$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32e4ece6-d35e-41cf-8da1-3b7733e46e63.roa File: 32e4ece6-d35e-41cf-8da1-3b7733e46e63.roa (raw, json) Hash identifier: K/8Kjfq/4NgbSY5FSrfizoruBrtWBLfS71Y1cxLfxtg= Subject key identifier: C2:2A:89:6A:93:DE:A1:08:A0:F8:94:4E:7E:97:A3:5F:0E:6A:AD:7E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 22267852F313B958D8B29C1E7141AB10E2667238 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32e4ece6-d35e-41cf-8da1-3b7733e46e63.roa Signing time: Wed 08 Oct 2025 00:01:00 +0000 ROA not before: Wed 08 Oct 2025 00:01:00 +0000 ROA not after: Wed 12 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:26:78:52:f3:13:b9:58:d8:b2:9c:1e:71:41:ab:10:e2:66:72:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 8 00:01:00 2025 GMT Not After : Nov 12 23:59:59 2025 GMT Subject: serialNumber=260053ec2fd73731a7fa47835405ab052993177c871abf26a5d9765c698c9fad, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:a8:2b:23:67:38:e3:7f:00:73:fc:dc:3e:5c: 73:e2:f6:59:5a:f8:0b:7a:df:fb:9c:31:ee:99:2f: 62:16:fb:0b:3c:c7:28:72:1a:ea:07:ae:41:54:98: 0e:d2:41:96:5b:c8:cb:09:50:20:9a:66:48:35:72: 5a:ad:a2:75:ae:bb:c1:5e:0e:b3:9c:8b:4e:f7:d6: 31:0c:1e:6f:fa:77:25:0a:d4:c9:19:b7:c1:a1:eb: 7f:da:0b:78:6e:c1:74:4b:75:f4:85:4a:31:f7:f9: 79:32:0c:f2:60:c1:5c:0d:e2:e1:cb:9d:e3:87:f7: cc:6e:6b:1b:88:a0:06:75:09:55:71:ea:72:b8:ad: d5:a3:df:1f:dd:74:70:39:4a:95:08:b4:e5:35:d7: bf:84:b4:92:41:a3:90:96:2d:70:4d:4f:17:bb:4c: dc:49:37:62:4a:be:92:30:63:df:db:b1:18:a3:66: 00:4c:2d:de:e8:7f:3a:80:84:2c:65:71:e0:8a:f9: 7d:20:b1:8e:56:ee:d9:8f:79:c6:d4:59:fa:bd:c0: e1:ac:02:d7:50:4d:bb:8b:20:69:54:bb:fb:55:a4: 8a:2b:58:0f:02:7c:76:f7:92:4b:00:c8:1c:47:bd: 30:8c:83:5c:02:29:dc:59:11:a6:75:6d:b5:8d:bb: 8a:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:2A:89:6A:93:DE:A1:08:A0:F8:94:4E:7E:97:A3:5F:0E:6A:AD:7E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32e4ece6-d35e-41cf-8da1-3b7733e46e63.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:a000::/40 Signature Algorithm: sha256WithRSAEncryption a2:9d:80:34:f2:59:93:b2:14:56:7b:92:a0:2b:58:0c:6a:a2: 50:38:3a:6f:a6:e9:8d:97:5d:93:8a:64:44:1c:bc:02:15:a5: c4:b2:4d:d2:a1:66:92:a2:96:d4:d1:b6:d5:60:61:31:b4:3e: c1:f6:17:09:86:67:59:67:79:c3:92:a9:79:ab:27:dd:2a:6c: 85:3c:ad:12:90:63:be:61:62:e0:4b:c6:66:63:71:ee:e5:85: e6:37:fa:68:aa:5e:5d:6d:bd:0e:90:a2:fe:22:c6:50:5d:7a: fb:29:f5:e9:e9:86:7c:63:8a:94:30:f4:2c:a2:6f:60:b8:bf: 47:b1:84:bd:11:b1:0e:02:1a:64:d6:d4:9b:c0:14:ac:a2:79: a8:48:d1:c0:8a:9c:65:2f:f9:93:e8:66:47:c8:d8:ea:73:9e: 53:9b:9e:d3:23:0e:14:69:2e:3c:69:e2:0e:35:5f:50:c5:31: d0:38:f7:a7:c4:50:73:48:c6:7e:1c:ed:79:fd:41:50:03:7a: 09:e1:2e:7b:f9:2f:1a:e1:90:b6:47:66:0c:80:b1:d5:fb:c5: 6d:58:08:98:28:eb:1d:d4:65:19:63:54:c0:9c:2c:30:e9:13: 52:a5:0f:ed:e2:66:1e:b3:37:be:f9:c1:ed:58:48:4a:05:d0: cb:98:98:ec -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIiZ4UvMTuVjYspwecUGrEOJmcjgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwODAwMDEwMFoX DTI1MTExMjIzNTk1OVowejFJMEcGA1UEBRNAMjYwMDUzZWMyZmQ3MzczMWE3ZmE0 NzgzNTQwNWFiMDUyOTkzMTc3Yzg3MWFiZjI2YTVkOTc2NWM2OThjOWZhZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6grI2c4438Ac/zcPlxz4vZZWvgL et/7nDHumS9iFvsLPMcochrqB65BVJgO0kGWW8jLCVAgmmZINXJaraJ1rrvBXg6z nItO99YxDB5v+nclCtTJGbfBoet/2gt4bsF0S3X0hUox9/l5MgzyYMFcDeLhy53j h/fMbmsbiKAGdQlVcepyuK3Vo98f3XRwOUqVCLTlNde/hLSSQaOQli1wTU8Xu0zc STdiSr6SMGPf27EYo2YATC3e6H86gIQsZXHgivl9ILGOVu7Zj3nG1Fn6vcDhrALX UE27iyBpVLv7VaSKK1gPAnx295JLAMgcR70wjINcAincWRGmdW21jbuKMwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMIqiWqT3qEIoPiUTn6Xo18Oaq1+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyZTRlY2U2LWQzNWUtNDFjZi04ZGExLTNiNzczM2U0NmU2My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYKAwDQYJKoZIhvcNAQELBQADggEBAKKdgDTyWZOyFFZ7kqAr WAxqolA4Om+m6Y2XXZOKZEQcvAIVpcSyTdKhZpKiltTRttVgYTG0PsH2FwmGZ1ln ecOSqXmrJ90qbIU8rRKQY75hYuBLxmZjce7lheY3+miqXl1tvQ6Qov4ixlBdevsp 9enphnxjipQw9Cyib2C4v0exhL0RsQ4CGmTW1JvAFKyieahI0cCKnGUv+ZPoZkfI 2OpznlObntMjDhRpLjxp4g41X1DFMdA496fEUHNIxn4c7Xn9QVADegnhLnv5Lxrh kLZHZgyAsdX7xW1YCJgo6x3UZRljVMCcLDDpE1KlD+3iZh6zN775we1YSEoF0MuY mOw= -----END CERTIFICATE-----Generated at Mon Oct 20 12:26:49 2025 by rpki-client