$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/20b65f51-27cd-433b-bcd7-610d4a586128.roa File: 20b65f51-27cd-433b-bcd7-610d4a586128.roa (raw, json) Hash identifier: O5HBkZRe956s8BjSHr2757hgGCmmCqvu9RjoWx9VFVs= Subject key identifier: 04:A6:4F:B7:7B:4C:E6:88:4B:4B:FA:A0:EA:A8:25:C4:58:7C:85:4A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 719D390CB3B20DB94C634757B4785AB2AF988151 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/20b65f51-27cd-433b-bcd7-610d4a586128.roa Signing time: Wed 15 Oct 2025 00:40:08 +0000 ROA not before: Wed 15 Oct 2025 00:40:08 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da17::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:9d:39:0c:b3:b2:0d:b9:4c:63:47:57:b4:78:5a:b2:af:98:81:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:40:08 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=453046c2f54fddf6f899d3f3cac546abca7c6d7719fc5a9af6892639bce463fd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:39:ea:54:ea:08:3b:79:1c:76:fb:18:c1:39: 82:73:91:1b:19:d0:7a:2f:a9:f7:24:92:30:92:49: e8:15:d8:05:6f:c4:b5:b1:ca:43:f2:af:a7:6b:18: f2:06:99:df:5d:4f:9b:f6:ed:d6:13:dd:d3:ea:45: de:12:aa:e6:85:28:1b:64:38:09:41:34:23:a1:b7: 35:94:67:4e:09:e4:35:7e:95:62:97:ad:6c:05:00: 8b:99:55:67:f9:7a:4b:51:50:04:0d:a7:13:c2:c2: 48:8f:b2:01:e5:23:16:2e:24:16:d6:e7:d8:f6:fd: 86:61:04:fa:56:63:13:ad:d8:cf:09:f6:ef:29:1b: 10:43:6d:d0:94:55:17:66:92:dc:d3:c5:4b:28:a0: 86:33:95:ad:f0:29:a4:78:f4:01:37:98:bb:9d:c5: d0:09:92:f0:97:d2:0e:20:f7:eb:f0:91:5e:8b:54: e2:0e:c2:27:7b:1a:06:6c:c1:9c:10:7d:da:4b:6c: c8:e3:86:8a:0a:60:0d:6a:2f:8b:33:98:ba:c1:14: f3:6f:6c:82:bd:86:74:43:4c:c2:31:6e:de:b1:c1: cb:20:fc:ec:ed:73:12:d6:03:bb:03:53:64:39:07: b2:99:1d:fa:a7:ce:51:9b:26:8d:96:01:c5:13:e6: 6a:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:A6:4F:B7:7B:4C:E6:88:4B:4B:FA:A0:EA:A8:25:C4:58:7C:85:4A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/20b65f51-27cd-433b-bcd7-610d4a586128.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da17::/38 Signature Algorithm: sha256WithRSAEncryption 5c:d5:e3:18:a1:3b:37:4a:80:bc:f0:ff:dd:96:2c:bf:75:35: 92:71:68:38:f2:2a:fa:67:70:60:ee:36:e2:6a:ef:98:8e:16: 44:c6:4a:41:b1:b1:31:31:39:86:0f:09:33:9a:ae:05:64:c0: d9:43:08:83:26:d9:93:ea:40:31:be:b3:68:15:a4:a4:54:7b: c6:e9:81:6a:58:ff:28:4e:47:39:ec:ad:aa:71:51:eb:86:46: 6f:85:1a:18:04:05:6c:34:89:32:5f:8c:c9:b0:d7:a7:bd:44: 39:63:00:7f:5f:be:99:ed:09:f9:46:c2:ce:88:9f:2c:26:d0: 9d:1f:4d:a0:77:1c:01:4d:b8:f7:b0:0b:45:78:da:ac:66:27: 97:8c:75:58:ad:a5:b0:96:f6:f5:48:27:f0:9e:bf:5f:da:e5: c3:0e:22:23:57:7e:a4:7f:07:f4:1c:8b:1e:b9:ef:13:9d:b7: 24:ef:47:c4:7c:76:2a:26:3c:17:13:11:0b:70:f1:28:c5:63: 1b:38:7b:d3:a7:b5:5c:cd:bd:bf:8d:be:50:7d:5b:c8:17:28: 0a:6e:9d:39:b4:51:a8:18:0c:af:f1:3f:bd:a7:99:54:c3:1f: 65:ba:c0:6e:b4:f2:52:dc:14:9a:17:e1:46:0b:b2:f2:a2:09: 9a:7e:bd:fa -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcZ05DLOyDblMY0dXtHhasq+YgVEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwNDAwOFoX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNANDUzMDQ2YzJmNTRmZGRmNmY4OTlk M2YzY2FjNTQ2YWJjYTdjNmQ3NzE5ZmM1YTlhZjY4OTI2MzliY2U0NjNmZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDnqVOoIO3kcdvsYwTmCc5EbGdB6 L6n3JJIwkknoFdgFb8S1scpD8q+naxjyBpnfXU+b9u3WE93T6kXeEqrmhSgbZDgJ QTQjobc1lGdOCeQ1fpVil61sBQCLmVVn+XpLUVAEDacTwsJIj7IB5SMWLiQW1ufY 9v2GYQT6VmMTrdjPCfbvKRsQQ23QlFUXZpLc08VLKKCGM5Wt8CmkePQBN5i7ncXQ CZLwl9IOIPfr8JFei1TiDsInexoGbMGcEH3aS2zI44aKCmANai+LM5i6wRTzb2yC vYZ0Q0zCMW7escHLIPzs7XMS1gO7A1NkOQeymR36p85RmyaNlgHFE+ZqEwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFASmT7d7TOaIS0v6oOqoJcRYfIVKMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzIwYjY1ZjUxLTI3Y2QtNDMzYi1iY2Q3LTYxMGQ0YTU4NjEyOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaFwAwDQYJKoZIhvcNAQELBQADggEBAFzV4xihOzdKgLzw/92W LL91NZJxaDjyKvpncGDuNuJq75iOFkTGSkGxsTExOYYPCTOargVkwNlDCIMm2ZPq QDG+s2gVpKRUe8bpgWpY/yhORznsrapxUeuGRm+FGhgEBWw0iTJfjMmw16e9RDlj AH9fvpntCflGws6Inywm0J0fTaB3HAFNuPewC0V42qxmJ5eMdVitpbCW9vVIJ/Ce v1/a5cMOIiNXfqR/B/Qcix657xOdtyTvR8R8diomPBcTEQtw8SjFYxs4e9OntVzN vb+NvlB9W8gXKApunTm0UagYDK/xP72nmVTDH2W6wG608lLcFJoX4UYLsvKiCZp+ vfo= -----END CERTIFICATE-----Generated at Mon Oct 20 22:46:30 2025 by rpki-client