$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1633925d-77e5-4142-aee7-593dea039740.roa File: 1633925d-77e5-4142-aee7-593dea039740.roa (raw, json) Hash identifier: 8v/n8B/ew1ZIpiW4TjiNG/+2OuTLJXE3rdE7QkAoLV8= Subject key identifier: 18:5E:EC:99:D4:2D:23:2C:13:B8:95:87:DF:4A:8C:94:6B:45:BC:ED Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 078FCF18A815607BB692ABDF61DE115C04F6A75D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1633925d-77e5-4142-aee7-593dea039740.roa Signing time: Fri 10 Oct 2025 00:00:53 +0000 ROA not before: Fri 10 Oct 2025 00:00:53 +0000 ROA not after: Fri 14 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:f000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:8f:cf:18:a8:15:60:7b:b6:92:ab:df:61:de:11:5c:04:f6:a7:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 10 00:00:53 2025 GMT Not After : Nov 14 23:59:59 2025 GMT Subject: serialNumber=984875e05f6d1ca7689973808f3d7cfabda2d49bba66628d48e4fc98159f3657, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:95:81:0d:78:75:aa:60:8e:71:71:29:b8:c5: e7:d2:03:8c:86:38:a7:4f:ae:31:57:2b:46:16:e4: 6d:0a:09:35:1c:ea:4a:2f:dc:0c:dd:f8:02:57:44: 7f:cc:22:22:3a:c5:25:b8:f8:f8:2a:60:50:45:86: 27:04:b5:40:3d:31:21:3f:81:07:36:ed:1f:ed:e1: 94:97:87:fc:dc:b0:cd:a5:38:ed:dd:98:a0:44:31: cd:e8:c1:30:b8:5c:37:2a:65:ef:c4:b4:5d:c3:b0: 9b:df:15:66:33:d3:48:7f:06:5e:13:e0:32:5f:18: ec:d0:d1:fa:c7:2c:76:ba:bc:db:47:35:32:14:85: d5:97:51:a5:bf:2b:af:68:a3:a5:94:27:b4:f4:ad: bd:95:bd:33:b5:41:d2:b5:1a:30:6a:cc:d2:b0:ba: 06:af:5e:39:f3:dc:72:31:52:7a:5d:aa:fa:f7:17: 87:cb:b8:51:55:6d:ef:91:9c:ed:c9:c9:d4:7f:00: 9d:78:77:26:f3:04:25:cc:67:5c:3e:31:be:8e:80: b9:88:a6:14:c0:61:2b:fa:96:4a:5c:f2:da:47:f1: 02:ea:cf:49:b0:09:b0:7d:77:f4:b4:cf:e6:55:23: 44:1c:6d:7d:e3:2a:a5:5a:6b:61:70:57:f0:ab:f3: 58:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:5E:EC:99:D4:2D:23:2C:13:B8:95:87:DF:4A:8C:94:6B:45:BC:ED X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1633925d-77e5-4142-aee7-593dea039740.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:f000::/40 Signature Algorithm: sha256WithRSAEncryption 17:5e:85:e8:09:0c:f5:95:b2:b3:ee:91:02:86:b4:16:64:9c: a0:f6:db:7f:04:41:bd:53:b4:06:2d:1c:97:a0:fd:c1:ce:be: 9e:9d:a7:54:13:74:0e:a9:57:dc:8e:8d:0f:3e:48:0c:8f:6a: da:a6:aa:d9:0b:b1:34:8d:be:4a:1e:87:a6:48:dd:23:c5:01: 8a:19:aa:29:03:7d:c8:df:00:a2:11:3f:7a:f5:49:57:af:fb: d6:f8:87:84:2f:b4:90:80:b7:5b:67:df:82:40:0a:3b:a7:d7: 3a:ef:90:ce:cb:ad:99:0b:b3:3a:62:2e:53:8a:37:61:24:9a: 15:3d:21:ef:c7:fe:74:31:a4:d6:ad:72:49:b9:e1:17:11:9e: 68:dc:8b:6c:65:b7:0b:f0:75:52:73:e3:a8:fb:5a:d8:5f:2b: 7e:7c:ff:c4:ca:dc:e1:58:53:6c:1d:c7:15:a5:fb:56:27:9c: 5d:73:57:50:87:82:56:d4:55:e5:7c:b5:3a:c9:7a:ed:58:7b: a2:19:84:54:27:16:e9:b5:c2:59:db:ac:65:32:1a:e2:3f:69: 85:42:32:73:04:03:34:87:40:0a:ff:e5:dd:11:04:41:ea:6f: 26:d7:bd:17:af:02:6a:b3:36:16:8e:13:e6:14:67:99:2e:43: 4a:06:ba:9f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUB4/PGKgVYHu2kqvfYd4RXAT2p10wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMDAwMDA1M1oX DTI1MTExNDIzNTk1OVowejFJMEcGA1UEBRNAOTg0ODc1ZTA1ZjZkMWNhNzY4OTk3 MzgwOGYzZDdjZmFiZGEyZDQ5YmJhNjY2MjhkNDhlNGZjOTgxNTlmMzY1NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZWBDXh1qmCOcXEpuMXn0gOMhjin T64xVytGFuRtCgk1HOpKL9wM3fgCV0R/zCIiOsUluPj4KmBQRYYnBLVAPTEhP4EH Nu0f7eGUl4f83LDNpTjt3ZigRDHN6MEwuFw3KmXvxLRdw7Cb3xVmM9NIfwZeE+Ay Xxjs0NH6xyx2urzbRzUyFIXVl1GlvyuvaKOllCe09K29lb0ztUHStRowaszSsLoG r14589xyMVJ6Xar69xeHy7hRVW3vkZztycnUfwCdeHcm8wQlzGdcPjG+joC5iKYU wGEr+pZKXPLaR/EC6s9JsAmwfXf0tM/mVSNEHG194yqlWmthcFfwq/NY4wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBhe7JnULSMsE7iVh99KjJRrRbztMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE2MzM5MjVkLTc3ZTUtNDE0Mi1hZWU3LTU5M2RlYTAzOTc0MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9vAwDQYJKoZIhvcNAQELBQADggEBABdehegJDPWVsrPukQKG tBZknKD2238EQb1TtAYtHJeg/cHOvp6dp1QTdA6pV9yOjQ8+SAyPatqmqtkLsTSN vkoeh6ZI3SPFAYoZqikDfcjfAKIRP3r1SVev+9b4h4QvtJCAt1tn34JACjun1zrv kM7LrZkLszpiLlOKN2EkmhU9Ie/H/nQxpNatckm54RcRnmjci2xltwvwdVJz46j7 WthfK358/8TK3OFYU2wdxxWl+1YnnF1zV1CHglbUVeV8tTrJeu1Ye6IZhFQnFum1 wlnbrGUyGuI/aYVCMnMEAzSHQAr/5d0RBEHqbybXvRevAmqzNhaOE+YUZ5kuQ0oG up8= -----END CERTIFICATE-----Generated at Mon Oct 20 07:37:14 2025 by rpki-client