$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c01d0b7-a36c-4fd4-8763-5cffae96bc6a.roa File: 4c01d0b7-a36c-4fd4-8763-5cffae96bc6a.roa (raw, json) Hash identifier: lksSa1aw71bLO7vfUq8s0VmKwZCmZC2p3nM9ix5mqBw= Subject key identifier: DD:91:99:D2:CC:74:5C:97:6C:9D:4C:F6:E3:29:14:D6:7E:F1:6C:0C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 048F6DFA452EF072D551507F062005D50AB2E857 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c01d0b7-a36c-4fd4-8763-5cffae96bc6a.roa Signing time: Mon 13 Oct 2025 15:50:04 +0000 ROA not before: Mon 13 Oct 2025 15:50:04 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:1080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:8f:6d:fa:45:2e:f0:72:d5:51:50:7f:06:20:05:d5:0a:b2:e8:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:50:04 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=a139789e2703ec5fb4153e5bed8f11caf60a6a778d0c9947c562833504e35546, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:22:6d:72:ca:56:a5:28:21:b2:18:c3:c2:11: 16:03:43:68:53:a9:18:e3:37:3a:1b:7f:41:a5:cc: 6f:b1:ee:9b:be:f2:34:f9:5b:b9:39:36:94:ca:c6: 4c:1e:36:b8:2b:0e:80:45:2c:f7:d7:81:19:b9:8d: 42:7e:bb:ae:73:9a:65:49:75:d7:10:71:40:3f:fe: 0b:36:a1:82:89:60:42:56:d4:ec:7d:a8:a6:b7:ec: 8b:84:86:ab:4b:8d:41:f4:59:af:a1:5d:1f:e0:b4: 2b:3d:5f:34:4e:63:e1:b4:9c:82:c7:27:01:aa:55: df:69:17:96:52:88:01:ef:eb:98:aa:e5:5d:f4:87: fb:d4:68:af:46:9f:c5:a7:9d:f0:0d:80:65:68:98: 17:51:73:41:07:13:3a:40:13:f9:5a:45:6a:65:37: 58:a8:ba:07:49:ce:16:8b:b8:77:9e:e1:3b:c3:2a: bd:68:e2:d1:06:a8:05:45:80:86:83:02:49:4a:68: 64:6f:84:16:16:ce:a9:e0:c2:08:39:45:6b:df:f9: 61:da:51:d8:15:e6:2c:09:8e:4b:a5:45:ea:87:3d: 25:f8:72:ec:4e:40:37:53:e4:7e:c0:ea:ae:bc:2a: 91:9b:4e:aa:ab:73:d0:51:80:60:a5:04:77:a8:78: 8d:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:91:99:D2:CC:74:5C:97:6C:9D:4C:F6:E3:29:14:D6:7E:F1:6C:0C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c01d0b7-a36c-4fd4-8763-5cffae96bc6a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:1080::/48 Signature Algorithm: sha256WithRSAEncryption 15:4e:4d:39:ea:05:97:be:db:d6:52:be:60:b2:25:27:56:44: 3f:c7:ce:1a:fb:23:1b:97:00:11:8f:71:0c:96:14:56:f1:4d: c5:0c:23:92:77:d3:51:cf:a5:16:54:5e:0e:57:b5:9c:3d:89: 8b:ab:be:ea:b6:46:60:7b:c4:0b:1e:b9:7b:08:5e:cd:7c:34: ad:eb:e1:8d:a2:6e:7b:7f:61:45:42:dd:34:a1:8b:d4:a2:2d: d6:0e:50:f2:2b:8e:f9:d0:72:f9:88:0b:b3:b7:ad:5d:8e:ff: 78:b7:d0:58:8e:b4:25:6c:b5:f9:0b:b0:43:b5:8b:9a:7a:b6: 12:74:a8:cd:5c:e2:56:61:49:ef:78:d1:30:ad:21:f4:09:32: b4:83:ce:ab:cb:a7:62:31:5d:0d:09:23:c7:2d:14:43:d8:0b: 99:e1:d5:8a:db:20:d8:7e:0e:11:99:c1:51:82:25:bb:33:62: fc:b4:e7:23:0d:a6:eb:c0:af:38:64:a2:8d:e7:fb:01:b8:00: d1:a0:4a:00:39:f0:b2:93:27:62:75:57:bd:a8:ef:f1:1e:6d: 9b:88:1e:23:af:b1:87:d0:37:a3:90:73:91:d0:62:7a:2b:b7: 83:e6:39:55:97:36:53:25:6f:9e:75:2b:aa:25:f7:61:38:65: 15:12:b9:73 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUBI9t+kUu8HLVUVB/BiAF1Qqy6FcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1NTAwNFoX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNAYTEzOTc4OWUyNzAzZWM1ZmI0MTUz ZTViZWQ4ZjExY2FmNjBhNmE3NzhkMGM5OTQ3YzU2MjgzMzUwNGUzNTU0NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSJtcspWpSghshjDwhEWA0NoU6kY 4zc6G39Bpcxvse6bvvI0+Vu5OTaUysZMHja4Kw6ARSz314EZuY1Cfruuc5plSXXX EHFAP/4LNqGCiWBCVtTsfaimt+yLhIarS41B9FmvoV0f4LQrPV80TmPhtJyCxycB qlXfaReWUogB7+uYquVd9If71GivRp/Fp53wDYBlaJgXUXNBBxM6QBP5WkVqZTdY qLoHSc4Wi7h3nuE7wyq9aOLRBqgFRYCGgwJJSmhkb4QWFs6p4MIIOUVr3/lh2lHY FeYsCY5LpUXqhz0l+HLsTkA3U+R+wOquvCqRm06qq3PQUYBgpQR3qHiNSwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFN2RmdLMdFyXbJ1M9uMpFNZ+8WwMMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRjMDFkMGI3LWEzNmMtNGZkNC04NzYzLTVjZmZhZTk2YmM2YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaABCAMA0GCSqGSIb3DQEBCwUAA4IBAQAVTk056gWXvtvWUr5g siUnVkQ/x84a+yMblwARj3EMlhRW8U3FDCOSd9NRz6UWVF4OV7WcPYmLq77qtkZg e8QLHrl7CF7NfDSt6+GNom57f2FFQt00oYvUoi3WDlDyK4750HL5iAuzt61djv94 t9BYjrQlbLX5C7BDtYuaerYSdKjNXOJWYUnveNEwrSH0CTK0g86ry6diMV0NCSPH LRRD2AuZ4dWK2yDYfg4RmcFRgiW7M2L8tOcjDabrwK84ZKKN5/sBuADRoEoAOfCy kydidVe9qO/xHm2biB4jr7GH0DejkHOR0GJ6K7eD5jlVlzZTJW+edSuqJfdhOGUV Erlz -----END CERTIFICATE-----Generated at Mon Oct 20 12:33:04 2025 by rpki-client