$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e7fd07c-40bf-4d7b-af7c-043c20c75a6d.roa File: 2e7fd07c-40bf-4d7b-af7c-043c20c75a6d.roa (raw, json) Hash identifier: x1GPBlfDt+udBlAvzxPuA1sJOhL0sMbqxjrO/FYbxK4= Subject key identifier: F5:32:B4:DC:9D:41:8D:09:0C:36:60:FF:A2:27:C0:E8:24:9F:58:87 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1E21BC9EED3F699175D9698B92319DAC589AA89E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e7fd07c-40bf-4d7b-af7c-043c20c75a6d.roa Signing time: Sat 11 Oct 2025 00:00:51 +0000 ROA not before: Sat 11 Oct 2025 00:00:51 +0000 ROA not after: Sat 15 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:40c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:21:bc:9e:ed:3f:69:91:75:d9:69:8b:92:31:9d:ac:58:9a:a8:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 11 00:00:51 2025 GMT Not After : Nov 15 23:59:59 2025 GMT Subject: serialNumber=171f069f8bf1644a389bd849dccc9d75b534b9f929e3a1a37d377d925a16f928, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:fa:38:e6:fe:67:95:8f:e3:35:2f:d1:ae:44: cc:bc:bd:13:85:78:b0:e3:7c:56:1d:70:4e:90:e4: 03:4c:d0:47:f1:9f:b4:5b:b0:a4:63:f8:3a:5f:51: c7:ad:2f:af:b0:79:c4:d5:0b:c9:35:76:73:2b:8c: 7d:65:2d:af:7d:b8:d5:f4:59:e1:65:c2:f3:30:53: db:6e:3d:a3:fc:2d:c4:06:34:1d:cc:69:aa:4b:41: 6f:0b:b7:6d:18:cc:43:bb:79:55:af:38:fc:6f:eb: f7:6f:8d:4e:38:64:70:05:7f:20:8e:44:f8:54:c9: 3b:8b:0d:f6:9a:f6:55:73:bf:01:79:82:57:83:e4: 2f:29:fd:d8:48:9e:d8:3f:f4:6c:52:5c:26:07:21: c9:dc:95:cb:dd:aa:81:aa:dd:e9:51:0a:13:9a:c7: 0e:3f:d9:0b:04:56:49:23:01:ee:8b:7b:e5:e8:8e: ff:11:fb:83:18:36:72:bb:3d:17:94:19:ca:b6:58: 1e:c0:d8:ad:05:12:a9:47:45:d9:1e:ee:fb:45:5a: c9:89:9a:7d:d7:2b:a1:3c:be:ef:3b:8b:25:46:5c: d6:9f:ee:94:b6:63:e7:27:17:4f:66:a8:c6:35:5e: 2b:b3:01:3f:af:d1:e7:a3:1c:cc:43:0f:e9:7e:da: 55:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:32:B4:DC:9D:41:8D:09:0C:36:60:FF:A2:27:C0:E8:24:9F:58:87 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e7fd07c-40bf-4d7b-af7c-043c20c75a6d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:40c0::/48 Signature Algorithm: sha256WithRSAEncryption a0:a1:99:a3:cf:8c:e1:4b:a5:10:90:4e:b7:21:24:d7:26:fb: 03:8b:a7:39:fd:07:13:2b:10:4f:2b:d9:21:48:fc:83:11:f2: 95:00:da:d2:4d:f9:fc:8b:b5:13:7e:bf:f0:fc:df:08:f4:16: 42:a0:bc:b6:ed:db:01:93:57:53:29:f1:9e:76:bf:3a:11:59: f4:bc:e6:7b:a9:73:81:b4:d6:28:ed:5e:d9:41:62:ef:41:ce: 3d:ec:3c:10:8f:23:12:ab:5d:bd:66:0e:2a:4d:62:86:f2:e0: 18:43:82:43:fe:9f:0f:74:9d:06:40:cf:36:2d:4c:b2:66:da: 0a:d1:78:a7:00:db:32:46:0e:5f:c9:bf:7c:2d:65:78:ed:5d: 4f:38:68:e5:6b:1b:59:33:f4:e4:4b:d8:a8:00:78:f1:9f:8a: 6f:36:07:47:06:2c:41:25:cd:77:a9:a5:85:4d:b7:0f:a0:61: c9:80:63:c2:89:05:43:47:4e:93:76:16:b9:f7:39:6e:28:e4: 4e:f1:c7:8c:9c:d2:4a:21:fc:67:c0:e7:cf:0b:1a:e8:a1:6c: d8:8d:7b:8d:1a:05:73:8a:b7:db:f1:d7:ab:f4:ef:2f:48:fd: db:cc:af:f3:37:39:08:60:b2:56:9f:03:96:15:c6:36:5a:23: 87:e8:48:99 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUHiG8nu0/aZF12WmLkjGdrFiaqJ4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMTAwMDA1MVoX DTI1MTExNTIzNTk1OVowejFJMEcGA1UEBRNAMTcxZjA2OWY4YmYxNjQ0YTM4OWJk ODQ5ZGNjYzlkNzViNTM0YjlmOTI5ZTNhMWEzN2QzNzdkOTI1YTE2ZjkyODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/o45v5nlY/jNS/RrkTMvL0ThXiw 43xWHXBOkOQDTNBH8Z+0W7CkY/g6X1HHrS+vsHnE1QvJNXZzK4x9ZS2vfbjV9Fnh ZcLzMFPbbj2j/C3EBjQdzGmqS0FvC7dtGMxDu3lVrzj8b+v3b41OOGRwBX8gjkT4 VMk7iw32mvZVc78BeYJXg+QvKf3YSJ7YP/RsUlwmByHJ3JXL3aqBqt3pUQoTmscO P9kLBFZJIwHui3vl6I7/EfuDGDZyuz0XlBnKtlgewNitBRKpR0XZHu77RVrJiZp9 1yuhPL7vO4slRlzWn+6UtmPnJxdPZqjGNV4rswE/r9HnoxzMQw/pftpV/QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPUytNydQY0JDDZg/6InwOgkn1iHMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJlN2ZkMDdjLTQwYmYtNGQ3Yi1hZjdjLTA0M2MyMGM3NWE2ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8kDAMA0GCSqGSIb3DQEBCwUAA4IBAQCgoZmjz4zhS6UQkE63 ISTXJvsDi6c5/QcTKxBPK9khSPyDEfKVANrSTfn8i7UTfr/w/N8I9BZCoLy27dsB k1dTKfGedr86EVn0vOZ7qXOBtNYo7V7ZQWLvQc497DwQjyMSq129Zg4qTWKG8uAY Q4JD/p8PdJ0GQM82LUyyZtoK0XinANsyRg5fyb98LWV47V1POGjlaxtZM/TkS9io AHjxn4pvNgdHBixBJc13qaWFTbcPoGHJgGPCiQVDR06Tdha59zluKORO8ceMnNJK IfxnwOfPCxrooWzYjXuNGgVzirfb8der9O8vSP3bzK/zNzkIYLJWnwOWFcY2WiOH 6EiZ -----END CERTIFICATE-----Generated at Mon Oct 20 15:02:55 2025 by rpki-client