$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c10d3b9-c357-4dde-9e35-8b451ebe7bad.roa File: 4c10d3b9-c357-4dde-9e35-8b451ebe7bad.roa (raw, json) Hash identifier: kDmGjNEdZlgCWTkGOS4T+dPqT20x4awah6touraJRps= Subject key identifier: 52:EB:88:27:5D:A8:24:8F:80:FD:E9:FA:52:53:F1:23:5F:04:71:86 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 57A7E61724DF06EE8B6BC25AA5270C61DBC004ED Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c10d3b9-c357-4dde-9e35-8b451ebe7bad.roa Signing time: Wed 08 Oct 2025 00:00:32 +0000 ROA not before: Wed 08 Oct 2025 00:00:32 +0000 ROA not after: Wed 12 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:a7:e6:17:24:df:06:ee:8b:6b:c2:5a:a5:27:0c:61:db:c0:04:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 8 00:00:32 2025 GMT Not After : Nov 12 23:59:59 2025 GMT Subject: serialNumber=d5b0262153dfa69aed3865a39423edd82c3a8945e85c5474fafcf9769f63f1a6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:f0:f9:8f:0e:e6:1a:ed:45:0b:91:80:40:05: fe:60:14:96:d8:5d:3d:8d:a0:2f:6c:e0:78:08:d2: 4d:49:41:8b:9e:cb:e5:a5:e5:0a:9f:e2:d8:5a:d2: 88:88:75:a0:d6:37:47:be:87:6b:8a:6d:fb:a5:04: f4:6f:91:5a:ce:59:97:5b:a3:cc:75:9f:3d:a3:af: 70:55:96:33:00:bb:3a:9f:73:23:72:04:06:2b:a6: 81:ee:53:2c:8e:08:2e:9c:78:44:8c:c6:e2:07:a6: 99:6f:59:d4:1b:50:e6:06:ec:1b:b9:f0:bf:42:12: f7:63:b1:dc:d1:4b:b2:ea:12:93:97:64:43:1e:5f: f5:f8:de:9d:07:09:b8:20:ed:e4:3d:14:d9:58:30: 7b:7a:45:c7:22:23:d9:5c:a1:d5:b4:69:b9:46:32: 93:de:a3:1f:50:80:73:db:b4:37:ac:25:cd:d0:c0: 05:b7:93:a7:f1:6a:b0:12:32:41:33:ae:09:e8:85: fa:17:21:fb:1e:ab:5c:14:cb:e8:9f:6a:60:3b:b3: 80:c6:52:51:88:4a:10:d4:c3:63:0f:cb:81:7c:8f: d3:e8:36:d6:d8:07:99:44:1d:44:0e:d7:44:10:27: d8:af:79:63:db:2c:a3:17:52:f6:54:f2:a6:03:6e: 41:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:EB:88:27:5D:A8:24:8F:80:FD:E9:FA:52:53:F1:23:5F:04:71:86 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c10d3b9-c357-4dde-9e35-8b451ebe7bad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:1000::/40 Signature Algorithm: sha256WithRSAEncryption 0b:e3:e1:89:c1:c6:68:78:3a:84:0a:5b:c1:7a:7b:7a:19:22: 43:34:24:be:38:dc:21:9b:35:06:be:34:c6:52:68:01:fc:8d: 9e:73:c9:8f:d3:95:52:5e:64:76:75:ae:8f:02:e5:8a:9e:b5: 34:59:d7:15:31:a7:02:c8:60:2c:32:8e:7e:ca:8a:27:54:9d: 01:74:7a:aa:58:a4:fb:56:6b:70:a6:82:46:80:c4:a4:d0:fb: fe:fe:8e:b4:5d:77:ac:0a:ec:1d:ba:84:e4:63:e3:bd:5b:48: ac:c5:fb:7c:b0:94:4a:bc:fb:f7:20:15:79:0d:fc:cc:4f:97: e8:15:71:44:b5:38:60:0b:12:a8:15:75:ac:49:31:ea:24:6c: 30:e0:fd:11:1b:16:35:eb:57:c7:48:23:36:f8:4c:ab:09:cf: 51:f1:d5:ed:0c:9a:3a:af:28:a0:ba:8a:18:9c:7b:08:55:a6: f0:a5:65:26:95:cd:c2:3b:18:aa:0c:bf:45:89:bf:f4:15:e5: f6:87:55:83:19:b9:e2:a4:cd:3c:8b:8c:53:02:10:a9:e5:37: 66:a6:a8:89:e8:39:98:6b:f4:d3:8e:98:9e:a5:7e:22:cd:80: d1:51:1d:06:78:2d:99:09:35:af:3b:7a:9b:79:94:ec:00:a9: 91:dd:19:e6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUV6fmFyTfBu6La8JapScMYdvABO0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwODAwMDAzMloX DTI1MTExMjIzNTk1OVowejFJMEcGA1UEBRNAZDViMDI2MjE1M2RmYTY5YWVkMzg2 NWEzOTQyM2VkZDgyYzNhODk0NWU4NWM1NDc0ZmFmY2Y5NzY5ZjYzZjFhNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/D5jw7mGu1FC5GAQAX+YBSW2F09 jaAvbOB4CNJNSUGLnsvlpeUKn+LYWtKIiHWg1jdHvodrim37pQT0b5FazlmXW6PM dZ89o69wVZYzALs6n3MjcgQGK6aB7lMsjggunHhEjMbiB6aZb1nUG1DmBuwbufC/ QhL3Y7Hc0Uuy6hKTl2RDHl/1+N6dBwm4IO3kPRTZWDB7ekXHIiPZXKHVtGm5RjKT 3qMfUIBz27Q3rCXN0MAFt5On8WqwEjJBM64J6IX6FyH7HqtcFMvon2pgO7OAxlJR iEoQ1MNjD8uBfI/T6DbW2AeZRB1EDtdEECfYr3lj2yyjF1L2VPKmA25BIQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFLriCddqCSPgP3p+lJT8SNfBHGGMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRjMTBkM2I5LWMzNTctNGRkZS05ZTM1LThiNDUxZWJlN2JhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9hAwDQYJKoZIhvcNAQELBQADggEBAAvj4YnBxmh4OoQKW8F6 e3oZIkM0JL443CGbNQa+NMZSaAH8jZ5zyY/TlVJeZHZ1ro8C5YqetTRZ1xUxpwLI YCwyjn7KiidUnQF0eqpYpPtWa3CmgkaAxKTQ+/7+jrRdd6wK7B26hORj471bSKzF +3ywlEq8+/cgFXkN/MxPl+gVcUS1OGALEqgVdaxJMeokbDDg/REbFjXrV8dIIzb4 TKsJz1Hx1e0MmjqvKKC6ihicewhVpvClZSaVzcI7GKoMv0WJv/QV5faHVYMZueKk zTyLjFMCEKnlN2amqInoOZhr9NOOmJ6lfiLNgNFRHQZ4LZkJNa87ept5lOwAqZHd GeY= -----END CERTIFICATE-----Generated at Mon Oct 20 20:16:33 2025 by rpki-client