$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/43106760-fb11-4c13-8812-4fe15299b252.roa File: 43106760-fb11-4c13-8812-4fe15299b252.roa (raw, json) Hash identifier: iUoTrLrADuxXjTk1OcfwQwcoEit9LUN9K7G0TugptNg= Subject key identifier: AC:F7:33:72:65:1A:CF:AE:F8:2E:71:EE:90:0F:9A:9E:B9:2B:E6:71 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 246564C43D7BF07EA1044BD4C6BCF757E648A7A8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/43106760-fb11-4c13-8812-4fe15299b252.roa Signing time: Fri 10 Oct 2025 00:00:03 +0000 ROA not before: Fri 10 Oct 2025 00:00:03 +0000 ROA not after: Fri 14 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:2000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:65:64:c4:3d:7b:f0:7e:a1:04:4b:d4:c6:bc:f7:57:e6:48:a7:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 10 00:00:03 2025 GMT Not After : Nov 14 23:59:59 2025 GMT Subject: serialNumber=54b430dc0f0ddd19aa638226b1014517e1649bf64c40ab54e14a3e1b707a1270, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:bf:46:b0:fe:22:af:08:4e:ed:b1:cd:fe:f8: 30:8c:c7:68:54:12:f6:b8:37:a5:96:4a:a0:8d:7d: f5:2c:f7:77:92:ce:a1:fe:60:35:d4:5f:45:e8:d4: 0e:df:a0:22:8e:e5:67:62:dd:ce:97:cd:4d:4e:78: b5:24:eb:d6:a2:69:5e:15:c1:e9:07:4b:a6:29:0b: 91:2f:ef:db:74:9b:ab:aa:92:df:12:6b:65:c8:f4: 8a:16:d9:d4:d7:78:99:9c:f5:5a:39:f1:3f:e1:15: b0:64:71:aa:0b:d8:e0:72:b4:da:a4:a2:f0:28:3a: c8:5a:a3:78:57:fe:e7:ea:97:11:9a:18:8f:e1:e9: 98:8b:8d:29:8a:e5:9e:c2:50:21:83:73:ce:c1:22: 2f:67:3f:e2:8c:c9:c9:07:61:33:67:b4:7e:f3:46: 8c:57:de:c1:40:1c:a5:1a:a6:12:10:04:6c:99:8b: ba:7c:2e:57:6b:4c:1f:f3:44:6d:09:df:ee:65:7d: 6c:b6:6c:52:f5:60:a7:7c:a4:49:c6:6e:33:4d:34: 1a:82:fb:2f:3d:91:e6:9f:d8:ca:53:0d:cb:cc:98: 5c:f5:48:f6:f7:6d:c5:bb:b2:bc:b8:1a:67:86:5f: d6:fc:c5:63:51:47:5d:49:cf:30:7f:9c:ce:a2:e7: 5f:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:F7:33:72:65:1A:CF:AE:F8:2E:71:EE:90:0F:9A:9E:B9:2B:E6:71 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/43106760-fb11-4c13-8812-4fe15299b252.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:2000::/48 Signature Algorithm: sha256WithRSAEncryption c9:f6:90:a2:fb:9d:97:fc:ac:72:6e:7b:7e:f7:46:05:ff:71: 04:6c:fe:19:29:bf:3b:8a:7e:2a:88:b0:03:5b:bd:42:0f:7f: 35:8b:f3:75:ae:bf:83:b6:4e:e9:dc:78:91:ad:10:15:11:da: 26:75:7f:be:41:54:a3:c8:ce:77:68:97:c3:f7:d1:c8:7a:92: 53:27:cd:1c:da:46:37:90:7e:08:c9:66:b2:0b:53:fd:27:23: 37:2e:ee:a2:6f:b8:6e:c7:8c:f5:19:1f:64:48:40:40:db:57: db:4a:75:25:e8:ef:22:db:31:d1:c9:46:82:bb:c0:89:2c:91: 3d:52:c5:d6:2d:be:5e:00:53:95:06:93:ff:ac:f7:3e:32:a9: 93:07:75:41:10:5a:42:2d:12:8a:64:76:71:fd:f7:0e:0e:8c: ad:2c:a5:f8:9f:75:e1:15:06:6e:2e:00:f5:91:06:97:1b:0a: 43:bb:8f:a7:6b:0f:b8:e6:d0:71:38:fe:01:08:44:62:16:14: 89:ea:c4:68:f9:05:53:eb:5d:b5:0d:8a:b6:11:6d:ac:d7:bd: 68:53:77:c4:de:40:7c:58:73:a2:15:8a:8a:df:25:51:36:7d: f0:6b:7d:c4:f1:80:a9:00:4e:a8:0e:8c:ac:6a:2f:f7:0a:25: f9:7c:35:92 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUJGVkxD178H6hBEvUxrz3V+ZIp6gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMDAwMDAwM1oX DTI1MTExNDIzNTk1OVowejFJMEcGA1UEBRNANTRiNDMwZGMwZjBkZGQxOWFhNjM4 MjI2YjEwMTQ1MTdlMTY0OWJmNjRjNDBhYjU0ZTE0YTNlMWI3MDdhMTI3MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm79GsP4irwhO7bHN/vgwjMdoVBL2 uDellkqgjX31LPd3ks6h/mA11F9F6NQO36AijuVnYt3Ol81NTni1JOvWomleFcHp B0umKQuRL+/bdJurqpLfEmtlyPSKFtnU13iZnPVaOfE/4RWwZHGqC9jgcrTapKLw KDrIWqN4V/7n6pcRmhiP4emYi40piuWewlAhg3POwSIvZz/ijMnJB2EzZ7R+80aM V97BQBylGqYSEARsmYu6fC5Xa0wf80RtCd/uZX1stmxS9WCnfKRJxm4zTTQagvsv PZHmn9jKUw3LzJhc9Uj2923Fu7K8uBpnhl/W/MVjUUddSc8wf5zOoudfdwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKz3M3JlGs+u+C5x7pAPmp65K+ZxMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQzMTA2NzYwLWZiMTEtNGMxMy04ODEyLTRmZTE1Mjk5YjI1Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9iAAMA0GCSqGSIb3DQEBCwUAA4IBAQDJ9pCi+52X/Kxybnt+ 90YF/3EEbP4ZKb87in4qiLADW71CD381i/N1rr+Dtk7p3HiRrRAVEdomdX++QVSj yM53aJfD99HIepJTJ80c2kY3kH4IyWayC1P9JyM3Lu6ib7hux4z1GR9kSEBA21fb SnUl6O8i2zHRyUaCu8CJLJE9UsXWLb5eAFOVBpP/rPc+MqmTB3VBEFpCLRKKZHZx /fcODoytLKX4n3XhFQZuLgD1kQaXGwpDu4+naw+45tBxOP4BCERiFhSJ6sRo+QVT 6121DYq2EW2s171oU3fE3kB8WHOiFYqK3yVRNn3wa33E8YCpAE6oDoysai/3CiX5 fDWS -----END CERTIFICATE-----Generated at Mon Oct 20 13:11:30 2025 by rpki-client