$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b5da987-69f3-4f12-aa3b-0d6f9ae4c06c.roa File: 1b5da987-69f3-4f12-aa3b-0d6f9ae4c06c.roa (raw, json) Hash identifier: sU5EvySLE8QA97CgFFBQRcmzu37hrZQ5sslP4LeF0RQ= Subject key identifier: FE:45:3B:46:D1:C3:C6:81:75:18:7A:86:48:38:D6:04:A2:9A:C3:C0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 67D0150EFDD300DA0AA24A99A9D7C85019A8BDB2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b5da987-69f3-4f12-aa3b-0d6f9ae4c06c.roa Signing time: Mon 13 Oct 2025 15:01:08 +0000 ROA not before: Mon 13 Oct 2025 15:01:08 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:4020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:d0:15:0e:fd:d3:00:da:0a:a2:4a:99:a9:d7:c8:50:19:a8:bd:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:01:08 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=5af0355019e2767b8abd8d133f11382ab8df4932be3e7277a9b9477e3c231aab, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:97:b1:fc:3d:f6:db:1c:4d:2b:a7:20:fd:71: 09:3f:29:e1:90:15:07:b1:b1:db:f2:50:52:3c:cf: 28:30:dc:87:37:19:53:2d:90:2e:99:fa:3b:27:d4: f3:7e:d5:da:1c:06:36:47:96:e8:da:60:15:c1:56: 71:49:ad:53:5c:57:3a:9d:19:77:91:6c:18:e3:86: e1:c5:71:00:4c:03:aa:50:b6:9f:cf:85:05:ba:26: 81:f1:a7:cc:78:51:9a:4c:65:64:4c:49:0f:3a:c1: a0:a7:67:73:76:d1:33:12:cb:13:20:23:39:5d:3f: e1:ee:33:75:05:b3:59:54:a8:e6:1d:69:d7:63:70: 78:b5:d7:7b:ec:30:27:f2:fc:d6:3c:af:d3:8d:e0: 52:42:7e:b7:b0:7c:34:c3:25:0f:6c:e3:34:06:93: 63:6c:f9:fd:48:de:1a:74:2b:3b:83:35:1f:76:6c: 23:b2:4b:d3:a5:a7:aa:5e:26:9f:b5:28:d8:ad:bf: be:73:93:2f:cc:d2:61:f1:b3:c5:dc:80:90:35:8f: 41:5c:4b:bb:b2:53:fe:d5:b9:f4:2a:98:11:b2:9f: d1:b1:1d:69:37:bf:d6:e9:93:49:81:24:67:4e:3e: 26:7a:be:81:e0:02:4b:f8:fa:4c:fd:48:f2:00:cf: 4d:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:45:3B:46:D1:C3:C6:81:75:18:7A:86:48:38:D6:04:A2:9A:C3:C0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b5da987-69f3-4f12-aa3b-0d6f9ae4c06c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:4020::/48 Signature Algorithm: sha256WithRSAEncryption 81:a5:47:ca:f6:be:95:87:26:63:36:55:43:82:3b:f6:dc:9a: c4:be:5c:00:32:60:ab:01:86:e8:7e:11:6b:20:d2:6e:69:77: c5:d6:a9:30:0f:a0:2f:21:a9:54:7f:14:be:19:7d:b9:76:10: 62:28:97:af:17:41:51:f4:47:00:34:d3:21:49:51:90:90:dd: 68:18:7e:e6:f7:0d:e9:d6:54:2b:4e:67:61:52:e0:7a:d3:93: 85:33:21:53:74:72:82:c1:28:98:e2:fc:67:c9:51:3e:f8:3f: 2c:8c:f8:d3:3c:3d:9a:f8:8a:1a:e4:2e:d2:2c:84:3b:ce:e9: 26:38:cb:5e:bb:f0:e5:b9:3e:de:ad:29:33:0d:8a:e6:1d:68: 7c:3b:d3:f3:be:75:35:db:da:23:e2:6a:5f:f6:1f:be:70:47: 01:95:e8:e7:f5:a4:73:6d:58:4e:55:81:82:4a:51:1b:7a:6f: d1:4c:ba:9c:25:2c:9e:d9:db:47:c0:fd:80:93:a4:61:f9:bf: 4b:fe:8d:b3:fa:d9:61:e2:60:eb:58:4b:50:6e:c9:a7:7a:dc: c3:6d:66:a1:c2:18:ea:b4:cc:fa:24:69:58:af:af:d5:ec:44: 57:31:66:56:54:88:a6:09:dd:81:4d:1b:d7:6d:03:30:cf:e2: 64:94:a9:87 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZ9AVDv3TANoKokqZqdfIUBmovbIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1MDEwOFoX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNANWFmMDM1NTAxOWUyNzY3YjhhYmQ4 ZDEzM2YxMTM4MmFiOGRmNDkzMmJlM2U3Mjc3YTliOTQ3N2UzYzIzMWFhYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJex/D322xxNK6cg/XEJPynhkBUH sbHb8lBSPM8oMNyHNxlTLZAumfo7J9TzftXaHAY2R5bo2mAVwVZxSa1TXFc6nRl3 kWwY44bhxXEATAOqULafz4UFuiaB8afMeFGaTGVkTEkPOsGgp2dzdtEzEssTICM5 XT/h7jN1BbNZVKjmHWnXY3B4tdd77DAn8vzWPK/TjeBSQn63sHw0wyUPbOM0BpNj bPn9SN4adCs7gzUfdmwjskvTpaeqXiaftSjYrb++c5MvzNJh8bPF3ICQNY9BXEu7 slP+1bn0KpgRsp/RsR1pN7/W6ZNJgSRnTj4mer6B4AJL+PpM/UjyAM9NzwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFP5FO0bRw8aBdRh6hkg41gSimsPAMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFiNWRhOTg3LTY5ZjMtNGYxMi1hYTNiLTBkNmY5YWU0YzA2Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAEAgMA0GCSqGSIb3DQEBCwUAA4IBAQCBpUfK9r6VhyZjNlVD gjv23JrEvlwAMmCrAYbofhFrINJuaXfF1qkwD6AvIalUfxS+GX25dhBiKJevF0FR 9EcANNMhSVGQkN1oGH7m9w3p1lQrTmdhUuB605OFMyFTdHKCwSiY4vxnyVE++D8s jPjTPD2a+Ioa5C7SLIQ7zukmOMteu/DluT7erSkzDYrmHWh8O9PzvnU129oj4mpf 9h++cEcBlejn9aRzbVhOVYGCSlEbem/RTLqcJSye2dtHwP2Ak6Rh+b9L/o2z+tlh 4mDrWEtQbsmnetzDbWahwhjqtMz6JGlYr6/V7ERXMWZWVIimCd2BTRvXbQMwz+Jk lKmH -----END CERTIFICATE-----Generated at Mon Oct 20 20:27:48 2025 by rpki-client