$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/388cbd89-4c8e-4d67-99e2-dd53b6b7d2c6.roa File: 388cbd89-4c8e-4d67-99e2-dd53b6b7d2c6.roa (raw, json) Hash identifier: C9W4Qqv2qcnex3jVFhsgRZFMJhDshj2GPlTCWeHm+7U= Subject key identifier: B0:C5:11:B4:2E:4C:18:77:3C:39:10:31:20:9B:F1:20:F9:16:67:7E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 42E91199AF6ACF951CA1B74DF55C0BC2875638EE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/388cbd89-4c8e-4d67-99e2-dd53b6b7d2c6.roa Signing time: Sat 11 Oct 2025 00:00:39 +0000 ROA not before: Sat 11 Oct 2025 00:00:39 +0000 ROA not after: Sat 15 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:e9:11:99:af:6a:cf:95:1c:a1:b7:4d:f5:5c:0b:c2:87:56:38:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 11 00:00:39 2025 GMT Not After : Nov 15 23:59:59 2025 GMT Subject: serialNumber=74e0f4ac5b5f9fffadc6c373382b7c01a08b356561c50ec07b7cc732dd1ccf3c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:9b:92:c6:5b:70:8a:cb:10:03:8e:11:a6:af: 25:40:35:a8:63:52:39:53:d3:98:4f:0b:c0:9e:5a: 90:ee:b8:50:36:da:d4:f9:6b:60:28:2b:9a:b6:1b: 7c:1a:6e:b0:28:f5:6e:e0:b7:b7:10:6c:a8:88:91: 2a:46:a6:88:f1:45:0d:f6:a0:95:53:23:29:a1:26: 00:ad:13:33:04:da:aa:46:57:a2:04:a7:7b:fd:37: 17:0c:57:9f:10:52:bc:6a:ca:7e:f2:35:38:81:11: b9:1d:a0:f4:03:16:ed:b5:d6:f1:d7:dd:7f:69:5b: 9c:45:cc:22:52:3c:1c:39:d2:b5:a2:02:24:bf:ca: 1c:99:0a:ae:b7:d6:ce:57:c6:21:ba:64:52:0a:c0: 02:99:e0:90:d8:91:ed:d8:60:58:6a:be:a1:a2:a5: 59:75:bd:03:47:63:cf:fc:de:6e:8c:d5:a7:15:28: 1e:54:47:d2:83:30:c3:ec:30:db:f4:05:ee:36:0f: 9c:b8:19:2a:9d:bf:c5:4d:72:79:aa:53:48:e2:04: 7f:7a:3c:91:ce:48:8a:76:83:f0:72:1e:f3:73:f7: db:a2:07:c4:f0:cb:8a:62:80:24:6d:2c:37:40:1b: eb:ca:e5:89:7c:49:55:66:dc:74:26:7e:d2:41:51: ac:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:C5:11:B4:2E:4C:18:77:3C:39:10:31:20:9B:F1:20:F9:16:67:7E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/388cbd89-4c8e-4d67-99e2-dd53b6b7d2c6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:880::/48 Signature Algorithm: sha256WithRSAEncryption 05:46:31:5a:07:f9:80:f9:ab:90:c5:cd:23:c2:6d:fa:0d:11: 7f:36:b2:33:0a:89:27:5a:22:ce:5e:40:f0:cd:16:6e:4c:6a: f8:d5:9e:aa:df:24:c6:35:93:8e:ac:a2:77:5f:5c:2a:e3:d9: 9f:0d:35:ae:28:77:4a:09:a7:a8:26:4c:9e:82:eb:bf:c0:c9: e0:e2:7c:c0:26:1a:4c:f1:35:86:a9:73:07:42:d9:c7:68:bd: a0:ef:35:1c:11:eb:5e:80:46:3d:da:b7:a1:6f:d9:2e:07:5c: 0a:94:fe:54:23:bb:f8:f8:ef:0e:ed:5f:f7:76:6f:3c:c3:f2: b6:7a:7e:fc:65:e2:d0:6b:d9:e6:a3:82:65:6c:c2:77:cc:ce: b9:ce:22:c9:e6:41:a4:a4:e0:6c:69:7f:1b:6a:b4:43:bf:6d: c6:95:4c:15:27:8d:7e:80:00:6e:77:9c:ad:af:94:4f:e6:4e: f5:c2:f8:c4:a1:c9:a2:2d:43:6d:3f:9d:58:99:23:2a:8d:11: 09:50:b2:ab:4d:de:8c:af:b3:0f:f5:a5:82:a3:eb:ce:9a:f0: d9:47:98:a4:88:ad:4c:92:1a:bf:d0:a4:e6:14:d3:18:bf:15: c2:f9:67:0a:88:07:68:5e:0b:11:09:03:22:ef:c2:da:6a:26: 35:28:ca:8d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUQukRma9qz5UcobdN9VwLwodWOO4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMTAwMDAzOVoX DTI1MTExNTIzNTk1OVowejFJMEcGA1UEBRNANzRlMGY0YWM1YjVmOWZmZmFkYzZj MzczMzgyYjdjMDFhMDhiMzU2NTYxYzUwZWMwN2I3Y2M3MzJkZDFjY2YzYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3JuSxltwissQA44Rpq8lQDWoY1I5 U9OYTwvAnlqQ7rhQNtrU+WtgKCuatht8Gm6wKPVu4Le3EGyoiJEqRqaI8UUN9qCV UyMpoSYArRMzBNqqRleiBKd7/TcXDFefEFK8asp+8jU4gRG5HaD0Axbttdbx191/ aVucRcwiUjwcOdK1ogIkv8ocmQqut9bOV8YhumRSCsACmeCQ2JHt2GBYar6hoqVZ db0DR2PP/N5ujNWnFSgeVEfSgzDD7DDb9AXuNg+cuBkqnb/FTXJ5qlNI4gR/ejyR zkiKdoPwch7zc/fbogfE8MuKYoAkbSw3QBvryuWJfElVZtx0Jn7SQVGsCQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLDFEbQuTBh3PDkQMSCb8SD5Fmd+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM4OGNiZDg5LTRjOGUtNGQ2Ny05OWUyLWRkNTNiNmI3ZDJjNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAAiAMA0GCSqGSIb3DQEBCwUAA4IBAQAFRjFaB/mA+auQxc0j wm36DRF/NrIzCoknWiLOXkDwzRZuTGr41Z6q3yTGNZOOrKJ3X1wq49mfDTWuKHdK CaeoJkyeguu/wMng4nzAJhpM8TWGqXMHQtnHaL2g7zUcEetegEY92rehb9kuB1wK lP5UI7v4+O8O7V/3dm88w/K2en78ZeLQa9nmo4JlbMJ3zM65ziLJ5kGkpOBsaX8b arRDv23GlUwVJ41+gABud5ytr5RP5k71wvjEocmiLUNtP51YmSMqjREJULKrTd6M r7MP9aWCo+vOmvDZR5ikiK1Mkhq/0KTmFNMYvxXC+WcKiAdoXgsRCQMi78LaaiY1 KMqN -----END CERTIFICATE-----Generated at Mon Oct 20 12:31:54 2025 by rpki-client