$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e10b881-cc4d-4575-9034-6eacfc118456.roa File: 3e10b881-cc4d-4575-9034-6eacfc118456.roa (raw, json) Hash identifier: kD5RO8Dy2W9NdFdOZxSRqOQtBEE11oCOClDp+AdMNGk= Subject key identifier: D5:3D:46:ED:4D:E4:74:2F:64:A1:F5:A8:0C:12:03:66:94:53:93:76 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7465F2CDEC52ED3F34F2B16DF3813E712B3F643B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e10b881-cc4d-4575-9034-6eacfc118456.roa Signing time: Mon 13 Oct 2025 15:38:11 +0000 ROA not before: Mon 13 Oct 2025 15:38:11 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:2000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:65:f2:cd:ec:52:ed:3f:34:f2:b1:6d:f3:81:3e:71:2b:3f:64:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:38:11 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=102029558dabba29647d567280dad62c7b15af4afd4e26f84102202cd9cfb7f3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:fc:29:db:fe:5a:15:5c:32:e5:c1:08:73:e5: 3d:43:f8:2f:0b:22:b9:a9:fa:ef:f9:5f:05:17:8d: 93:f4:d9:53:f6:03:ac:53:c5:8f:24:37:87:84:34: 4e:cb:52:35:2a:e7:9f:93:d5:dd:e2:49:fa:f5:e8: 64:c8:2a:03:bb:9c:3f:0b:e9:8f:23:bd:62:81:a9: 16:f4:4b:27:60:e2:28:b3:1c:21:ab:d7:b6:40:0b: e3:0a:c2:a9:7d:2d:2e:18:7b:29:54:65:33:d5:19: 1e:93:b4:0d:8f:49:48:10:f0:da:cc:c5:d3:81:46: 88:e8:a0:3c:69:97:c6:ce:a5:8d:38:a7:a6:a1:76: 4b:67:e7:a8:62:c3:83:88:7c:5e:74:0e:c5:80:88: 66:91:a4:9f:58:6c:73:4e:48:ea:c2:ed:ec:6f:36: c8:03:58:b9:02:70:44:b8:e9:23:c4:0c:f3:56:ea: 74:98:97:3c:0c:35:e5:41:d8:45:0c:22:c4:77:9a: 91:46:94:dc:96:e5:3b:f8:35:29:b1:25:75:09:47: 56:b1:cb:d6:9e:bb:c8:fb:dd:57:8b:eb:6e:04:ea: 1c:c3:9e:41:82:8f:4f:b0:47:9c:11:e2:bd:50:9d: ce:a6:f3:da:f2:6f:76:cb:be:0a:8c:86:3e:ea:e3: 44:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:3D:46:ED:4D:E4:74:2F:64:A1:F5:A8:0C:12:03:66:94:53:93:76 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e10b881-cc4d-4575-9034-6eacfc118456.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:2000::/40 Signature Algorithm: sha256WithRSAEncryption 94:24:4e:69:8b:2f:14:dc:99:fe:b3:75:66:6d:82:9a:9f:4a: fd:b5:27:fa:f2:36:d7:c2:4f:e9:3f:53:99:cc:88:92:3d:af: 25:cd:78:88:ed:5b:21:4f:99:e6:5f:f5:be:1c:60:df:e6:a9: 04:d4:53:54:ad:15:85:ee:cb:75:15:40:02:a3:4c:ac:5e:0b: 8a:ea:58:8b:d4:9d:7f:84:2f:1d:65:d7:3a:e8:81:4c:3b:7c: a9:bf:f9:6e:f2:98:5d:7b:b6:24:f9:c9:78:5f:63:7f:74:5f: b3:52:60:43:8b:27:f0:ab:1e:d3:30:7c:3e:55:da:62:e9:e2: b1:20:6b:d4:62:22:58:2e:ea:1b:1a:c1:94:ce:3e:ab:82:e4: 51:40:24:91:e1:97:34:79:59:42:e6:31:9f:dd:e8:30:e4:d0: ec:d8:64:e2:0e:ec:bf:7d:36:13:20:63:34:00:01:d8:97:ac: 55:0d:fa:07:08:c9:35:ca:08:87:1e:b0:57:80:b1:52:a9:72: c6:2a:72:e1:19:38:5f:61:c5:5a:c4:44:92:7b:4a:9f:fe:70: 72:a8:e0:42:68:d5:24:76:69:dd:93:cf:8b:a1:c7:6a:2b:79: 4d:a3:1c:9b:89:04:82:c2:85:9a:36:c6:cc:d2:13:53:0b:1a: 79:51:43:9f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdGXyzexS7T808rFt84E+cSs/ZDswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1MzgxMVoX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNAMTAyMDI5NTU4ZGFiYmEyOTY0N2Q1 NjcyODBkYWQ2MmM3YjE1YWY0YWZkNGUyNmY4NDEwMjIwMmNkOWNmYjdmMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfwp2/5aFVwy5cEIc+U9Q/gvCyK5 qfrv+V8FF42T9NlT9gOsU8WPJDeHhDROy1I1Kuefk9Xd4kn69ehkyCoDu5w/C+mP I71igakW9EsnYOIosxwhq9e2QAvjCsKpfS0uGHspVGUz1Rkek7QNj0lIEPDazMXT gUaI6KA8aZfGzqWNOKemoXZLZ+eoYsODiHxedA7FgIhmkaSfWGxzTkjqwu3sbzbI A1i5AnBEuOkjxAzzVup0mJc8DDXlQdhFDCLEd5qRRpTcluU7+DUpsSV1CUdWscvW nrvI+91Xi+tuBOocw55Bgo9PsEecEeK9UJ3OpvPa8m92y74KjIY+6uNEjQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNU9Ru1N5HQvZKH1qAwSA2aUU5N2MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNlMTBiODgxLWNjNGQtNDU3NS05MDM0LTZlYWNmYzExODQ1Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYSAwDQYJKoZIhvcNAQELBQADggEBAJQkTmmLLxTcmf6zdWZt gpqfSv21J/ryNtfCT+k/U5nMiJI9ryXNeIjtWyFPmeZf9b4cYN/mqQTUU1StFYXu y3UVQAKjTKxeC4rqWIvUnX+ELx1l1zrogUw7fKm/+W7ymF17tiT5yXhfY390X7NS YEOLJ/CrHtMwfD5V2mLp4rEga9RiIlgu6hsawZTOPquC5FFAJJHhlzR5WULmMZ/d 6DDk0OzYZOIO7L99NhMgYzQAAdiXrFUN+gcIyTXKCIcesFeAsVKpcsYqcuEZOF9h xVrERJJ7Sp/+cHKo4EJo1SR2ad2Tz4uhx2oreU2jHJuJBILChZo2xszSE1MLGnlR Q58= -----END CERTIFICATE-----Generated at Mon Oct 20 07:56:49 2025 by rpki-client