$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/093bf138-d5d2-4fc5-9bb3-dc334c5fd7fb.roa File: 093bf138-d5d2-4fc5-9bb3-dc334c5fd7fb.roa (raw, json) Hash identifier: 8hlx57qS7zwAhDJ1ZfW2IxTULUJYZ5U95lAdxCy5Y50= Subject key identifier: 6D:08:34:49:27:9E:2D:40:E5:B2:30:D5:46:A5:8C:2E:71:8B:DB:41 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0145CE49A545EAAA6571F5251477739ACE4DAB4F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/093bf138-d5d2-4fc5-9bb3-dc334c5fd7fb.roa Signing time: Fri 10 Oct 2025 00:01:02 +0000 ROA not before: Fri 10 Oct 2025 00:01:02 +0000 ROA not after: Fri 14 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:45:ce:49:a5:45:ea:aa:65:71:f5:25:14:77:73:9a:ce:4d:ab:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 10 00:01:02 2025 GMT Not After : Nov 14 23:59:59 2025 GMT Subject: serialNumber=e4ddd1e12f9ffe88b5309f3d3d8dbb88f2d080b0961cb4353954de7e833ab4c9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:1d:f7:2d:39:fd:c8:41:75:4f:d8:97:30:db: 27:6a:9e:b0:a0:ea:28:ce:69:61:a8:82:66:86:9a: 41:2f:71:88:9b:49:e4:16:80:3b:e4:72:46:19:1a: 27:0b:52:6d:1f:6c:40:2d:a0:3b:36:15:b1:aa:4b: be:ba:65:86:0c:50:89:1a:cc:73:97:9c:98:e6:8d: 7f:85:27:2e:81:6b:51:92:48:55:37:c2:83:b6:48: 81:df:e2:e1:08:de:20:77:9c:3f:06:e6:03:39:8b: 2b:d3:ab:4a:2b:47:e8:22:ec:01:00:ad:ab:90:43: 8a:11:3f:90:e1:cc:69:1b:0a:0a:cc:9f:9f:1b:bf: 4a:d0:a4:ed:de:0d:cb:d6:be:d5:7f:88:f0:ff:46: bf:45:bf:e3:78:e2:31:2f:e5:05:80:dd:56:7c:8c: 7c:f6:66:ce:1d:af:7c:bb:69:3b:36:7b:c7:9b:35: 15:02:55:a9:6c:fe:bc:5c:c6:cf:27:1e:18:5e:0f: a2:b9:d0:27:d7:30:97:30:5d:49:af:d3:ef:4c:ef: b0:57:19:ef:bd:d4:54:be:ea:c6:b5:86:81:59:8f: cb:82:0c:79:42:4f:f6:65:1b:9a:0d:24:35:6d:10: 66:9f:6d:ba:3f:48:9e:bb:dc:f1:a4:a9:a1:44:9f: 82:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:08:34:49:27:9E:2D:40:E5:B2:30:D5:46:A5:8C:2E:71:8B:DB:41 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/093bf138-d5d2-4fc5-9bb3-dc334c5fd7fb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:4000::/40 Signature Algorithm: sha256WithRSAEncryption 4e:86:9f:0a:00:45:bf:ae:c3:ea:62:fa:78:a1:6b:57:5c:31: fd:4c:64:e7:3c:0b:5b:64:00:ac:4e:64:ac:b8:f5:a5:94:20: da:40:b8:08:84:c2:7c:68:de:d1:27:2f:7f:d3:fb:66:f0:4f: 2a:bb:15:a9:b8:57:7a:3c:bd:ad:3f:6c:a4:4d:62:87:06:ff: dc:44:6e:37:40:2a:1f:8b:53:bb:64:d0:61:77:f0:fe:4d:72: 81:e8:31:fc:52:26:bd:2a:5e:85:67:ff:0a:96:db:88:38:0f: ca:f8:04:ee:89:fc:ae:07:dc:90:a7:96:5c:3e:75:2e:74:8d: a4:a1:e2:01:6d:82:63:fa:09:65:6e:a1:0b:14:bc:e4:f3:50: 2a:d7:c6:b1:78:4a:9e:90:34:e2:3b:96:01:7e:41:96:cb:c8: a0:47:3a:2f:f4:3d:93:2b:c5:a9:17:f4:e7:42:79:a4:7c:e7: d2:e7:62:4b:00:62:27:7f:3c:de:d1:bf:1c:32:c8:0d:9b:74: e5:7b:bd:9f:0d:a5:94:3a:37:b2:c5:2b:fe:af:2e:d9:dc:3d: a2:be:68:a0:5b:8f:db:03:0c:cf:16:16:4c:49:34:7e:ab:b6: 24:49:5e:cb:99:dd:4e:e1:ee:1e:84:34:10:a7:34:c4:95:04: 6f:6b:f3:10 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUAUXOSaVF6qplcfUlFHdzms5Nq08wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMDAwMDEwMloX DTI1MTExNDIzNTk1OVowejFJMEcGA1UEBRNAZTRkZGQxZTEyZjlmZmU4OGI1MzA5 ZjNkM2Q4ZGJiODhmMmQwODBiMDk2MWNiNDM1Mzk1NGRlN2U4MzNhYjRjOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB33LTn9yEF1T9iXMNsnap6woOoo zmlhqIJmhppBL3GIm0nkFoA75HJGGRonC1JtH2xALaA7NhWxqku+umWGDFCJGsxz l5yY5o1/hScugWtRkkhVN8KDtkiB3+LhCN4gd5w/BuYDOYsr06tKK0foIuwBAK2r kEOKET+Q4cxpGwoKzJ+fG79K0KTt3g3L1r7Vf4jw/0a/Rb/jeOIxL+UFgN1WfIx8 9mbOHa98u2k7NnvHmzUVAlWpbP68XMbPJx4YXg+iudAn1zCXMF1Jr9PvTO+wVxnv vdRUvurGtYaBWY/Lggx5Qk/2ZRuaDSQ1bRBmn226P0ieu9zxpKmhRJ+C1wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG0INEknni1A5bIw1UaljC5xi9tBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA5M2JmMTM4LWQ1ZDItNGZjNS05YmIzLWRjMzM0YzVmZDdmYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9kAwDQYJKoZIhvcNAQELBQADggEBAE6GnwoARb+uw+pi+nih a1dcMf1MZOc8C1tkAKxOZKy49aWUINpAuAiEwnxo3tEnL3/T+2bwTyq7Fam4V3o8 va0/bKRNYocG/9xEbjdAKh+LU7tk0GF38P5NcoHoMfxSJr0qXoVn/wqW24g4D8r4 BO6J/K4H3JCnllw+dS50jaSh4gFtgmP6CWVuoQsUvOTzUCrXxrF4Sp6QNOI7lgF+ QZbLyKBHOi/0PZMrxakX9OdCeaR859LnYksAYid/PN7RvxwyyA2bdOV7vZ8NpZQ6 N7LFK/6vLtncPaK+aKBbj9sDDM8WFkxJNH6rtiRJXsuZ3U7h7h6ENBCnNMSVBG9r 8xA= -----END CERTIFICATE-----Generated at Mon Oct 20 07:28:13 2025 by rpki-client