$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2bdabc97-6399-477a-86ce-84cce7a29944.roa File: 2bdabc97-6399-477a-86ce-84cce7a29944.roa (raw, json) Hash identifier: Csy0v1tdOsMG/h9dcQfoprow0PlXwGTNIMCG8hWQ9Hw= Subject key identifier: FD:42:70:96:79:57:C1:DA:23:B5:0F:4F:5B:BA:CC:BE:6C:00:5A:4D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5619562593AFB36C1192EC66AE2708FB0629822B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2bdabc97-6399-477a-86ce-84cce7a29944.roa Signing time: Mon 13 Oct 2025 15:10:29 +0000 ROA not before: Mon 13 Oct 2025 15:10:29 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:60c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:19:56:25:93:af:b3:6c:11:92:ec:66:ae:27:08:fb:06:29:82:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:10:29 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=1077e056ed54f0b45cb84268697d8d4178302d1da70716f3e932fbcdd88942fb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:d3:eb:1a:6f:fc:1e:cd:f5:9a:f3:b4:28:5a: cc:ae:4c:ad:03:d6:7f:4e:34:4c:6b:02:d5:32:e6: 7a:1b:8f:a1:cb:9b:11:12:af:74:7a:45:29:26:bb: b7:f4:e7:0f:ba:68:66:e5:3d:8e:72:da:55:e3:4f: 02:94:c0:92:20:4c:5d:b5:33:57:ae:5f:87:c3:5d: 32:de:18:a2:bf:c5:af:6b:c0:e3:0f:da:d1:cc:99: 0b:db:63:a7:02:5f:53:9a:53:2b:57:3b:b0:9a:02: ee:32:e6:b7:8c:06:ec:54:ae:92:93:a5:5f:4f:f1: fa:cd:ec:c3:03:54:94:d4:c6:8b:c0:48:e2:bc:07: 12:22:2c:58:36:d2:ff:f8:85:f2:d9:a1:36:6a:e1: a8:be:fb:f5:1a:09:af:d8:1b:0e:56:d4:fa:86:0e: 0b:9b:ef:94:75:57:07:7c:7d:12:72:70:4c:ca:14: 60:eb:5f:d8:d3:19:31:55:54:36:e2:0b:66:da:2a: f1:c1:2b:25:1d:73:65:c0:a8:fd:53:5a:0b:31:06: b2:7f:dc:8e:3e:36:36:f3:12:07:07:9b:66:45:98: 1c:5f:85:48:31:7d:79:ba:c5:ad:b6:66:bd:fc:ca: 15:1a:db:cf:b8:18:33:c1:89:d2:d7:ef:72:43:51: f8:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:42:70:96:79:57:C1:DA:23:B5:0F:4F:5B:BA:CC:BE:6C:00:5A:4D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2bdabc97-6399-477a-86ce-84cce7a29944.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:60c0::/48 Signature Algorithm: sha256WithRSAEncryption 77:c2:c8:c6:44:0b:62:16:a3:e1:09:59:b9:2f:0c:2e:d6:dc: 97:69:cf:83:58:f7:1c:40:c3:f9:af:7b:4d:23:ae:cf:dc:45: ea:71:5e:8a:e8:37:cd:7d:2b:aa:0a:15:3b:11:76:47:75:b3: a4:83:00:b9:a2:e9:0e:e8:15:8e:37:37:04:3f:53:21:d7:54: 0d:69:d0:02:78:f3:42:75:4e:fe:35:3b:f7:3b:52:d6:83:3a: 18:43:aa:7e:04:4f:1e:01:81:2f:b8:eb:2a:f0:81:f6:4c:a9: ed:82:11:f0:a2:60:71:07:79:73:95:4b:4e:80:2d:1d:e9:9c: 08:27:d9:8d:2e:15:a9:7b:ad:4e:ea:0e:87:47:77:18:77:0a: aa:e9:99:fb:90:ed:23:c4:e4:ce:8a:3d:d7:6b:55:c3:54:d7: 2f:95:8c:2e:da:e8:c1:e5:3b:df:48:de:46:1f:d0:43:c7:c8: a6:e6:20:9c:92:f6:ad:62:ee:f1:4d:01:ad:d9:a8:34:8d:64: 20:2f:fa:4b:e2:a8:ec:67:0b:5d:77:13:09:db:30:af:65:9e: fc:8c:d1:71:cc:d4:f6:2a:46:af:d6:78:6a:28:9a:6b:73:d8: 3e:18:1e:8f:97:72:04:84:c8:6b:ca:90:0c:77:c7:39:d2:2a: 9b:f7:f2:a6 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUVhlWJZOvs2wRkuxmricI+wYpgiswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1MTAyOVoX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNAMTA3N2UwNTZlZDU0ZjBiNDVjYjg0 MjY4Njk3ZDhkNDE3ODMwMmQxZGE3MDcxNmYzZTkzMmZiY2RkODg5NDJmYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NPrGm/8Hs31mvO0KFrMrkytA9Z/ TjRMawLVMuZ6G4+hy5sREq90ekUpJru39OcPumhm5T2OctpV408ClMCSIExdtTNX rl+Hw10y3hiiv8Wva8DjD9rRzJkL22OnAl9TmlMrVzuwmgLuMua3jAbsVK6Sk6Vf T/H6zezDA1SU1MaLwEjivAcSIixYNtL/+IXy2aE2auGovvv1Ggmv2BsOVtT6hg4L m++UdVcHfH0ScnBMyhRg61/Y0xkxVVQ24gtm2irxwSslHXNlwKj9U1oLMQayf9yO PjY28xIHB5tmRZgcX4VIMX15usWttma9/MoVGtvPuBgzwYnS1+9yQ1H4ZwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFP1CcJZ5V8HaI7UPT1u6zL5sAFpNMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJiZGFiYzk3LTYzOTktNDc3YS04NmNlLTg0Y2NlN2EyOTk0NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/2DAMA0GCSqGSIb3DQEBCwUAA4IBAQB3wsjGRAtiFqPhCVm5 Lwwu1tyXac+DWPccQMP5r3tNI67P3EXqcV6K6DfNfSuqChU7EXZHdbOkgwC5oukO 6BWONzcEP1Mh11QNadACePNCdU7+NTv3O1LWgzoYQ6p+BE8eAYEvuOsq8IH2TKnt ghHwomBxB3lzlUtOgC0d6ZwIJ9mNLhWpe61O6g6HR3cYdwqq6Zn7kO0jxOTOij3X a1XDVNcvlYwu2ujB5TvfSN5GH9BDx8im5iCckvatYu7xTQGt2ag0jWQgL/pL4qjs ZwtddxMJ2zCvZZ78jNFxzNT2Kkav1nhqKJprc9g+GB6Pl3IEhMhrypAMd8c50iqb 9/Km -----END CERTIFICATE-----Generated at Mon Oct 20 13:10:44 2025 by rpki-client