$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35c40aab-f83d-41b2-947a-e29a7ed6818f.roa File: 35c40aab-f83d-41b2-947a-e29a7ed6818f.roa (raw, json) Hash identifier: hMuCih7telCiWuaglnriXyQ/lNG/8/VQ4bRXdWgGdIQ= Subject key identifier: D1:0C:9C:3F:1D:A5:71:7C:30:22:5C:0C:3B:F1:B8:43:38:34:01:8C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4863F4451F7F187DBEFE74C4225060DE91BEC9B9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35c40aab-f83d-41b2-947a-e29a7ed6818f.roa Signing time: Fri 17 Oct 2025 00:01:49 +0000 ROA not before: Fri 17 Oct 2025 00:01:49 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:63:f4:45:1f:7f:18:7d:be:fe:74:c4:22:50:60:de:91:be:c9:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 17 00:01:49 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=5fea9302c7d1e7884a3ea5509eb95de1a4334521729349e08dcb28cfadd58539, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:fb:83:24:6a:ab:6a:4d:5f:1f:33:aa:be:09: d1:5b:91:fb:f9:e7:ac:1d:9a:47:6c:af:8f:dc:86: 76:b5:a0:28:29:6e:ae:b8:fb:f8:67:55:39:6e:bb: 7b:b5:1b:2e:76:67:b5:f2:94:63:86:ea:90:86:ab: 9e:00:58:ee:dc:2d:85:7e:ee:77:1f:95:b6:1b:ca: 6e:bf:7d:b4:0c:24:56:5f:66:9e:ac:18:62:b6:9b: 11:97:bc:8b:f3:b8:c8:4f:a8:30:0b:f0:b0:6a:79: 8d:8d:ee:58:c0:0c:ec:66:6c:85:d2:0b:74:ae:e3: 84:e2:29:04:16:1b:20:69:85:a4:8d:e0:3f:03:42: 56:54:1d:3c:08:b0:db:d3:ae:00:45:13:d9:99:61: 6e:32:17:2f:d5:b5:39:37:73:30:17:26:6e:7c:a0: e2:ac:8f:89:ca:53:1f:e9:54:6b:23:e5:83:bb:cc: dd:04:8c:29:66:bd:b0:d5:38:7b:f6:c9:5b:c9:3e: 5d:03:75:30:b9:19:3f:8c:4f:13:02:fc:86:9d:30: 92:72:62:23:9b:71:d7:a4:7a:16:3f:6a:17:95:d2: ec:61:13:66:69:99:63:3f:ad:00:9b:60:bb:ee:9f: a2:92:f4:c0:69:63:67:13:73:9a:92:a0:55:2b:e2: e3:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:0C:9C:3F:1D:A5:71:7C:30:22:5C:0C:3B:F1:B8:43:38:34:01:8C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35c40aab-f83d-41b2-947a-e29a7ed6818f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8::/32 Signature Algorithm: sha256WithRSAEncryption 3f:f0:c0:de:97:1e:f3:66:42:08:d0:0a:cd:95:65:b4:23:1f: da:8a:8c:6d:01:5b:25:eb:24:a6:05:b9:38:a0:09:9c:36:e8: eb:14:1d:b1:3a:0d:89:05:5e:53:c2:c2:e3:20:40:29:47:c1: df:1c:9e:e1:14:1e:07:fb:e8:1b:a5:45:0c:5c:71:99:72:c0: 87:00:bd:0f:06:6f:d4:12:a6:91:f8:36:be:3c:55:47:d9:7b: 91:88:90:d3:7e:ed:86:73:88:cc:a8:8b:e0:63:ce:c6:23:c4: e2:85:8f:7c:02:53:42:a9:36:24:30:4a:8b:ef:53:d3:14:39: 69:37:0e:ad:af:31:4e:40:aa:77:38:e5:1d:70:3c:0e:4c:81: d9:d9:e8:3b:d4:32:d6:fd:06:6e:bd:c1:4f:36:ac:f2:14:89: 69:73:52:ce:2c:b8:7f:3f:7a:e8:05:c5:6b:5a:13:9d:d2:23: 5e:eb:20:33:8a:43:6b:05:83:a2:d0:88:04:f4:d5:1f:e5:ec: 9e:15:78:ba:f6:63:29:e6:c1:7b:5f:5e:20:88:28:ac:98:6d: cd:e9:82:ee:18:1e:46:7d:a0:6e:09:12:24:5f:e7:d1:73:33: 5b:ea:39:bf:f1:bc:67:ef:86:8c:50:f6:70:fe:0d:70:07:87: 65:95:db:8b -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUSGP0RR9/GH2+/nTEIlBg3pG+ybkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNzAwMDE0OVoX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNANWZlYTkzMDJjN2QxZTc4ODRhM2Vh NTUwOWViOTVkZTFhNDMzNDUyMTcyOTM0OWUwOGRjYjI4Y2ZhZGQ1ODUzOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPuDJGqrak1fHzOqvgnRW5H7+ees HZpHbK+P3IZ2taAoKW6uuPv4Z1U5brt7tRsudme18pRjhuqQhqueAFju3C2Ffu53 H5W2G8puv320DCRWX2aerBhitpsRl7yL87jIT6gwC/CwanmNje5YwAzsZmyF0gt0 ruOE4ikEFhsgaYWkjeA/A0JWVB08CLDb064ARRPZmWFuMhcv1bU5N3MwFyZufKDi rI+JylMf6VRrI+WDu8zdBIwpZr2w1Th79slbyT5dA3UwuRk/jE8TAvyGnTCScmIj m3HXpHoWP2oXldLsYRNmaZljP60Am2C77p+ikvTAaWNnE3OakqBVK+LjnwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFNEMnD8dpXF8MCJcDDvxuEM4NAGMMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM1YzQwYWFiLWY4M2QtNDFiMi05NDdhLWUyOWE3ZWQ2ODE4Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbauDANBgkqhkiG9w0BAQsFAAOCAQEAP/DA3pce82ZCCNAKzZVl tCMf2oqMbQFbJeskpgW5OKAJnDbo6xQdsToNiQVeU8LC4yBAKUfB3xye4RQeB/vo G6VFDFxxmXLAhwC9DwZv1BKmkfg2vjxVR9l7kYiQ037thnOIzKiL4GPOxiPE4oWP fAJTQqk2JDBKi+9T0xQ5aTcOra8xTkCqdzjlHXA8DkyB2dnoO9Qy1v0Gbr3BTzas 8hSJaXNSziy4fz966AXFa1oTndIjXusgM4pDawWDotCIBPTVH+XsnhV4uvZjKebB e19eIIgorJhtzemC7hgeRn2gbgkSJF/n0XMzW+o5v/G8Z++GjFD2cP4NcAeHZZXb iw== -----END CERTIFICATE-----Generated at Mon Oct 20 20:38:35 2025 by rpki-client