$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5b5ea3b5-d1e1-4482-9795-44899d6c1b41.roa File: 5b5ea3b5-d1e1-4482-9795-44899d6c1b41.roa (raw, json) Hash identifier: P+TTz7hbORMBPw0sgD9Op/C6qmzxPID5HSGDHuM67/s= Subject key identifier: 1E:5D:82:C0:E6:E7:2B:A4:47:25:B0:55:4F:BD:5F:96:3B:CA:11:ED Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 431BB56258981CEC032EA8E4F7F77E7D4FD33B54 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5b5ea3b5-d1e1-4482-9795-44899d6c1b41.roa Signing time: Mon 13 Oct 2025 15:21:06 +0000 ROA not before: Mon 13 Oct 2025 15:21:06 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:7000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:1b:b5:62:58:98:1c:ec:03:2e:a8:e4:f7:f7:7e:7d:4f:d3:3b:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:21:06 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=8c72812678cf1fb61a6b593ed8176a896455e0c0782ce7432a7e41a2c1a22b1f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:ad:fe:6d:0a:19:d5:00:02:92:76:08:c0:72: 7d:9b:95:11:2d:c3:92:6e:64:60:e5:3e:82:54:1e: 02:a2:4b:77:c1:78:34:0b:25:b8:4c:21:68:d0:0a: e6:7f:bc:2d:7e:2a:43:42:eb:4f:3d:75:ce:3a:3f: 6a:a8:dd:20:32:7a:ad:9f:eb:61:42:f2:a6:ae:10: 44:88:66:50:90:34:99:47:23:a4:b7:00:7b:a1:b5: a6:7d:ee:e5:c4:00:17:83:d5:43:64:03:88:f4:0b: 6b:a3:6b:75:e2:98:c9:23:81:e7:ed:11:93:6a:f1: 33:6e:0b:e7:75:6d:47:ac:97:fa:6a:eb:e1:57:69: 8d:45:e7:d2:e7:d1:9f:1f:b0:f8:b0:f8:93:0f:88: fe:2f:17:36:24:05:1a:7f:28:d5:79:4d:48:9a:e6: 7a:59:f6:10:d7:54:a7:90:4b:e1:d4:7c:98:4d:61: 54:fe:e9:fc:29:31:82:82:b0:c0:b7:94:c4:da:28: 69:4a:dc:ea:8c:2c:63:68:62:9a:70:c6:3b:d2:ef: 9c:bc:53:6e:14:d1:24:0d:ef:4c:1c:62:64:6d:d1: 96:bc:d5:1d:3a:62:70:c7:c2:b2:18:e1:9a:c0:01: 7f:31:f2:b1:4c:81:e4:ad:68:83:68:fd:13:95:1d: 87:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:5D:82:C0:E6:E7:2B:A4:47:25:B0:55:4F:BD:5F:96:3B:CA:11:ED X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5b5ea3b5-d1e1-4482-9795-44899d6c1b41.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:7000::/40 Signature Algorithm: sha256WithRSAEncryption 10:92:8b:17:0b:77:3e:40:da:7b:ea:24:6d:2b:c2:5a:9d:10: aa:62:20:e4:d3:c2:f3:18:8a:d5:df:dd:0d:5e:c1:f6:f2:cc: f3:0e:da:cf:43:d2:7e:1f:11:9a:2a:4c:eb:aa:e5:cc:7a:af: d6:33:63:cb:ce:ee:63:86:dc:42:b7:c1:c9:05:da:b0:1b:f5: a3:43:72:82:23:39:d3:74:ee:1e:ec:6a:c8:d5:31:96:34:ab: f5:8e:ac:dc:41:33:e8:e0:58:82:29:5d:67:8e:ed:28:54:19: d4:9e:1e:01:4d:ec:b5:0f:cb:9c:30:b8:77:04:5c:16:d0:fb: 77:8e:29:4c:5e:18:83:7f:60:89:03:6f:fc:9e:38:bd:95:e2: 4a:9e:6d:cc:5d:d1:3e:c8:99:2c:25:f0:49:b1:f9:d9:46:e6: 08:c7:ab:97:d7:fd:36:e7:5f:1b:0c:2d:7b:4f:68:78:ed:75: 4c:72:ab:33:be:37:35:85:9b:b1:18:79:96:15:76:e3:96:22: ad:68:d7:f7:5d:6c:10:f3:f4:9b:ad:26:9b:83:15:a0:9c:ae: 71:ec:6d:0c:80:6f:ab:1e:4a:be:f9:9d:54:05:e7:f9:b2:92: fe:03:f2:3b:96:64:3e:cf:42:2a:cb:5c:a7:84:69:26:bb:f2: 82:89:e5:4f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQxu1YliYHOwDLqjk9/d+fU/TO1QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1MjEwNloX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNAOGM3MjgxMjY3OGNmMWZiNjFhNmI1 OTNlZDgxNzZhODk2NDU1ZTBjMDc4MmNlNzQzMmE3ZTQxYTJjMWEyMmIxZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs63+bQoZ1QACknYIwHJ9m5URLcOS bmRg5T6CVB4Cokt3wXg0CyW4TCFo0Armf7wtfipDQutPPXXOOj9qqN0gMnqtn+th QvKmrhBEiGZQkDSZRyOktwB7obWmfe7lxAAXg9VDZAOI9Atro2t14pjJI4Hn7RGT avEzbgvndW1HrJf6auvhV2mNRefS59GfH7D4sPiTD4j+Lxc2JAUafyjVeU1ImuZ6 WfYQ11SnkEvh1HyYTWFU/un8KTGCgrDAt5TE2ihpStzqjCxjaGKacMY70u+cvFNu FNEkDe9MHGJkbdGWvNUdOmJwx8KyGOGawAF/MfKxTIHkrWiDaP0TlR2H5QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFB5dgsDm5yukRyWwVU+9X5Y7yhHtMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzViNWVhM2I1LWQxZTEtNDQ4Mi05Nzk1LTQ0ODk5ZDZjMWI0MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYXAwDQYJKoZIhvcNAQELBQADggEBABCSixcLdz5A2nvqJG0r wlqdEKpiIOTTwvMYitXf3Q1ewfbyzPMO2s9D0n4fEZoqTOuq5cx6r9YzY8vO7mOG 3EK3wckF2rAb9aNDcoIjOdN07h7sasjVMZY0q/WOrNxBM+jgWIIpXWeO7ShUGdSe HgFN7LUPy5wwuHcEXBbQ+3eOKUxeGIN/YIkDb/yeOL2V4kqebcxd0T7ImSwl8Emx +dlG5gjHq5fX/TbnXxsMLXtPaHjtdUxyqzO+NzWFm7EYeZYVduOWIq1o1/ddbBDz 9JutJpuDFaCcrnHsbQyAb6seSr75nVQF5/mykv4D8juWZD7PQirLXKeEaSa78oKJ 5U8= -----END CERTIFICATE-----Generated at Mon Oct 20 09:54:42 2025 by rpki-client