$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/38ae37ad-50db-4547-8df2-8cdcc56e5ca1.roa File: 38ae37ad-50db-4547-8df2-8cdcc56e5ca1.roa (raw, json) Hash identifier: 31C88EGblkzmRhp96ur+AapC1c6lxMmgQLlerDFwocI= Subject key identifier: 95:8D:3F:A9:79:E0:5B:03:03:00:F2:4B:EF:BD:07:E4:FE:BD:81:8F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 55F2FAD52CA4C062AB035302FF78DD2BDCA92E6D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/38ae37ad-50db-4547-8df2-8cdcc56e5ca1.roa Signing time: Wed 15 Oct 2025 00:20:49 +0000 ROA not before: Wed 15 Oct 2025 00:20:49 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:f2:fa:d5:2c:a4:c0:62:ab:03:53:02:ff:78:dd:2b:dc:a9:2e:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:20:49 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=0c25706be766c7b3d74e682315b3cdcdab98e8a0841ec5dda7bac4e5390ffef7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:29:f2:9e:c2:59:54:f7:d4:a9:40:72:a8:65: db:a3:66:c7:12:6a:72:cf:1d:1a:7c:a9:86:3f:7e: e7:47:10:82:4d:45:4d:84:81:97:dc:ee:40:f7:a8: 7c:0e:19:4d:9f:a7:19:fb:d8:54:f0:20:8f:b9:9c: f0:8d:33:7c:7d:11:dd:51:e9:bf:55:93:d1:30:90: 98:ef:79:3a:06:f2:c5:a1:21:11:be:00:1d:6f:d0: e2:35:f6:93:22:ae:87:d3:28:2d:ea:5e:6a:3f:eb: 8a:14:ee:cc:aa:7a:e6:79:97:9e:65:a7:9c:39:f2: e9:b3:92:1b:f4:1f:ac:16:af:ce:bb:dd:40:fe:c1: 79:7d:dd:a9:53:ff:1c:80:08:4b:d9:be:8e:40:82: fb:af:25:61:28:f6:f1:2f:2c:dc:bd:97:57:49:45: 31:8c:35:27:c8:5e:5c:1d:b7:e0:55:9a:7f:b2:b8: 79:a6:a7:cc:ce:a1:6c:29:b1:7d:7f:d4:ec:56:1f: f4:d3:ea:ef:db:ca:a7:57:f5:9d:c6:96:a5:f7:bb: 22:7a:c4:12:64:45:b3:e1:8a:19:7d:c2:f7:3a:c1: ea:52:2c:8d:6b:36:2c:db:dd:63:e4:9d:d0:c0:92: e6:d2:93:3f:ab:98:b5:96:5d:fa:e2:2c:5d:79:59: b2:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:8D:3F:A9:79:E0:5B:03:03:00:F2:4B:EF:BD:07:E4:FE:BD:81:8F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/38ae37ad-50db-4547-8df2-8cdcc56e5ca1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32::/32 Signature Algorithm: sha256WithRSAEncryption 24:83:10:c8:3f:fb:86:fc:da:43:43:f5:ba:f7:08:06:0d:b6: a6:b9:83:e4:20:52:dc:ea:d0:f4:e5:25:c0:0a:78:f9:8a:d3: 26:be:83:53:aa:69:00:22:2c:46:fe:01:ed:ec:08:7a:5b:c8: c0:5c:8e:02:39:3c:53:3c:80:33:ec:00:93:db:c4:75:51:dd: b1:a7:f0:f2:ce:5d:0c:5d:5a:cb:b3:ae:73:cf:62:f3:59:8f: ca:10:11:bf:82:75:73:b9:cf:a4:14:4b:58:32:e8:eb:1b:5c: 91:b3:c6:0c:27:44:24:41:86:32:7f:0d:0a:03:bf:9a:0b:20: 60:5b:02:84:90:8b:80:c2:eb:4d:78:88:42:39:c2:4e:cd:ff: e3:49:e1:68:3a:3e:a9:dc:7c:0e:66:7b:3d:3a:4b:4e:b1:70: a9:94:d0:2a:eb:d0:65:c4:e8:3f:07:6d:50:37:0d:14:c8:37: 46:a0:32:f9:b1:cc:1b:3f:c7:f6:f6:2b:6e:e1:52:36:b5:03: 77:52:01:ec:e5:95:86:df:ce:e0:98:41:45:64:8f:01:c4:a4: b9:6d:c4:1a:5d:de:1d:10:a2:00:9b:83:df:93:58:c4:d9:d4: a0:09:c2:83:4e:87:61:bd:18:63:5f:f7:e7:12:3f:8c:33:25: e5:cf:22:b6 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUVfL61SykwGKrA1MC/3jdK9ypLm0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwMjA0OVoX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNAMGMyNTcwNmJlNzY2YzdiM2Q3NGU2 ODIzMTViM2NkY2RhYjk4ZThhMDg0MWVjNWRkYTdiYWM0ZTUzOTBmZmVmNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyynynsJZVPfUqUByqGXbo2bHEmpy zx0afKmGP37nRxCCTUVNhIGX3O5A96h8DhlNn6cZ+9hU8CCPuZzwjTN8fRHdUem/ VZPRMJCY73k6BvLFoSERvgAdb9DiNfaTIq6H0ygt6l5qP+uKFO7MqnrmeZeeZaec OfLps5Ib9B+sFq/Ou91A/sF5fd2pU/8cgAhL2b6OQIL7ryVhKPbxLyzcvZdXSUUx jDUnyF5cHbfgVZp/srh5pqfMzqFsKbF9f9TsVh/00+rv28qnV/Wdxpal97siesQS ZEWz4YoZfcL3OsHqUiyNazYs291j5J3QwJLm0pM/q5i1ll364ixdeVmyBQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFJWNP6l54FsDAwDyS++9B+T+vYGPMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM4YWUzN2FkLTUwZGItNDU0Ny04ZGYyLThjZGNjNTZlNWNhMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbaMjANBgkqhkiG9w0BAQsFAAOCAQEAJIMQyD/7hvzaQ0P1uvcI Bg22prmD5CBS3OrQ9OUlwAp4+YrTJr6DU6ppACIsRv4B7ewIelvIwFyOAjk8UzyA M+wAk9vEdVHdsafw8s5dDF1ay7Ouc89i81mPyhARv4J1c7nPpBRLWDLo6xtckbPG DCdEJEGGMn8NCgO/mgsgYFsChJCLgMLrTXiIQjnCTs3/40nhaDo+qdx8DmZ7PTpL TrFwqZTQKuvQZcToPwdtUDcNFMg3RqAy+bHMGz/H9vYrbuFSNrUDd1IB7OWVht/O 4JhBRWSPAcSkuW3EGl3eHRCiAJuD35NYxNnUoAnCg06HYb0YY1/35xI/jDMl5c8i tg== -----END CERTIFICATE-----Generated at Mon Oct 20 20:27:48 2025 by rpki-client