$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0c131403-c0db-4229-b10c-238da60a9c57.roa File: 0c131403-c0db-4229-b10c-238da60a9c57.roa (raw, json) Hash identifier: 67nFap6PTnlaH5joNHLWuC81NT7oj4fhQsRZZJ1YYR4= Subject key identifier: 24:FF:54:49:60:E0:1C:7E:6D:09:D2:D7:B4:64:C6:59:C7:25:F8:AB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4826032A7D2CC6CBE0C03920B976C5FCB10FC90C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0c131403-c0db-4229-b10c-238da60a9c57.roa Signing time: Mon 13 Oct 2025 15:01:05 +0000 ROA not before: Mon 13 Oct 2025 15:01:05 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:c880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:26:03:2a:7d:2c:c6:cb:e0:c0:39:20:b9:76:c5:fc:b1:0f:c9:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:01:05 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=7787b7ecb0822aa94bd4ed02d893015964759ffbbf15355baa4ac4c27e7bec8d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:d9:32:de:58:b3:f6:64:ef:b7:e1:c7:4d:e9: 3c:bb:09:01:5a:f4:bf:ee:c7:b2:76:49:04:bd:46: e3:13:9a:b0:eb:24:fa:0b:ea:c4:41:8d:49:f7:ce: 9f:4b:2d:fd:5e:14:8b:5a:ce:2c:9a:22:d0:70:75: ac:26:d9:4d:97:5c:70:bc:52:01:69:3e:22:d2:4a: a9:88:d2:3a:f4:14:70:11:0e:25:33:6b:5c:d7:61: ca:1a:06:60:d5:12:19:e2:7d:be:ad:ea:51:c8:44: f9:78:15:d4:65:0d:c5:ae:f0:0b:24:32:bb:46:ce: 49:95:2c:54:c1:25:e8:3b:3c:bd:f3:af:48:e5:b9: 09:f4:df:4d:b8:bd:33:76:fd:18:cc:d0:07:8d:e7: 66:a8:81:df:48:03:f2:72:9a:6e:78:20:39:2b:9d: 15:0c:1b:83:df:74:bf:c4:37:1e:f5:a6:da:74:04: 66:d7:09:09:6e:1a:06:24:0b:3c:e4:f8:c8:2b:e3: 2a:77:76:cf:2c:5f:fb:ce:26:be:6c:0c:44:af:6f: d2:99:7e:db:60:0b:5c:20:e7:81:ae:de:33:60:6c: fe:47:31:97:b9:d0:5a:77:da:16:1f:c6:0f:c6:aa: 71:4f:5f:0c:66:3b:32:00:19:3a:35:12:4e:cd:cf: ef:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:FF:54:49:60:E0:1C:7E:6D:09:D2:D7:B4:64:C6:59:C7:25:F8:AB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0c131403-c0db-4229-b10c-238da60a9c57.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:c880::/48 Signature Algorithm: sha256WithRSAEncryption c1:1e:65:05:a5:da:8d:c6:5a:16:76:16:8d:c3:4f:ab:97:3c: 6a:e1:7e:ae:db:0f:1d:aa:78:07:d0:a9:03:33:2e:8f:c6:2b: a9:f6:92:0f:2e:c0:3b:27:23:dc:1c:92:7a:45:ce:00:06:7e: 84:f3:a6:8a:55:4e:71:0d:11:ad:47:77:16:36:2f:37:5c:a3: b6:e9:cb:b5:c2:10:60:2f:0c:da:e9:b7:41:48:b4:d4:a1:90: 2a:64:5e:32:b2:36:6c:d1:c7:ff:75:cf:88:cc:03:c9:b4:32: 20:67:9f:e9:6f:cb:f5:18:3b:77:0c:78:87:e9:ca:2c:26:a7: cd:9a:a0:3c:26:bb:e6:56:37:fe:46:f5:32:6d:db:33:a3:5b: a5:f2:8f:42:10:ed:aa:50:5f:17:6c:55:6c:5c:0e:b4:42:a4: 5f:42:7b:4b:af:7c:75:97:2c:7b:11:36:8c:60:ea:08:8d:c7: 71:f8:53:b8:eb:ff:16:79:b8:f9:36:fb:85:9b:33:54:36:50: 9b:bb:31:31:56:45:48:62:1a:aa:59:8a:d6:70:5e:1b:91:01: b4:e5:a8:0d:4a:e7:f7:12:51:1b:90:68:6b:16:e4:f3:3e:1e: 91:4e:ba:a6:03:30:b5:03:9d:9e:1f:bc:2f:44:4d:46:2e:8a: 77:7b:55:96 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUSCYDKn0sxsvgwDkguXbF/LEPyQwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1MDEwNVoX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNANzc4N2I3ZWNiMDgyMmFhOTRiZDRl ZDAyZDg5MzAxNTk2NDc1OWZmYmJmMTUzNTViYWE0YWM0YzI3ZTdiZWM4ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndky3liz9mTvt+HHTek8uwkBWvS/ 7seydkkEvUbjE5qw6yT6C+rEQY1J986fSy39XhSLWs4smiLQcHWsJtlNl1xwvFIB aT4i0kqpiNI69BRwEQ4lM2tc12HKGgZg1RIZ4n2+repRyET5eBXUZQ3FrvALJDK7 Rs5JlSxUwSXoOzy9869I5bkJ9N9NuL0zdv0YzNAHjedmqIHfSAPycppueCA5K50V DBuD33S/xDce9abadARm1wkJbhoGJAs85PjIK+Mqd3bPLF/7zia+bAxEr2/SmX7b YAtcIOeBrt4zYGz+RzGXudBad9oWH8YPxqpxT18MZjsyABk6NRJOzc/vxQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCT/VElg4Bx+bQnS17RkxlnHJfirMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBjMTMxNDAzLWMwZGItNDIyOS1iMTBjLTIzOGRhNjBhOWM1Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYciAMA0GCSqGSIb3DQEBCwUAA4IBAQDBHmUFpdqNxloWdhaN w0+rlzxq4X6u2w8dqngH0KkDMy6Pxiup9pIPLsA7JyPcHJJ6Rc4ABn6E86aKVU5x DRGtR3cWNi83XKO26cu1whBgLwza6bdBSLTUoZAqZF4ysjZs0cf/dc+IzAPJtDIg Z5/pb8v1GDt3DHiH6cosJqfNmqA8JrvmVjf+RvUybdszo1ul8o9CEO2qUF8XbFVs XA60QqRfQntLr3x1lyx7ETaMYOoIjcdx+FO46/8Webj5NvuFmzNUNlCbuzExVkVI YhqqWYrWcF4bkQG05agNSuf3ElEbkGhrFuTzPh6RTrqmAzC1A52eH7wvRE1GLop3 e1WW -----END CERTIFICATE-----Generated at Mon Oct 20 07:19:37 2025 by rpki-client