$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f308446-71c0-4da7-9488-837b94b0ca9c.roa File: 0f308446-71c0-4da7-9488-837b94b0ca9c.roa (raw, json) Hash identifier: uB28sqD1gpCyQGvRjPEnKmLGBm7/WIJBOnMHssQEHa4= Subject key identifier: 21:0E:A8:83:2B:D9:11:EC:6A:E4:2D:9E:77:60:44:DE:79:2F:44:F7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0BC96CF46101C8E8FC95D9A7652DC04431B0F2A7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f308446-71c0-4da7-9488-837b94b0ca9c.roa Signing time: Mon 13 Oct 2025 15:40:51 +0000 ROA not before: Mon 13 Oct 2025 15:40:51 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:4080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:c9:6c:f4:61:01:c8:e8:fc:95:d9:a7:65:2d:c0:44:31:b0:f2:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:40:51 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=e786cdcb95c4a0c35a1ae5b827c8df4a1efe56335a1617101d36387dff45a31d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:c3:44:94:5c:62:59:99:3f:e6:8e:30:b6:7b: 89:ca:7a:2a:b7:65:2d:13:6c:ad:bd:a8:49:21:b2: 4c:c8:e9:e6:e6:cc:63:d9:ac:52:53:94:8a:b5:fd: c6:4c:8e:8a:46:4f:34:02:55:fc:61:ab:43:c8:72: 63:80:b1:98:91:f2:cc:1f:89:4e:6e:04:79:72:de: 2d:18:3d:49:dd:59:2b:72:5d:71:9a:8a:b0:35:ed: f2:3c:93:f4:57:54:95:f1:5b:08:b5:a9:48:38:98: 21:67:05:74:fb:ea:ba:10:8d:53:62:e4:87:ad:bf: 06:78:ba:73:81:a3:39:6b:14:bb:74:fb:78:5f:29: ce:5d:2a:50:82:91:70:72:ae:b5:bf:78:2b:d4:15: 9f:3d:e1:1b:1f:ac:f3:7b:b6:dd:a4:ab:2a:ef:77: 3e:7a:d0:d6:8e:31:3d:2a:e9:85:32:94:e6:fe:81: f2:05:09:94:3d:e9:b3:13:97:0e:10:bc:f8:f2:32: 47:b5:49:e3:9e:8a:e4:55:2c:39:8e:8f:d3:95:a2: 3f:c9:1a:d8:32:a5:5d:87:e8:c9:de:bc:f8:ce:f9: 45:63:39:18:7d:ec:5a:c2:e9:f3:fe:ad:b0:6f:f0: ca:bb:1d:ac:e1:d4:37:84:ab:fe:5d:a1:dc:53:3c: e5:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:0E:A8:83:2B:D9:11:EC:6A:E4:2D:9E:77:60:44:DE:79:2F:44:F7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f308446-71c0-4da7-9488-837b94b0ca9c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:4080::/48 Signature Algorithm: sha256WithRSAEncryption 70:ae:1e:de:31:b1:a5:8e:6d:e0:b6:ba:d4:b8:3e:74:7d:49: e7:ec:2e:d8:36:b3:e1:34:42:a7:ac:1c:f9:8e:99:95:cc:b9: aa:25:64:df:19:79:ea:f3:43:bf:59:d5:27:ee:2e:22:28:81: b6:8a:72:a3:06:df:83:67:8d:84:5b:91:40:4a:83:4e:13:4f: 0b:7d:48:c3:42:b8:13:a8:87:e3:cd:1c:fe:4d:4f:3e:05:97: 76:cd:c0:64:9c:fb:95:2f:f2:05:23:8a:2d:25:88:54:64:cd: 42:66:c6:9f:35:7e:14:f9:57:55:7c:25:91:9d:fa:fb:d8:49: e6:04:d3:aa:27:6d:ad:c1:85:69:32:6c:86:e0:3f:a8:5d:4e: d0:8e:a5:69:7f:3b:e7:8b:a0:aa:ae:54:e8:67:96:32:73:69: e7:e5:d7:1f:72:93:57:80:ae:fd:2e:df:d5:c1:86:f0:a9:d5: 44:f3:b1:59:4f:7d:0a:9a:83:cc:f4:ef:38:1e:25:70:87:f6: 3c:dd:e1:e3:8a:c1:d3:5c:3c:c3:b3:db:b1:32:e3:2c:86:4c: 8d:ae:d7:90:09:21:f2:0c:d6:67:37:51:08:bf:64:20:ef:84: 47:c9:49:c1:62:28:7d:89:c6:16:88:6c:74:74:cc:1c:2e:00: 26:41:be:e4 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUC8ls9GEByOj8ldmnZS3ARDGw8qcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1NDA1MVoX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNAZTc4NmNkY2I5NWM0YTBjMzVhMWFl NWI4MjdjOGRmNGExZWZlNTYzMzVhMTYxNzEwMWQzNjM4N2RmZjQ1YTMxZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscNElFxiWZk/5o4wtnuJynoqt2Ut E2ytvahJIbJMyOnm5sxj2axSU5SKtf3GTI6KRk80AlX8YatDyHJjgLGYkfLMH4lO bgR5ct4tGD1J3Vkrcl1xmoqwNe3yPJP0V1SV8VsItalIOJghZwV0++q6EI1TYuSH rb8GeLpzgaM5axS7dPt4XynOXSpQgpFwcq61v3gr1BWfPeEbH6zze7bdpKsq73c+ etDWjjE9KumFMpTm/oHyBQmUPemzE5cOELz48jJHtUnjnorkVSw5jo/TlaI/yRrY MqVdh+jJ3rz4zvlFYzkYfexawunz/q2wb/DKux2s4dQ3hKv+XaHcUzzlLwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCEOqIMr2RHsauQtnndgRN55L0T3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBmMzA4NDQ2LTcxYzAtNGRhNy05NDg4LTgzN2I5NGIwY2E5Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8kCAMA0GCSqGSIb3DQEBCwUAA4IBAQBwrh7eMbGljm3gtrrU uD50fUnn7C7YNrPhNEKnrBz5jpmVzLmqJWTfGXnq80O/WdUn7i4iKIG2inKjBt+D Z42EW5FASoNOE08LfUjDQrgTqIfjzRz+TU8+BZd2zcBknPuVL/IFI4otJYhUZM1C ZsafNX4U+VdVfCWRnfr72EnmBNOqJ22twYVpMmyG4D+oXU7QjqVpfzvni6CqrlTo Z5Yyc2nn5dcfcpNXgK79Lt/VwYbwqdVE87FZT30KmoPM9O84HiVwh/Y83eHjisHT XDzDs9uxMuMshkyNrteQCSHyDNZnN1EIv2Qg74RHyUnBYih9icYWiGx0dMwcLgAm Qb7k -----END CERTIFICATE-----Generated at Mon Oct 20 15:39:49 2025 by rpki-client