$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2f722ed1-c2d3-4f34-93db-f2625e7e189a.roa File: 2f722ed1-c2d3-4f34-93db-f2625e7e189a.roa (raw, json) Hash identifier: m5mp9hxkGHTNCdXCE9i3gNSUPMqqVY9FT9VIV4axrOg= Subject key identifier: 73:59:3B:8C:3A:4D:E8:69:24:5F:F6:39:72:9F:E8:31:7F:BE:F9:77 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 60F29693862F87E67BF230D26F06E7EB2F6EF4C9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2f722ed1-c2d3-4f34-93db-f2625e7e189a.roa Signing time: Mon 13 Oct 2025 15:20:03 +0000 ROA not before: Mon 13 Oct 2025 15:20:03 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:b040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:f2:96:93:86:2f:87:e6:7b:f2:30:d2:6f:06:e7:eb:2f:6e:f4:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:20:03 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=ec334fdcbb51742df6e406e9439071964ab158204a63736f76923b15eacf16e8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:fe:2c:52:23:13:86:3d:c7:fd:a1:50:4f:19: a3:41:b8:ed:62:29:3c:36:de:f2:f3:bf:30:0b:3f: 17:73:80:dd:3b:df:97:9b:55:2e:7d:6a:7c:82:a6: df:a3:5e:f6:cd:4d:1d:d6:85:cf:6e:23:de:08:a8: d0:86:e1:a4:85:1c:fd:eb:dc:e6:a5:6a:b6:79:aa: 33:fe:de:67:65:64:8b:16:15:c5:01:94:67:3e:21: 20:95:8f:b5:60:6d:bc:23:a0:5c:8e:c0:99:da:8f: 7a:9a:80:7a:8f:db:2c:81:73:b2:30:ce:ee:20:9f: b8:40:83:99:d8:6a:0a:7c:c3:19:20:2b:ca:72:90: 5a:53:9f:75:84:02:34:ab:f9:38:27:2e:71:21:82: 62:41:d0:7d:09:01:10:f7:bd:28:e6:ab:57:38:c4: d6:ef:06:6f:1b:0b:23:1d:07:31:ee:5f:27:51:67: 80:59:91:af:e4:b0:14:8c:67:b0:19:98:d8:36:a6: 28:8c:10:b4:bb:af:c0:c9:eb:c8:7a:b1:3b:29:c2: d6:f6:3b:6c:8a:19:05:ef:05:87:24:7a:8f:86:d5: 02:4b:36:03:e6:fa:d0:7a:27:8b:6e:85:98:08:34: 01:00:9f:ef:b7:d3:ff:61:88:31:b2:ce:aa:ca:e2: ad:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:59:3B:8C:3A:4D:E8:69:24:5F:F6:39:72:9F:E8:31:7F:BE:F9:77 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2f722ed1-c2d3-4f34-93db-f2625e7e189a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:b040::/48 Signature Algorithm: sha256WithRSAEncryption 53:fd:b0:98:e3:bf:42:d9:9a:72:7c:06:da:5a:56:28:9d:db: 91:2b:f4:b8:6c:d2:d7:8a:e3:7c:3a:f7:c9:39:35:e7:bf:23: 16:64:71:0c:f4:59:2a:88:6b:61:7e:52:2e:93:69:9f:12:86: dc:9b:7b:f1:d0:3a:cf:47:39:02:e8:af:f5:ac:15:26:1a:6a: c0:0b:a2:46:17:93:30:10:56:40:9e:46:88:d5:60:4e:86:d8: 4c:5d:2d:ff:ab:20:50:d4:22:b6:32:6f:46:3a:48:b8:f5:6a: 4b:b1:27:77:36:0c:f2:4f:3b:ec:90:7c:91:95:1d:7f:07:eb: 47:20:e9:49:28:a6:ec:6c:a2:75:c5:a1:a1:73:72:b6:36:a9: 94:d4:5d:9d:4d:4a:1f:bc:92:a2:0b:0e:37:f6:00:ac:f8:61: d7:02:26:d1:a1:b7:d8:9a:eb:73:13:95:a5:ef:12:88:39:40: 94:dd:69:bb:b4:6b:98:9f:ce:25:af:f8:e5:44:58:93:e7:ee: 3d:70:a7:87:49:95:ed:98:44:9b:fd:15:4b:6c:00:f0:6a:84: 61:26:29:33:86:3c:16:f7:42:6b:ea:08:a1:6a:d0:a9:f0:c9: 7e:cb:ec:73:9c:49:7c:fa:e4:8a:8e:15:bb:51:70:da:61:b1: 44:6d:45:5c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYPKWk4Yvh+Z78jDSbwbn6y9u9MkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1MjAwM1oX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNAZWMzMzRmZGNiYjUxNzQyZGY2ZTQw NmU5NDM5MDcxOTY0YWIxNTgyMDRhNjM3MzZmNzY5MjNiMTVlYWNmMTZlODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyv4sUiMThj3H/aFQTxmjQbjtYik8 Nt7y878wCz8Xc4DdO9+Xm1UufWp8gqbfo172zU0d1oXPbiPeCKjQhuGkhRz969zm pWq2eaoz/t5nZWSLFhXFAZRnPiEglY+1YG28I6BcjsCZ2o96moB6j9ssgXOyMM7u IJ+4QIOZ2GoKfMMZICvKcpBaU591hAI0q/k4Jy5xIYJiQdB9CQEQ970o5qtXOMTW 7wZvGwsjHQcx7l8nUWeAWZGv5LAUjGewGZjYNqYojBC0u6/AyevIerE7KcLW9jts ihkF7wWHJHqPhtUCSzYD5vrQeieLboWYCDQBAJ/vt9P/YYgxss6qyuKtoQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHNZO4w6TehpJF/2OXKf6DF/vvl3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJmNzIyZWQxLWMyZDMtNGYzNC05M2RiLWYyNjI1ZTdlMTg5YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8rBAMA0GCSqGSIb3DQEBCwUAA4IBAQBT/bCY479C2ZpyfAba WlYonduRK/S4bNLXiuN8OvfJOTXnvyMWZHEM9FkqiGthflIuk2mfEobcm3vx0DrP RzkC6K/1rBUmGmrAC6JGF5MwEFZAnkaI1WBOhthMXS3/qyBQ1CK2Mm9GOki49WpL sSd3NgzyTzvskHyRlR1/B+tHIOlJKKbsbKJ1xaGhc3K2NqmU1F2dTUofvJKiCw43 9gCs+GHXAibRobfYmutzE5Wl7xKIOUCU3Wm7tGuYn84lr/jlRFiT5+49cKeHSZXt mESb/RVLbADwaoRhJikzhjwW90Jr6gihatCp8Ml+y+xznEl8+uSKjhW7UXDaYbFE bUVc -----END CERTIFICATE-----Generated at Mon Oct 20 07:19:09 2025 by rpki-client