$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4f94d4be-2864-45c5-a16e-6384684a8060.roa File: 4f94d4be-2864-45c5-a16e-6384684a8060.roa (raw, json) Hash identifier: 758y4/seriwaPsVhXlDZKcOteiA4o7VPXoi1aDujk+4= Subject key identifier: 19:3E:77:10:B9:A4:1C:37:5F:0A:2D:D9:18:DF:B0:77:98:2D:56:23 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 53778EBB1F8453071D0CEA3BB91CEB25734CB191 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4f94d4be-2864-45c5-a16e-6384684a8060.roa Signing time: Wed 15 Oct 2025 00:40:14 +0000 ROA not before: Wed 15 Oct 2025 00:40:14 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da16:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:77:8e:bb:1f:84:53:07:1d:0c:ea:3b:b9:1c:eb:25:73:4c:b1:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:40:14 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=06b997b472842cd41e2858e09b5eb548e5704a379e5a09f723ae79e74414310b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:95:1d:46:2e:22:26:e7:9e:fb:f0:ff:43:08: 2b:31:f0:92:90:a6:c9:bb:8d:8f:00:08:62:a1:d3: 30:85:99:72:5a:6b:72:dc:dd:68:68:5c:d8:39:fd: 68:94:36:00:c7:99:57:cd:18:56:d7:5c:17:87:74: 96:d4:15:e9:55:69:24:04:51:9d:e6:b6:5b:4f:fa: 69:d9:4a:7d:f1:5c:5b:b1:a7:2f:cc:c6:77:33:e0: 7e:02:58:7f:a5:02:ef:ad:ec:95:97:4e:b7:76:25: 53:42:94:70:44:13:f8:92:16:40:b4:ea:d9:a4:c1: f9:8a:95:94:73:76:02:8d:f6:27:4b:a4:40:71:13: f0:46:a3:17:d1:77:7f:89:c5:67:2c:f5:0d:ef:49: b1:c0:47:54:81:ff:71:46:e0:9f:4f:3b:7a:25:8f: 11:2c:9e:72:12:79:66:96:b7:34:db:cb:c7:24:c7: 61:04:23:c5:eb:f9:82:a6:4c:e6:dd:22:31:23:5e: 40:e1:f6:9b:ad:b3:12:a0:d7:d7:b0:fb:72:97:96: c5:8b:0d:0a:ee:93:9a:75:96:b1:79:66:a6:b0:2d: 11:2f:d3:cb:6a:dd:8c:aa:03:f3:ee:13:76:e2:2f: d4:e6:f8:c9:16:c5:7b:5d:b8:95:19:f2:32:ec:a2: c4:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:3E:77:10:B9:A4:1C:37:5F:0A:2D:D9:18:DF:B0:77:98:2D:56:23 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4f94d4be-2864-45c5-a16e-6384684a8060.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da16:400::/38 Signature Algorithm: sha256WithRSAEncryption ad:46:93:07:ed:a2:98:3d:04:0d:c0:e5:96:71:2c:f1:65:56: da:12:c0:eb:0c:68:06:2a:0b:31:02:12:95:cf:f1:45:27:f4: 9e:83:7b:6c:71:83:22:ea:b5:0c:78:00:a5:ea:61:8a:4d:6f: 74:33:1b:73:c8:2f:f5:ea:7a:31:51:92:a6:cb:7f:1e:ae:d0: 8d:11:4b:d9:86:5b:c7:c9:fc:52:16:af:56:b3:34:fd:60:c3: 2c:97:0d:85:0f:c1:1b:a7:1c:43:54:bf:2a:a3:9b:fc:d9:bc: 92:06:34:ee:94:3d:d3:e3:2e:69:04:a2:23:f9:c7:d6:e2:15: 8c:6f:5e:f1:19:43:c1:04:11:f1:b4:da:3f:48:bf:3f:06:bd: 7b:10:c8:c6:80:39:c3:46:81:29:1b:76:8e:7a:d2:ec:01:42: ea:a5:12:a9:fb:a9:d8:d2:41:6e:ca:4b:ce:15:d1:75:e5:21: 3c:32:34:44:55:6f:8d:0c:70:be:25:9f:d6:49:32:fd:57:8c: 0e:94:64:33:90:1e:58:c6:05:39:1f:bb:37:c2:65:8a:71:0e: 24:0e:e4:1e:d1:f3:11:09:8d:e7:f2:66:0d:93:5a:67:d4:b6: 2f:8f:43:ee:b9:6f:95:fc:eb:9f:99:f6:8d:ce:16:d6:e5:c4: 52:18:cc:6f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUU3eOux+EUwcdDOo7uRzrJXNMsZEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwNDAxNFoX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNAMDZiOTk3YjQ3Mjg0MmNkNDFlMjg1 OGUwOWI1ZWI1NDhlNTcwNGEzNzllNWEwOWY3MjNhZTc5ZTc0NDE0MzEwYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpUdRi4iJuee+/D/QwgrMfCSkKbJ u42PAAhiodMwhZlyWmty3N1oaFzYOf1olDYAx5lXzRhW11wXh3SW1BXpVWkkBFGd 5rZbT/pp2Up98VxbsacvzMZ3M+B+Alh/pQLvreyVl063diVTQpRwRBP4khZAtOrZ pMH5ipWUc3YCjfYnS6RAcRPwRqMX0Xd/icVnLPUN70mxwEdUgf9xRuCfTzt6JY8R LJ5yEnlmlrc028vHJMdhBCPF6/mCpkzm3SIxI15A4fabrbMSoNfXsPtyl5bFiw0K 7pOadZaxeWamsC0RL9PLat2MqgPz7hN24i/U5vjJFsV7XbiVGfIy7KLELQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBk+dxC5pBw3Xwot2RjfsHeYLVYjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRmOTRkNGJlLTI4NjQtNDVjNS1hMTZlLTYzODQ2ODRhODA2MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaFgQwDQYJKoZIhvcNAQELBQADggEBAK1Gkwftopg9BA3A5ZZx LPFlVtoSwOsMaAYqCzECEpXP8UUn9J6De2xxgyLqtQx4AKXqYYpNb3QzG3PIL/Xq ejFRkqbLfx6u0I0RS9mGW8fJ/FIWr1azNP1gwyyXDYUPwRunHENUvyqjm/zZvJIG NO6UPdPjLmkEoiP5x9biFYxvXvEZQ8EEEfG02j9Ivz8GvXsQyMaAOcNGgSkbdo56 0uwBQuqlEqn7qdjSQW7KS84V0XXlITwyNERVb40McL4ln9ZJMv1XjA6UZDOQHljG BTkfuzfCZYpxDiQO5B7R8xEJjefyZg2TWmfUti+PQ+65b5X865+Z9o3OFtblxFIY zG8= -----END CERTIFICATE-----Generated at Mon Oct 20 18:19:20 2025 by rpki-client