$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/328cea91-878c-4f36-ad16-29b649a79487.roa File: 328cea91-878c-4f36-ad16-29b649a79487.roa (raw, json) Hash identifier: k3jfrJy8z/0+7w/gT9wsmDdx5jqVsziegbQIYYQAqAQ= Subject key identifier: 93:87:E2:17:BE:B4:74:25:8E:6E:4F:7B:00:AC:0E:A7:6B:B2:B9:73 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1BAC772E6A5208FDF67CD3B17C23C70AA1F44C1D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/328cea91-878c-4f36-ad16-29b649a79487.roa Signing time: Tue 14 Oct 2025 00:10:29 +0000 ROA not before: Tue 14 Oct 2025 00:10:29 +0000 ROA not after: Tue 18 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:c8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:ac:77:2e:6a:52:08:fd:f6:7c:d3:b1:7c:23:c7:0a:a1:f4:4c:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 14 00:10:29 2025 GMT Not After : Nov 18 23:59:59 2025 GMT Subject: serialNumber=c9282521c6ac0f39a1b5713a870eefa977ecce376847a5dfc35f882d6f02d14c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:5e:1d:85:2e:6a:c2:40:da:7e:34:17:ba:4f: 00:26:91:0b:f6:9e:99:fe:97:37:19:c7:f0:30:e0: a7:b9:96:84:45:74:2b:bb:23:8f:be:01:04:89:ad: ab:27:fd:88:5a:61:27:94:2d:ce:3c:07:dd:5d:e5: 8c:0a:7b:c6:1a:a8:80:b7:4a:4a:be:7e:88:d8:c8: c1:e8:43:5e:a0:43:5c:70:40:4e:ec:2e:13:58:26: 9f:ca:6a:85:17:47:30:0f:92:42:d1:d4:ca:28:ec: cd:3f:37:2d:f9:ac:95:ac:ba:f4:b4:0d:3c:21:49: 54:ca:83:68:69:40:7d:0d:c5:f4:9f:4c:01:0e:43: 23:6e:1b:f6:a5:07:67:40:37:9b:55:35:df:d5:42: f0:b2:a8:3e:6b:15:cb:44:ce:da:c7:0f:0f:23:77: 97:61:8a:ce:80:5e:9c:20:6d:75:fc:e8:c0:52:bb: e9:9e:de:9b:a0:7d:13:29:26:fc:3e:b6:09:41:0b: 85:c9:00:81:25:e2:3f:27:62:5c:a4:02:a5:44:c5: 45:32:71:57:0d:d3:2c:4a:59:8d:ec:a4:14:db:f3: ac:e8:28:be:4b:b2:e7:36:b9:90:60:65:dd:d0:27: da:bc:73:e6:ac:e5:fb:0b:8d:47:b4:20:85:e3:8e: ed:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:87:E2:17:BE:B4:74:25:8E:6E:4F:7B:00:AC:0E:A7:6B:B2:B9:73 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/328cea91-878c-4f36-ad16-29b649a79487.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:c8c0::/48 Signature Algorithm: sha256WithRSAEncryption 3e:46:cf:68:27:80:38:8b:ab:e7:aa:a6:20:40:ec:8d:e6:fe: 6f:38:ac:34:67:a4:8d:ff:d5:50:e9:01:dd:53:4c:df:26:35: e0:51:e2:7e:bb:74:95:e4:0d:1b:c6:ba:0c:6b:50:fc:14:03: fe:ae:82:f6:7e:91:54:cc:82:d3:64:f2:38:41:a8:3d:a2:db: b8:bc:b7:a2:b6:df:41:ef:e9:67:c8:d0:fc:d5:f4:24:a9:10: 12:c3:26:b2:b2:54:79:c6:f6:66:72:2c:09:94:10:e3:7f:71: 29:05:06:77:2d:77:39:95:f6:7c:10:91:9a:74:2e:37:9a:e8: c5:7c:6b:50:f0:7d:a1:c8:b1:01:5e:5b:1a:6c:43:80:29:66: b5:0a:e4:ba:59:8b:2c:d4:fc:f4:8c:52:fd:58:c3:ff:27:07: 7f:a0:bf:da:72:61:b1:92:f4:ee:3b:72:2e:79:5a:53:66:72: f0:04:ed:b9:7e:c4:ac:98:b9:2c:f5:98:f0:fe:e5:43:59:5f: 6e:ad:44:2b:6c:fe:0f:e1:8c:11:60:18:1e:fb:1f:d9:db:52: a5:cd:2a:00:13:9d:03:42:6c:97:f1:b0:57:51:05:8c:1c:60: da:51:d2:d3:b1:99:0d:a1:c8:6e:94:75:3c:e8:23:bf:79:cb: 8b:9a:aa:77 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUG6x3LmpSCP32fNOxfCPHCqH0TB0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNDAwMTAyOVoX DTI1MTExODIzNTk1OVowejFJMEcGA1UEBRNAYzkyODI1MjFjNmFjMGYzOWExYjU3 MTNhODcwZWVmYTk3N2VjY2UzNzY4NDdhNWRmYzM1Zjg4MmQ2ZjAyZDE0YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtF4dhS5qwkDafjQXuk8AJpEL9p6Z /pc3GcfwMOCnuZaERXQruyOPvgEEia2rJ/2IWmEnlC3OPAfdXeWMCnvGGqiAt0pK vn6I2MjB6ENeoENccEBO7C4TWCafymqFF0cwD5JC0dTKKOzNPzct+ayVrLr0tA08 IUlUyoNoaUB9DcX0n0wBDkMjbhv2pQdnQDebVTXf1ULwsqg+axXLRM7axw8PI3eX YYrOgF6cIG11/OjAUrvpnt6boH0TKSb8PrYJQQuFyQCBJeI/J2JcpAKlRMVFMnFX DdMsSlmN7KQU2/Os6Ci+S7LnNrmQYGXd0CfavHPmrOX7C41HtCCF447tvwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJOH4he+tHQljm5PewCsDqdrsrlzMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyOGNlYTkxLTg3OGMtNGYzNi1hZDE2LTI5YjY0OWE3OTQ4Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/8jAMA0GCSqGSIb3DQEBCwUAA4IBAQA+Rs9oJ4A4i6vnqqYg QOyN5v5vOKw0Z6SN/9VQ6QHdU0zfJjXgUeJ+u3SV5A0bxroMa1D8FAP+roL2fpFU zILTZPI4Qag9otu4vLeitt9B7+lnyND81fQkqRASwyayslR5xvZmciwJlBDjf3Ep BQZ3LXc5lfZ8EJGadC43mujFfGtQ8H2hyLEBXlsabEOAKWa1CuS6WYss1Pz0jFL9 WMP/Jwd/oL/acmGxkvTuO3IueVpTZnLwBO25fsSsmLks9Zjw/uVDWV9urUQrbP4P 4YwRYBge+x/Z21KlzSoAE50DQmyX8bBXUQWMHGDaUdLTsZkNochulHU86CO/ecuL mqp3 -----END CERTIFICATE-----Generated at Mon Oct 20 07:33:40 2025 by rpki-client