$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5b15b8cc-026d-4909-976b-a48a26fc3ee0.roa File: 5b15b8cc-026d-4909-976b-a48a26fc3ee0.roa (raw, json) Hash identifier: zEZbK2zZRrxMjhhVxJGab0TGI09pZiBZkd0XjqTXbWY= Subject key identifier: A5:6E:99:F6:FB:0D:DD:40:83:E6:B6:79:C9:7C:22:5A:53:48:01:E5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 60517CFC696DB7EC73CC01A4BC1F10B96509E844 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5b15b8cc-026d-4909-976b-a48a26fc3ee0.roa Signing time: Mon 13 Oct 2025 15:40:56 +0000 ROA not before: Mon 13 Oct 2025 15:40:56 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:8800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:51:7c:fc:69:6d:b7:ec:73:cc:01:a4:bc:1f:10:b9:65:09:e8:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:40:56 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=06aaf8242835b6fe5aec6a175173a6e3dbae45c9baf52a1c3ae5a35119e508b4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:2e:0b:fc:62:2a:5b:43:dd:82:8f:82:d9:ee: b8:99:4d:92:45:0e:98:7b:db:49:f1:a4:61:cd:7c: fb:a7:0d:49:ea:6e:84:d9:2c:79:d9:9e:a0:e0:18: b0:eb:f4:bd:87:1f:f7:a3:aa:55:0c:00:38:9e:59: 03:ec:ec:fe:4a:44:2b:64:88:d3:03:c6:e5:76:b8: ea:e6:63:d3:c2:0f:eb:20:b8:74:d6:ad:61:e7:ed: d8:8b:e9:3e:1e:fb:ac:0b:79:cb:1c:51:7c:72:e0: 42:a7:38:f2:92:ef:d0:9f:ae:4a:37:23:89:3a:0f: 0b:8b:ba:6e:b0:f8:a7:16:83:64:11:05:d4:31:2c: d1:9e:09:96:6c:be:5e:5a:e8:3b:90:b7:8d:1b:70: 5c:e1:a4:28:7a:68:6d:49:ec:20:80:11:85:e9:98: 2b:71:19:78:df:90:20:b5:96:5b:d3:a0:cb:cb:eb: 2c:8b:53:5d:34:27:bb:4c:36:de:43:f6:a2:f9:2e: 4d:6d:fd:7d:d5:53:d8:25:f8:ae:d0:c2:87:59:ec: 29:7e:09:47:0b:c1:93:3e:60:16:62:96:9b:a8:09: dd:b8:a7:57:49:7b:18:04:11:98:1c:aa:20:2a:b9: a3:b3:bb:b0:0c:3a:a7:7c:c3:92:7e:6e:6e:d0:65: 6a:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:6E:99:F6:FB:0D:DD:40:83:E6:B6:79:C9:7C:22:5A:53:48:01:E5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5b15b8cc-026d-4909-976b-a48a26fc3ee0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:8800::/40 Signature Algorithm: sha256WithRSAEncryption 3d:dd:a6:4d:26:4d:17:e9:1e:45:e1:03:15:65:c8:a9:ec:01: 78:bd:d0:a1:86:5f:9a:1d:b5:64:71:63:ca:84:8f:4a:27:09: 14:f9:e9:f5:0a:74:f9:8b:d3:82:b6:68:d8:9a:83:25:06:e9: 92:78:02:25:d5:2e:f9:1b:d8:55:11:56:ac:fe:94:67:ca:a8: 43:34:ed:e8:cd:31:5d:44:90:01:5d:3b:6a:ce:de:69:43:a6: b0:11:88:fa:17:84:f3:4c:66:ca:d9:3c:01:23:9d:df:32:a7: ce:0b:7f:d0:5e:53:b7:63:70:ad:a6:d9:44:79:9f:16:a7:4f: b2:72:97:3e:6d:5e:35:cb:a9:b7:4c:51:e1:6b:9f:99:d6:ef: fe:b0:eb:a8:ad:c5:f2:e1:7c:a7:cb:7f:fa:1f:e3:75:d9:3c: 4c:44:be:14:72:71:ea:f0:7f:0a:86:1d:fa:35:9a:71:48:01: 4a:1d:65:1e:39:e8:0e:78:0a:7b:c1:58:20:a4:e6:57:5c:b3: 83:d8:e4:cf:98:d4:58:8e:6f:51:0c:46:e8:f0:4d:66:54:da: 70:93:50:11:b3:22:a6:cc:21:b9:cd:00:72:38:76:c2:9f:59: 1f:70:9d:2c:a2:4e:0e:5f:13:76:03:21:14:1d:c0:56:77:13: 89:94:8c:ea -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUYFF8/Gltt+xzzAGkvB8QuWUJ6EQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1NDA1NloX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNAMDZhYWY4MjQyODM1YjZmZTVhZWM2 YTE3NTE3M2E2ZTNkYmFlNDVjOWJhZjUyYTFjM2FlNWEzNTExOWU1MDhiNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxy4L/GIqW0Pdgo+C2e64mU2SRQ6Y e9tJ8aRhzXz7pw1J6m6E2Sx52Z6g4Biw6/S9hx/3o6pVDAA4nlkD7Oz+SkQrZIjT A8bldrjq5mPTwg/rILh01q1h5+3Yi+k+HvusC3nLHFF8cuBCpzjyku/Qn65KNyOJ Og8Li7pusPinFoNkEQXUMSzRngmWbL5eWug7kLeNG3Bc4aQoemhtSewggBGF6Zgr cRl435AgtZZb06DLy+ssi1NdNCe7TDbeQ/ai+S5Nbf191VPYJfiu0MKHWewpfglH C8GTPmAWYpabqAnduKdXSXsYBBGYHKogKrmjs7uwDDqnfMOSfm5u0GVqBQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKVumfb7Dd1Ag+a2ecl8IlpTSAHlMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzViMTViOGNjLTAyNmQtNDkwOS05NzZiLWE0OGEyNmZjM2VlMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/4gwDQYJKoZIhvcNAQELBQADggEBAD3dpk0mTRfpHkXhAxVl yKnsAXi90KGGX5odtWRxY8qEj0onCRT56fUKdPmL04K2aNiagyUG6ZJ4AiXVLvkb 2FURVqz+lGfKqEM07ejNMV1EkAFdO2rO3mlDprARiPoXhPNMZsrZPAEjnd8yp84L f9BeU7djcK2m2UR5nxanT7Jylz5tXjXLqbdMUeFrn5nW7/6w66itxfLhfKfLf/of 43XZPExEvhRycerwfwqGHfo1mnFIAUodZR456A54CnvBWCCk5ldcs4PY5M+Y1FiO b1EMRujwTWZU2nCTUBGzIqbMIbnNAHI4dsKfWR9wnSyiTg5fE3YDIRQdwFZ3E4mU jOo= -----END CERTIFICATE-----Generated at Mon Oct 20 12:32:24 2025 by rpki-client