$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/199e7f05-a6e2-4894-bef4-a2d943a718e7.roa File: 199e7f05-a6e2-4894-bef4-a2d943a718e7.roa (raw, json) Hash identifier: PNMVNeCCQGuhZXwRsIIxCviWeC/OiN1wywYEohTmxnM= Subject key identifier: FA:20:63:53:42:1F:AB:3E:0C:35:BE:90:27:CE:C4:49:31:30:20:35 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 40754D5CE22A6A6C7987A984C6811C043002990B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/199e7f05-a6e2-4894-bef4-a2d943a718e7.roa Signing time: Tue 14 Oct 2025 00:20:06 +0000 ROA not before: Tue 14 Oct 2025 00:20:06 +0000 ROA not after: Tue 18 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:75:4d:5c:e2:2a:6a:6c:79:87:a9:84:c6:81:1c:04:30:02:99:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 14 00:20:06 2025 GMT Not After : Nov 18 23:59:59 2025 GMT Subject: serialNumber=aa790bcc3134254a7d9ed8b6d386ec93d89d29e2a99395e958f050087c74811e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:35:35:65:00:dc:f4:d6:e4:1e:19:b5:2f:55: 7e:03:81:32:e9:8c:24:b6:f9:5f:e3:ef:bc:38:a1: 36:60:6d:b3:02:20:22:ec:57:bd:3c:ac:f7:a4:94: 24:d7:a2:27:c2:19:83:fd:0c:25:91:d1:4d:b9:a7: 00:ea:f7:a4:76:19:a5:f8:ad:e3:e5:7b:7a:55:60: 85:b7:dc:a1:35:b2:45:f4:e9:89:bd:98:de:5c:09: ce:aa:ef:88:03:6a:bd:d6:cf:f8:77:04:ed:7b:7a: 90:50:4c:05:d9:17:10:77:9b:b3:2c:b4:fe:3d:9d: 02:0a:86:a8:a3:0b:d7:6d:3a:1f:a4:74:c9:72:1c: f7:b3:1b:65:56:30:30:34:0f:27:6e:57:eb:93:38: 12:9c:a9:22:42:56:66:19:a1:3b:98:48:62:c6:48: 89:9f:53:28:20:a5:d6:af:a3:83:39:d1:6e:22:24: eb:c7:8e:73:61:11:0c:e4:99:a4:4f:e3:81:a3:44: 85:57:fe:89:a0:fc:e4:d5:6c:47:8b:d3:cc:c8:e1: 9c:f4:3b:98:b1:45:c4:74:ed:e9:8b:03:57:f6:91: f4:de:51:87:da:09:7d:81:4f:e4:cc:50:b9:1c:8d: 2e:8c:d8:a9:4b:26:80:0e:25:4e:17:b7:93:a3:f5: fd:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:20:63:53:42:1F:AB:3E:0C:35:BE:90:27:CE:C4:49:31:30:20:35 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/199e7f05-a6e2-4894-bef4-a2d943a718e7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:2800::/40 Signature Algorithm: sha256WithRSAEncryption 31:7a:43:b5:75:da:1a:ab:68:05:65:61:01:6b:80:cb:d4:a6: 23:0d:5c:8d:8b:f5:e6:a8:3b:74:9c:4c:55:d6:25:fc:fc:b9: e4:39:8b:6c:69:1f:18:5d:1d:f9:e9:5b:ef:cb:dd:64:b7:55: 9b:e6:6e:27:2c:25:3e:f6:33:06:ce:d7:e5:49:f4:79:25:b7: 13:56:d3:e2:c1:08:f6:94:06:b8:5d:15:df:63:72:2e:2c:87: b2:a4:2d:ba:bc:68:34:42:81:19:ed:6d:30:56:ab:fa:86:12: aa:a7:17:ec:0d:64:38:0f:40:10:ea:a4:f8:b7:ce:ac:62:30: 31:8f:3c:00:48:3d:3b:41:82:e7:47:2c:78:34:c9:20:f9:a7: 51:25:46:7c:6c:08:c5:c1:63:ce:0f:29:6a:e0:26:40:6f:08: a1:07:ca:e9:ba:e3:3d:5e:20:13:e7:39:31:ad:eb:a6:e4:9f: 68:f4:b1:54:5c:41:48:e2:5a:dc:4f:cf:ec:69:f6:7b:85:a6: f5:b7:15:28:77:6c:8f:68:94:46:b0:db:b6:30:84:8e:b0:51: f6:42:30:2c:f1:e6:48:c2:46:4b:db:1d:28:52:4f:94:9b:9c: 76:97:a7:3b:36:1d:c8:36:c1:25:15:6f:8b:06:d8:13:2a:15: 5f:01:95:32 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQHVNXOIqamx5h6mExoEcBDACmQswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNDAwMjAwNloX DTI1MTExODIzNTk1OVowejFJMEcGA1UEBRNAYWE3OTBiY2MzMTM0MjU0YTdkOWVk OGI2ZDM4NmVjOTNkODlkMjllMmE5OTM5NWU5NThmMDUwMDg3Yzc0ODExZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTU1ZQDc9NbkHhm1L1V+A4Ey6Ywk tvlf4++8OKE2YG2zAiAi7Fe9PKz3pJQk16InwhmD/QwlkdFNuacA6vekdhml+K3j 5Xt6VWCFt9yhNbJF9OmJvZjeXAnOqu+IA2q91s/4dwTte3qQUEwF2RcQd5uzLLT+ PZ0CCoaoowvXbTofpHTJchz3sxtlVjAwNA8nblfrkzgSnKkiQlZmGaE7mEhixkiJ n1MoIKXWr6ODOdFuIiTrx45zYREM5JmkT+OBo0SFV/6JoPzk1WxHi9PMyOGc9DuY sUXEdO3piwNX9pH03lGH2gl9gU/kzFC5HI0ujNipSyaADiVOF7eTo/X92wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPogY1NCH6s+DDW+kCfOxEkxMCA1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE5OWU3ZjA1LWE2ZTItNDg5NC1iZWY0LWEyZDk0M2E3MThlNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaSgwDQYJKoZIhvcNAQELBQADggEBADF6Q7V12hqraAVlYQFr gMvUpiMNXI2L9eaoO3ScTFXWJfz8ueQ5i2xpHxhdHfnpW+/L3WS3VZvmbicsJT72 MwbO1+VJ9HkltxNW0+LBCPaUBrhdFd9jci4sh7KkLbq8aDRCgRntbTBWq/qGEqqn F+wNZDgPQBDqpPi3zqxiMDGPPABIPTtBgudHLHg0ySD5p1ElRnxsCMXBY84PKWrg JkBvCKEHyum64z1eIBPnOTGt66bkn2j0sVRcQUjiWtxPz+xp9nuFpvW3FSh3bI9o lEaw27YwhI6wUfZCMCzx5kjCRkvbHShST5SbnHaXpzs2Hcg2wSUVb4sG2BMqFV8B lTI= -----END CERTIFICATE-----Generated at Mon Oct 20 09:49:37 2025 by rpki-client