$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/375520d4-df61-4e6c-9222-5f7232d9f4b8.roa File: 375520d4-df61-4e6c-9222-5f7232d9f4b8.roa (raw, json) Hash identifier: C0uDdpaT0nQIf1Rzehqt9TGB4PQdww5t7PAgkP/8rko= Subject key identifier: 62:93:B0:9E:55:90:5D:D9:34:64:C1:D4:49:B9:89:65:E1:6E:89:B0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3C613A075C8C5B36F07E4E16AC6BD2F979DC5586 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/375520d4-df61-4e6c-9222-5f7232d9f4b8.roa Signing time: Mon 13 Oct 2025 15:20:01 +0000 ROA not before: Mon 13 Oct 2025 15:20:01 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:4020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:61:3a:07:5c:8c:5b:36:f0:7e:4e:16:ac:6b:d2:f9:79:dc:55:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:20:01 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=0fd8350001956f1b338ec4825fb9acc21542d7fbbe953e1992e7fd3c556668f8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:31:9d:0d:f8:93:ee:3f:4f:3e:cb:90:87:a2: f1:50:cd:e4:0a:40:ff:73:70:9e:83:b8:fb:e1:47: f6:97:ae:a2:48:09:dc:c5:56:d2:8d:78:58:10:98: 51:14:3b:b6:9f:7d:4e:86:bd:57:f5:33:69:4b:05: 8f:3c:d1:c3:c9:c8:2f:ac:62:13:cb:96:1d:4b:6f: b1:4a:46:7e:fe:b0:70:62:c6:e4:f5:ec:5c:85:62: 2a:f9:41:e5:d4:06:bd:f0:ff:f8:15:9c:55:51:ec: 5c:84:91:15:60:00:87:42:de:86:e0:a4:13:7e:f5: bb:e4:5e:7e:77:3e:56:d4:bb:76:aa:d8:e0:65:b5: e8:ae:5e:b4:f3:ca:95:a4:b4:c4:eb:16:19:89:37: 3a:31:c3:c6:d3:2b:2f:34:4b:5d:82:0a:64:0a:58: fc:3d:81:ac:e0:1b:ac:e0:ad:58:ca:f6:16:48:8a: c2:18:68:1f:02:3a:24:d2:92:44:cf:41:b4:ad:b1: c9:01:fd:1b:00:0d:d9:e0:09:16:42:10:69:dc:4e: 58:2c:bc:c0:49:57:29:8a:85:a7:cf:3d:f6:ec:f7: 1f:f5:83:6e:a5:41:a6:cb:08:7a:db:9a:e4:49:43: 2a:93:6b:8a:cc:60:88:e7:99:07:d0:d1:11:52:04: 8a:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:93:B0:9E:55:90:5D:D9:34:64:C1:D4:49:B9:89:65:E1:6E:89:B0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/375520d4-df61-4e6c-9222-5f7232d9f4b8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:4020::/48 Signature Algorithm: sha256WithRSAEncryption 97:cc:c3:7f:33:05:6a:ad:2f:42:03:84:47:2f:e3:5a:27:1b: 02:93:0c:bb:c7:7b:6e:3e:4d:68:b4:4b:dd:b0:95:53:09:fa: e0:b8:94:69:95:af:91:87:4c:5c:4e:78:a9:1b:86:3b:88:38: aa:c1:e0:03:e4:38:97:d1:08:3a:01:57:40:6b:4f:21:be:f6: 95:cf:a5:69:d0:fe:5e:15:7d:85:90:15:c2:3f:46:45:dd:82: 3f:cb:b3:f0:7c:a3:f2:ad:30:61:c5:60:66:e5:9c:70:c7:56: 10:e8:79:fd:3d:82:24:5d:3c:3d:48:30:de:2a:f3:95:84:1c: 96:87:a1:34:bc:60:54:16:c9:24:f5:f1:37:a5:87:40:55:44: 7c:ee:23:55:9c:98:0a:6c:35:48:e4:fb:e5:d8:85:2b:29:ca: 8a:f4:2f:ac:96:1c:a7:0b:94:9b:b9:be:54:0c:87:1c:49:a9: df:aa:a5:e3:9a:f6:76:3b:90:06:d9:62:64:c6:02:14:4e:22: 20:24:52:be:32:ec:7a:34:bc:f8:99:a0:f5:53:62:cc:d5:f3: 9e:ed:ee:c6:19:af:92:cf:b5:54:7b:69:eb:b5:5e:5b:23:75: f0:98:bf:68:09:35:a2:24:82:fd:ea:d7:3b:a2:87:24:5e:46: 34:e2:80:59 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUPGE6B1yMWzbwfk4WrGvS+XncVYYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1MjAwMVoX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNAMGZkODM1MDAwMTk1NmYxYjMzOGVj NDgyNWZiOWFjYzIxNTQyZDdmYmJlOTUzZTE5OTJlN2ZkM2M1NTY2NjhmODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jGdDfiT7j9PPsuQh6LxUM3kCkD/ c3Ceg7j74Uf2l66iSAncxVbSjXhYEJhRFDu2n31Ohr1X9TNpSwWPPNHDycgvrGIT y5YdS2+xSkZ+/rBwYsbk9exchWIq+UHl1Aa98P/4FZxVUexchJEVYACHQt6G4KQT fvW75F5+dz5W1Lt2qtjgZbXorl6088qVpLTE6xYZiTc6McPG0ysvNEtdggpkClj8 PYGs4Bus4K1YyvYWSIrCGGgfAjok0pJEz0G0rbHJAf0bAA3Z4AkWQhBp3E5YLLzA SVcpioWnzz327Pcf9YNupUGmywh625rkSUMqk2uKzGCI55kH0NERUgSKqQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGKTsJ5VkF3ZNGTB1Em5iWXhbomwMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM3NTUyMGQ0LWRmNjEtNGU2Yy05MjIyLTVmNzIzMmQ5ZjRiOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/0AgMA0GCSqGSIb3DQEBCwUAA4IBAQCXzMN/MwVqrS9CA4RH L+NaJxsCkwy7x3tuPk1otEvdsJVTCfrguJRpla+Rh0xcTnipG4Y7iDiqweAD5DiX 0Qg6AVdAa08hvvaVz6Vp0P5eFX2FkBXCP0ZF3YI/y7PwfKPyrTBhxWBm5Zxwx1YQ 6Hn9PYIkXTw9SDDeKvOVhByWh6E0vGBUFskk9fE3pYdAVUR87iNVnJgKbDVI5Pvl 2IUrKcqK9C+slhynC5Sbub5UDIccSanfqqXjmvZ2O5AG2WJkxgIUTiIgJFK+Mux6 NLz4maD1U2LM1fOe7e7GGa+Sz7VUe2nrtV5bI3XwmL9oCTWiJIL96tc7oockXkY0 4oBZ -----END CERTIFICATE-----Generated at Mon Oct 20 09:51:08 2025 by rpki-client