$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/41e0909c-5b11-419b-8046-ee979b1850a3.roa File: 41e0909c-5b11-419b-8046-ee979b1850a3.roa (raw, json) Hash identifier: cB7280P0aZscA40HGdaRi8Zy7hLCyWWLYyRBGpBq6z8= Subject key identifier: 44:AC:B6:44:20:E8:00:46:6F:B2:4F:27:40:23:C6:9A:12:03:3E:10 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 18DB0F31C59C90C22C5FCDA3A426A1E54A1BE3AF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/41e0909c-5b11-419b-8046-ee979b1850a3.roa Signing time: Wed 08 Oct 2025 00:00:06 +0000 ROA not before: Wed 08 Oct 2025 00:00:06 +0000 ROA not after: Wed 12 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:db:0f:31:c5:9c:90:c2:2c:5f:cd:a3:a4:26:a1:e5:4a:1b:e3:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 8 00:00:06 2025 GMT Not After : Nov 12 23:59:59 2025 GMT Subject: serialNumber=d641d9648198c2a9428c8cf47cdaf146f2545ae21ea3abba68f07acb45ebed0b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:18:32:2e:32:32:88:51:dc:74:1f:ed:07:66: 71:84:f4:a8:5a:d5:da:5d:6f:fc:5b:50:fe:27:bc: ec:16:57:11:61:13:6e:8c:02:64:2a:b0:b4:e0:eb: ef:7f:35:a1:39:f3:3b:ae:86:46:31:fb:25:0d:85: b8:16:26:48:22:6d:52:cb:48:3e:4b:e3:ce:12:e8: 55:6f:49:ff:ce:57:40:90:51:09:ab:26:6b:98:19: d0:45:0f:a5:78:da:aa:54:6d:c7:1f:88:8c:96:4c: 92:88:b4:d5:44:e8:e9:9e:39:30:70:fd:21:0f:79: 2b:80:82:09:ad:c7:fd:ac:f2:ba:1a:97:1a:34:8e: a5:d3:a3:5f:72:f4:c0:c5:6f:58:6e:a4:5f:bc:98: 9a:84:83:d4:56:c9:60:c7:03:15:cc:ea:c6:02:83: ee:6c:e4:5b:54:db:ef:b3:c3:92:97:00:b0:11:50: 85:db:91:97:36:c3:43:cd:12:80:60:6c:ab:a5:a5: 8e:be:64:97:0f:f9:cd:31:de:e2:c5:71:fe:18:62: 70:6e:b8:10:88:a5:a3:1c:f8:36:8c:53:92:1b:e8: 88:23:4c:59:7c:ff:b2:81:ad:37:76:00:d9:7f:72: 84:d3:7b:d6:bd:39:99:10:2f:f5:eb:24:7a:ba:60: 39:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:AC:B6:44:20:E8:00:46:6F:B2:4F:27:40:23:C6:9A:12:03:3E:10 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/41e0909c-5b11-419b-8046-ee979b1850a3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:8800::/40 Signature Algorithm: sha256WithRSAEncryption 98:18:b8:63:88:fe:6c:37:09:72:82:e0:b0:c7:fb:28:97:00: f7:88:4b:a2:33:17:aa:61:4c:0a:5f:ff:c2:fa:e7:32:e9:f4: e0:10:f2:91:fe:83:e6:7d:ef:f9:c1:4d:55:d5:01:b0:71:33: 8b:41:1a:28:7c:ba:ca:16:10:21:87:96:d9:d2:91:40:33:e9: 08:7f:a6:da:26:db:65:f6:83:43:78:9f:fd:e6:ba:f0:6a:ce: 2a:a5:be:85:ea:7e:be:95:e7:f8:ec:a3:28:9b:ac:40:ac:61: 09:18:15:f2:4b:ca:d2:d7:f8:ec:fd:5b:00:e7:6a:74:55:2c: 7a:6b:85:c6:77:8b:6d:8c:8f:e3:98:ac:05:6d:ee:13:8c:c4: ea:ce:3a:7c:99:96:be:f2:35:c3:23:73:9e:82:0c:81:9d:05: ec:77:6d:bc:b9:30:b4:3e:3e:b7:db:58:70:09:d6:1c:91:9a: d4:a0:67:66:3d:5d:74:b1:2d:51:28:60:12:47:71:9a:db:22: a7:21:f1:39:67:c7:f4:41:92:72:93:cc:e2:b5:19:f9:30:8f: 3d:19:d5:e0:db:cc:6f:1c:10:98:b6:e8:c9:79:63:62:ba:53: 90:c7:18:84:59:78:45:67:b4:e7:85:dc:c4:e4:1d:bd:09:d0: 6b:d1:56:17 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGNsPMcWckMIsX82jpCah5Uob468wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwODAwMDAwNloX DTI1MTExMjIzNTk1OVowejFJMEcGA1UEBRNAZDY0MWQ5NjQ4MTk4YzJhOTQyOGM4 Y2Y0N2NkYWYxNDZmMjU0NWFlMjFlYTNhYmJhNjhmMDdhY2I0NWViZWQwYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBgyLjIyiFHcdB/tB2ZxhPSoWtXa XW/8W1D+J7zsFlcRYRNujAJkKrC04OvvfzWhOfM7roZGMfslDYW4FiZIIm1Sy0g+ S+POEuhVb0n/zldAkFEJqyZrmBnQRQ+leNqqVG3HH4iMlkySiLTVROjpnjkwcP0h D3krgIIJrcf9rPK6GpcaNI6l06NfcvTAxW9YbqRfvJiahIPUVslgxwMVzOrGAoPu bORbVNvvs8OSlwCwEVCF25GXNsNDzRKAYGyrpaWOvmSXD/nNMd7ixXH+GGJwbrgQ iKWjHPg2jFOSG+iII0xZfP+yga03dgDZf3KE03vWvTmZEC/16yR6umA56wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFESstkQg6ABGb7JPJ0AjxpoSAz4QMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQxZTA5MDljLTViMTEtNDE5Yi04MDQ2LWVlOTc5YjE4NTBhMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYIgwDQYJKoZIhvcNAQELBQADggEBAJgYuGOI/mw3CXKC4LDH +yiXAPeIS6IzF6phTApf/8L65zLp9OAQ8pH+g+Z97/nBTVXVAbBxM4tBGih8usoW ECGHltnSkUAz6Qh/ptom22X2g0N4n/3muvBqziqlvoXqfr6V5/jsoyibrECsYQkY FfJLytLX+Oz9WwDnanRVLHprhcZ3i22Mj+OYrAVt7hOMxOrOOnyZlr7yNcMjc56C DIGdBex3bby5MLQ+PrfbWHAJ1hyRmtSgZ2Y9XXSxLVEoYBJHcZrbIqch8Tlnx/RB knKTzOK1Gfkwjz0Z1eDbzG8cEJi26Ml5Y2K6U5DHGIRZeEVntOeF3MTkHb0J0GvR Vhc= -----END CERTIFICATE-----Generated at Mon Oct 20 09:57:45 2025 by rpki-client