:75:b4:fd:46:8c:91:5a:05:57:29:3f:74:49:e1:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 26 00:01:33 2025 GMT Not After : Oct 31 23:59:59 2025 GMT Subject: serialNumber=fc7f830ad4b2ba616cc386da6cd56cc30942ac24f0baee81f9cd295f013b0fbd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:42:ea:e0:8b:51:fb:b0:de:08:7a:eb:08:83: f1:c4:b2:0e:63:11:39:56:27:e8:b8:e0:68:4d:f2: 23:b8:21:52:28:6e:88:27:4f:75:36:04:09:a4:33: 6a:2b:22:4f:d2:5d:e5:20:56:ff:4e:72:11:25:8e: f8:98:b5:db:54:9a:e0:25:de:a4:7c:e8:14:a6:2e: 47:8c:6e:09:3f:ff:e2:1f:cd:9c:e6:e2:de:2e:a8: bd:cc:4d:0b:a7:88:57:9d:d9:bb:b8:66:f6:2b:25: 53:82:93:36:b8:ab:97:d9:db:3f:a8:ea:15:d1:3c: 17:92:45:db:cb:52:77:91:22:3a:ba:0d:84:8b:37: 87:cd:b5:9d:db:27:72:df:13:4a:78:02:58:97:af: 2d:c0:0b:03:ea:57:6a:7b:95:a6:49:3d:b3:6f:f5: 83:ab:23:77:5d:18:91:c7:38:ad:ed:95:06:64:dd: 77:8c:63:11:3a:df:af:f4:6a:cb:b8:d8:5d:49:b3: 52:f2:9f:f5:f8:b8:2a:42:84:e8:bd:5f:38:36:ff: b8:69:86:28:27:56:4b:11:46:72:13:1b:e6:37:66: c3:29:15:f9:89:e5:68:da:52:02:c9:e4:dd:f6:38: 4a:79:15:cf:f5:1a:41:93:4d:1d:9d:c4:e6:c5:54: 64:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:2F:18:E8:97:BD:85:8A:89:D5:59:AA:E1:53:90:D2:AF:02:61:02 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/05228447-3f22-4780-bbc7-8543ea233efb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:8800::/40 Signature Algorithm: sha256WithRSAEncryption 7c:48:ae:14:f9:35:af:2f:34:0b:75:f7:17:1e:1a:eb:36:95: 0d:e9:19:00:03:8b:2a:40:61:58:1c:25:60:0e:18:4d:ae:3b: 74:9f:05:e6:02:5a:fb:2f:70:49:4a:39:4c:82:ff:20:6b:e6: 51:e4:d8:62:8b:9f:88:86:83:2f:63:be:a0:47:f3:0f:32:77: 62:f5:5a:e1:1d:39:91:3a:7e:31:0b:f7:48:a4:35:e2:a6:15: c5:6d:ee:0b:8f:2f:63:9d:68:10:1a:10:99:2f:eb:82:71:32: d5:b4:f4:be:a9:7b:7a:3f:b6:9d:a9:7c:49:9d:f2:23:67:e2: 36:2d:7f:e6:5b:7c:d0:ee:ca:25:61:a2:2d:07:55:a8:7a:4a: 25:99:67:78:21:86:ed:8a:f6:a0:a6:46:40:8a:b1:1f:f8:7b: 98:da:8f:f8:43:ba:50:79:5e:e3:3b:b3:1f:11:ad:53:cc:27: c5:50:f3:01:f6:b6:61:c7:48:17:aa:23:a5:f2:e1:19:62:a3: f0:40:cd:f8:c6:f4:41:86:f3:10:93:d5:2d:ab:b1:fe:73:5d: 66:39:84:88:89:06:9e:64:f0:a2:49:b2:c4:5d:a5:77:68:45: 0f:d6:cc:8b:95:cc:fe:65:88:e2:a0:ff:73:88:e0:ce:ca:6e: 1d:b8:f1:60 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbgngCpt1tP1GjJFaBVcpP3RJ4SswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDkyNjAwMDEzM1oX DTI1MTAzMTIzNTk1OVowejFJMEcGA1UEBRNAZmM3ZjgzMGFkNGIyYmE2MTZjYzM4 NmRhNmNkNTZjYzMwOTQyYWMyNGYwYmFlZTgxZjljZDI5NWYwMTNiMGZiZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ULq4ItR+7DeCHrrCIPxxLIOYxE5 VifouOBoTfIjuCFSKG6IJ091NgQJpDNqKyJP0l3lIFb/TnIRJY74mLXbVJrgJd6k fOgUpi5HjG4JP//iH82c5uLeLqi9zE0Lp4hXndm7uGb2KyVTgpM2uKuX2ds/qOoV 0TwXkkXby1J3kSI6ug2EizeHzbWd2ydy3xNKeAJYl68twAsD6ldqe5WmST2zb/WD qyN3XRiRxzit7ZUGZN13jGMROt+v9GrLuNhdSbNS8p/1+LgqQoTovV84Nv+4aYYo J1ZLEUZyExvmN2bDKRX5ieVo2lICyeTd9jhKeRXP9RpBk00dncTmxVRkjwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMkvGOiXvYWKidVZquFTkNKvAmECMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA1MjI4NDQ3LTNmMjItNDc4MC1iYmM3LTg1NDNlYTIzM2VmYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba74gwDQYJKoZIhvcNAQELBQADggEBAHxIrhT5Na8vNAt19xce Gus2lQ3pGQADiypAYVgcJWAOGE2uO3SfBeYCWvsvcElKOUyC/yBr5lHk2GKLn4iG gy9jvqBH8w8yd2L1WuEdOZE6fjEL90ikNeKmFcVt7guPL2OdaBAaEJkv64JxMtW0 9L6pe3o/tp2pfEmd8iNn4jYtf+ZbfNDuyiVhoi0HVah6SiWZZ3ghhu2K9qCmRkCK sR/4e5jaj/hDulB5XuM7sx8RrVPMJ8VQ8wH2tmHHSBeqI6Xy4Rlio/BAzfjG9EGG 8xCT1S2rsf5zXWY5hIiJBp5k8KJJssRdpXdoRQ/WzIuVzP5liOKg/3OI4M7Kbh24 8WA= -----END CERTIFICATE-----Generated at Mon Oct 20 13:11:02 2025 by rpki-client