$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32c6f2e6-113c-4d40-a541-26a09c985dde.roa File: 32c6f2e6-113c-4d40-a541-26a09c985dde.roa (raw, json) Hash identifier: 3PQv00AvtdKF1B0i6AJv7/YcHD5rg5foAyrLCw1dWYs= Subject key identifier: 36:EB:EE:2B:02:9D:A2:F2:F8:D7:9D:8D:3C:A5:46:6E:1C:CF:27:1D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 68ED593617B59607176E303A35FB2570084AE749 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32c6f2e6-113c-4d40-a541-26a09c985dde.roa Signing time: Mon 13 Oct 2025 15:40:29 +0000 ROA not before: Mon 13 Oct 2025 15:40:29 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:2800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:ed:59:36:17:b5:96:07:17:6e:30:3a:35:fb:25:70:08:4a:e7:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:40:29 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=e8c94bf161750d6dfc551f3cc5346e7c31c4c5973a3970be3187d1795cb268aa, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:33:d8:85:b8:5d:57:47:46:a1:a5:b4:50:45: 4f:e4:5a:30:cd:9c:eb:5c:a6:7f:6f:f6:f9:7f:46: e1:67:53:da:14:1b:24:95:14:a9:5d:a9:85:b4:4f: 66:6a:f7:4c:8e:5f:34:04:01:b8:a9:11:a9:76:35: e6:25:25:a4:2d:18:2b:12:dc:5a:37:59:17:3e:65: 59:1e:c5:fc:cd:f1:62:a5:6f:9a:45:0f:8f:58:55: 40:5f:81:07:a5:a9:c5:52:1f:9b:b3:20:b6:2c:31: be:5c:f2:ec:86:aa:18:5b:5e:39:4f:25:e8:c3:49: 07:01:d4:cc:21:ae:a0:66:ce:7f:f0:3c:f8:33:93: b4:88:49:1f:76:f8:64:2c:fd:62:bb:6e:32:bd:92: 27:69:2a:a4:02:cc:0b:ca:ef:92:27:04:4c:94:4c: 10:f7:45:48:7f:d7:c5:9b:9a:6e:2a:bb:85:98:e1: 98:8e:73:37:41:41:24:68:b1:5c:f8:63:a9:d0:6d: 47:15:54:d1:6e:83:98:fc:4b:96:ad:5c:a8:b7:19: 79:51:36:e9:ac:79:31:5a:17:82:95:e7:96:40:b8: 27:12:a0:b0:dc:88:47:77:4f:c6:dd:42:f4:19:ca: c8:6c:72:24:67:b9:2e:44:a3:ff:6e:37:51:a0:33: c2:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:EB:EE:2B:02:9D:A2:F2:F8:D7:9D:8D:3C:A5:46:6E:1C:CF:27:1D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32c6f2e6-113c-4d40-a541-26a09c985dde.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:2800::/40 Signature Algorithm: sha256WithRSAEncryption 73:08:ac:53:e5:96:2d:d8:b5:92:be:ad:d0:87:55:48:fa:ba: 78:03:ff:1c:48:39:9e:69:fb:22:4a:58:27:1b:a7:59:09:f8: 7a:2a:c3:4c:65:09:d1:3f:36:0b:71:ea:7b:48:ad:b2:68:65: 41:4d:61:bf:b7:10:53:89:5f:37:bf:33:79:57:49:a8:94:0d: 92:39:8b:0d:a9:f1:2e:d2:74:ae:ec:c7:c5:bf:7c:e9:df:8d: 14:fc:90:f9:11:f5:05:c4:5e:ec:7c:a2:01:d9:e0:25:2c:24: da:12:f9:ea:65:c4:71:af:35:c5:5d:f6:0a:3b:bf:fd:c0:c1: 5d:5b:e5:b9:9e:2a:2a:f6:f3:f8:02:d4:c1:a7:69:05:51:1e: 4a:fe:94:14:24:ce:f5:61:74:e8:dc:09:b4:2c:d7:0e:3a:60: 4c:4c:83:f0:1e:7a:34:d9:77:c3:06:1d:4e:8f:9d:fd:ca:a1: 41:08:ef:b4:3c:45:3f:75:9f:7d:c8:6a:86:da:31:f9:1d:e0: 21:e0:0c:4f:c1:df:86:76:32:ae:24:81:95:d5:4a:6f:d7:59: 9b:7d:bb:03:c9:74:e9:3b:c7:36:83:d0:63:c5:75:96:28:70: 0e:79:5c:1a:b8:03:3e:19:5f:24:7f:69:b3:1c:6c:44:20:66: 6d:5c:27:25 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUaO1ZNhe1lgcXbjA6NfslcAhK50kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1NDAyOVoX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNAZThjOTRiZjE2MTc1MGQ2ZGZjNTUx ZjNjYzUzNDZlN2MzMWM0YzU5NzNhMzk3MGJlMzE4N2QxNzk1Y2IyNjhhYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzPYhbhdV0dGoaW0UEVP5FowzZzr XKZ/b/b5f0bhZ1PaFBsklRSpXamFtE9mavdMjl80BAG4qRGpdjXmJSWkLRgrEtxa N1kXPmVZHsX8zfFipW+aRQ+PWFVAX4EHpanFUh+bsyC2LDG+XPLshqoYW145TyXo w0kHAdTMIa6gZs5/8Dz4M5O0iEkfdvhkLP1iu24yvZInaSqkAswLyu+SJwRMlEwQ 90VIf9fFm5puKruFmOGYjnM3QUEkaLFc+GOp0G1HFVTRboOY/EuWrVyotxl5UTbp rHkxWheCleeWQLgnEqCw3IhHd0/G3UL0GcrIbHIkZ7kuRKP/bjdRoDPChQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDbr7isCnaLy+NedjTylRm4czycdMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyYzZmMmU2LTExM2MtNGQ0MC1hNTQxLTI2YTA5Yzk4NWRkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/ygwDQYJKoZIhvcNAQELBQADggEBAHMIrFPlli3YtZK+rdCH VUj6ungD/xxIOZ5p+yJKWCcbp1kJ+Hoqw0xlCdE/Ngtx6ntIrbJoZUFNYb+3EFOJ Xze/M3lXSaiUDZI5iw2p8S7SdK7sx8W/fOnfjRT8kPkR9QXEXux8ogHZ4CUsJNoS +eplxHGvNcVd9go7v/3AwV1b5bmeKir28/gC1MGnaQVRHkr+lBQkzvVhdOjcCbQs 1w46YExMg/AeejTZd8MGHU6Pnf3KoUEI77Q8RT91n33IaobaMfkd4CHgDE/B34Z2 Mq4kgZXVSm/XWZt9uwPJdOk7xzaD0GPFdZYocA55XBq4Az4ZXyR/abMcbEQgZm1c JyU= -----END CERTIFICATE-----Generated at Mon Oct 20 09:57:54 2025 by rpki-client