$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24e2e024-4bd3-4f6b-874c-0ef7a4cbebc1.roa File: 24e2e024-4bd3-4f6b-874c-0ef7a4cbebc1.roa (raw, json) Hash identifier: ipSjBVWmS1CZSqrbrYtuB3cYEE8+4HwhZKiODwRuHxU= Subject key identifier: 15:AD:2B:95:B8:81:B0:C7:EE:31:FA:FA:DE:50:BD:8B:3E:FB:2B:36 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2E74637A7ACC5DBA40DEE41C2EE0305508FB550F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24e2e024-4bd3-4f6b-874c-0ef7a4cbebc1.roa Signing time: Fri 10 Oct 2025 00:00:55 +0000 ROA not before: Fri 10 Oct 2025 00:00:55 +0000 ROA not after: Fri 14 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:e000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:74:63:7a:7a:cc:5d:ba:40:de:e4:1c:2e:e0:30:55:08:fb:55:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 10 00:00:55 2025 GMT Not After : Nov 14 23:59:59 2025 GMT Subject: serialNumber=be42b59012dd0a279cb5cf15450b276d1317bf5699225cdcf73bd2eb51cd6db2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:44:8a:eb:a4:87:85:3a:ed:99:ad:49:7a:9d: 5b:67:11:de:fc:e4:e0:ab:41:db:ae:8b:44:84:40: 4c:ab:fb:e9:19:5f:e1:1d:e8:f6:0f:fc:ed:6f:8b: 4b:ad:2a:95:be:b4:e8:07:fc:72:de:d1:02:f9:a5: d0:a5:1d:42:3b:b8:83:34:54:a1:5f:2b:9a:d3:4a: 18:25:8d:1a:70:63:6f:b9:c5:9b:ea:ed:74:6d:48: 47:26:51:a0:54:5b:3f:ad:cc:41:13:77:ea:6a:ae: 5c:7a:09:bf:78:50:ef:56:53:f7:13:52:1f:bc:95: 05:d0:4a:a9:5e:45:aa:ed:94:32:cb:7d:80:b2:a3: 3d:47:05:c4:ef:1a:4a:40:96:39:8d:b7:0d:e6:7f: f8:ec:d3:ad:4d:31:8e:4f:0d:0c:70:a1:2c:64:0e: 35:c1:3e:87:de:36:be:e9:ba:bf:b8:0c:f3:19:07: f1:97:c1:d2:91:0c:42:70:0e:21:5e:c5:36:08:d2: ec:93:4c:59:19:c2:0f:c1:2c:4a:b3:83:99:90:28: d4:1c:47:80:d7:a3:32:d8:f8:06:63:d5:62:da:bb: 20:58:5d:af:6a:6a:ed:fa:a4:f1:af:5b:b6:d2:f9: e9:4b:c7:04:cd:fc:bf:b6:21:55:4f:df:6a:63:40: 05:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:AD:2B:95:B8:81:B0:C7:EE:31:FA:FA:DE:50:BD:8B:3E:FB:2B:36 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24e2e024-4bd3-4f6b-874c-0ef7a4cbebc1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:e000::/48 Signature Algorithm: sha256WithRSAEncryption 4b:bd:68:a5:74:68:7b:46:f2:22:22:e2:f8:c7:3f:08:1b:c0: b3:d5:d3:90:e4:e4:98:13:2b:2c:b3:5f:bd:91:7a:5b:86:42: 2f:dd:03:11:3e:4f:0b:61:e8:03:dc:82:45:2f:f4:5a:f1:68: 8f:66:ed:dc:ec:59:af:ad:78:ab:e4:d2:94:db:68:72:83:82: 06:46:32:cd:2d:d3:33:80:f1:19:ee:98:45:03:c1:d1:e2:97: 47:ac:98:4b:9d:0d:96:1a:e0:29:45:c1:d8:96:80:98:c4:47: 45:38:f2:74:8f:76:98:27:df:4a:83:41:6b:ca:aa:d1:91:7a: cf:00:fd:8d:03:97:d6:d5:4e:47:8f:9f:93:c7:8b:f4:7d:ae: a6:af:dd:ad:a5:fd:bb:c0:99:af:5b:91:d8:c1:19:f0:57:31: 37:d8:24:24:46:e2:0c:72:ba:d8:e5:f2:7d:12:20:ba:f2:b4: 6d:0c:62:f9:89:f6:ab:d1:dd:6a:a8:ef:88:6e:8c:44:31:2e: 24:82:a5:cd:3e:03:44:af:16:9c:f9:71:48:0c:c3:a7:eb:07: 32:be:7b:d4:86:c5:41:35:fc:c4:a0:ce:26:20:09:56:6a:8b: fb:2e:e7:f3:a4:d0:6a:ad:c9:f5:01:36:02:12:5d:4c:e1:de: d7:a5:ee:ab -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIULnRjenrMXbpA3uQcLuAwVQj7VQ8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMDAwMDA1NVoX DTI1MTExNDIzNTk1OVowejFJMEcGA1UEBRNAYmU0MmI1OTAxMmRkMGEyNzljYjVj ZjE1NDUwYjI3NmQxMzE3YmY1Njk5MjI1Y2RjZjczYmQyZWI1MWNkNmRiMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0SK66SHhTrtma1Jep1bZxHe/OTg q0HbrotEhEBMq/vpGV/hHej2D/ztb4tLrSqVvrToB/xy3tEC+aXQpR1CO7iDNFSh Xyua00oYJY0acGNvucWb6u10bUhHJlGgVFs/rcxBE3fqaq5cegm/eFDvVlP3E1If vJUF0EqpXkWq7ZQyy32AsqM9RwXE7xpKQJY5jbcN5n/47NOtTTGOTw0McKEsZA41 wT6H3ja+6bq/uAzzGQfxl8HSkQxCcA4hXsU2CNLsk0xZGcIPwSxKs4OZkCjUHEeA 16My2PgGY9Vi2rsgWF2vamrt+qTxr1u20vnpS8cEzfy/tiFVT99qY0AFSwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBWtK5W4gbDH7jH6+t5QvYs++ys2MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI0ZTJlMDI0LTRiZDMtNGY2Yi04NzRjLTBlZjdhNGNiZWJjMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9uAAMA0GCSqGSIb3DQEBCwUAA4IBAQBLvWildGh7RvIiIuL4 xz8IG8Cz1dOQ5OSYEysss1+9kXpbhkIv3QMRPk8LYegD3IJFL/Ra8WiPZu3c7Fmv rXir5NKU22hyg4IGRjLNLdMzgPEZ7phFA8HR4pdHrJhLnQ2WGuApRcHYloCYxEdF OPJ0j3aYJ99Kg0FryqrRkXrPAP2NA5fW1U5Hj5+Tx4v0fa6mr92tpf27wJmvW5HY wRnwVzE32CQkRuIMcrrY5fJ9EiC68rRtDGL5ifar0d1qqO+IboxEMS4kgqXNPgNE rxac+XFIDMOn6wcyvnvUhsVBNfzEoM4mIAlWaov7LufzpNBqrcn1ATYCEl1M4d7X pe6r -----END CERTIFICATE-----Generated at Mon Oct 20 09:51:33 2025 by rpki-client