$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3148069d-696b-400f-add6-d6a5c03e9c9e.roa File: 3148069d-696b-400f-add6-d6a5c03e9c9e.roa (raw, json) Hash identifier: XvSQcHuv/fy+1BaFq+m3g0ThwHUm+LkUmsDcFbDuOUI= Subject key identifier: 68:E9:CF:57:26:9E:9D:9F:5E:67:FC:65:58:DF:AF:F8:BC:55:B9:6F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 63A26E81F4EE2B47E98E0DFBA89BD33814F53498 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3148069d-696b-400f-add6-d6a5c03e9c9e.roa Signing time: Wed 15 Oct 2025 00:20:25 +0000 ROA not before: Wed 15 Oct 2025 00:20:25 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:4800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:a2:6e:81:f4:ee:2b:47:e9:8e:0d:fb:a8:9b:d3:38:14:f5:34:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:20:25 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=f1f71cf53dc23178a80385a3b87ce202ab67baf047312f4a37b4ce1b837300be, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:26:eb:a4:cc:08:d5:68:2e:ff:17:16:f6:c0: b6:a8:0a:37:8b:83:d9:a3:a0:1b:31:ac:eb:78:f5: cc:ec:33:98:2c:2c:0e:91:24:47:49:fd:8f:a6:ca: 01:cb:18:6d:94:fe:87:55:58:76:4c:78:0c:3d:a9: 38:55:a3:18:3f:aa:bd:f7:f9:1b:90:45:e5:7c:17: 54:68:b9:e3:06:b9:f6:db:33:26:5b:f6:92:bf:c7: 54:08:78:49:06:1d:af:77:75:35:0a:c9:2e:ba:8b: e8:46:00:28:c9:21:76:67:c5:fc:e3:07:55:2f:c6: 2a:9e:40:0e:0f:50:5b:cb:c0:5e:09:1a:37:18:1c: 85:55:f7:e9:ab:ed:dc:48:dd:18:7a:89:f6:55:fd: 3d:c4:0f:82:d8:e1:01:4d:c1:98:e9:79:db:8a:13: ec:e6:9c:72:49:65:1a:b5:1e:31:f2:18:53:8a:38: 5a:c5:a0:d2:e8:54:2f:6d:12:ba:26:ab:cb:c1:39: 18:0b:e2:5b:cc:0d:4f:77:91:e5:91:ab:46:93:93: 5d:fa:13:1b:10:41:9c:f8:5a:b9:c1:e5:af:a3:64: 2d:a7:32:63:ed:ea:5b:32:5b:12:cb:de:c4:97:da: ec:b4:3c:c6:52:05:02:3d:75:1e:a5:eb:8d:05:73: f5:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:E9:CF:57:26:9E:9D:9F:5E:67:FC:65:58:DF:AF:F8:BC:55:B9:6F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3148069d-696b-400f-add6-d6a5c03e9c9e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:4800::/40 Signature Algorithm: sha256WithRSAEncryption 4f:d0:4a:d3:b8:b7:c2:c8:44:4c:99:7f:3c:db:b9:86:58:b3: 75:29:f7:5c:22:75:81:a5:0e:57:f1:79:6a:89:f0:0c:08:67: 6a:eb:fa:ed:7a:72:9d:aa:2b:ef:35:2c:66:71:ab:75:d2:99: 3d:5d:2a:d7:39:0d:59:4e:df:f0:e2:0b:87:78:b9:73:5c:de: 7d:cc:c9:f3:dc:d7:26:8b:7e:70:5f:a4:28:f5:91:49:21:69: 49:84:5e:eb:6d:a7:34:43:71:6a:69:5a:04:eb:93:5a:5b:80: 7d:ff:cd:4f:a8:7e:45:51:55:37:98:9a:8b:be:69:e1:11:d6: 0f:c3:96:ca:8d:14:36:f4:8f:77:6e:c5:54:fe:53:d7:3f:da: 2c:64:fd:08:e0:c8:13:60:8f:92:e5:4b:08:af:88:d9:a2:c3: ad:c5:51:bc:cf:79:1f:b1:06:f1:0e:77:f0:14:37:95:c5:95: 63:1f:49:6f:8c:80:11:eb:e1:10:32:a2:d1:06:40:d4:25:41: aa:ab:51:fa:41:51:a2:97:9a:f1:38:9e:09:fa:9b:af:8a:55: d9:5b:82:da:16:fa:66:5b:86:26:01:7b:3a:5b:e9:e6:72:cd: a6:57:f5:36:72:98:07:cd:95:95:22:63:4f:e8:78:6e:4f:77: 43:23:da:dd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUY6JugfTuK0fpjg37qJvTOBT1NJgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwMjAyNVoX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNAZjFmNzFjZjUzZGMyMzE3OGE4MDM4 NWEzYjg3Y2UyMDJhYjY3YmFmMDQ3MzEyZjRhMzdiNGNlMWI4MzczMDBiZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSbrpMwI1Wgu/xcW9sC2qAo3i4PZ o6AbMazrePXM7DOYLCwOkSRHSf2PpsoByxhtlP6HVVh2THgMPak4VaMYP6q99/kb kEXlfBdUaLnjBrn22zMmW/aSv8dUCHhJBh2vd3U1CskuuovoRgAoySF2Z8X84wdV L8YqnkAOD1Bby8BeCRo3GByFVffpq+3cSN0Yeon2Vf09xA+C2OEBTcGY6XnbihPs 5pxySWUatR4x8hhTijhaxaDS6FQvbRK6JqvLwTkYC+JbzA1Pd5HlkatGk5Nd+hMb EEGc+Fq5weWvo2QtpzJj7epbMlsSy97El9rstDzGUgUCPXUepeuNBXP10QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGjpz1cmnp2fXmf8ZVjfr/i8VblvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMxNDgwNjlkLTY5NmItNDAwZi1hZGQ2LWQ2YTVjMDNlOWM5ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauEgwDQYJKoZIhvcNAQELBQADggEBAE/QStO4t8LIREyZfzzb uYZYs3Up91widYGlDlfxeWqJ8AwIZ2rr+u16cp2qK+81LGZxq3XSmT1dKtc5DVlO 3/DiC4d4uXNc3n3MyfPc1yaLfnBfpCj1kUkhaUmEXuttpzRDcWppWgTrk1pbgH3/ zU+ofkVRVTeYmou+aeER1g/DlsqNFDb0j3duxVT+U9c/2ixk/QjgyBNgj5LlSwiv iNmiw63FUbzPeR+xBvEOd/AUN5XFlWMfSW+MgBHr4RAyotEGQNQlQaqrUfpBUaKX mvE4ngn6m6+KVdlbgtoW+mZbhiYBezpb6eZyzaZX9TZymAfNlZUiY0/oeG5Pd0Mj 2t0= -----END CERTIFICATE-----Generated at Mon Oct 20 07:21:07 2025 by rpki-client