$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c30dddf-9f6e-495d-8005-1d32fd6005a0.roa File: 5c30dddf-9f6e-495d-8005-1d32fd6005a0.roa (raw, json) Hash identifier: 9nl9A/bgNsoRNQuo2XenqxxrxmBa4hiZbEE7xsqUmoo= Subject key identifier: C8:55:42:0E:86:AE:C5:2E:97:F4:55:57:73:9D:C1:B5:AD:60:89:4F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 757215862788C7FAAF3651DF98789D9444F641D3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c30dddf-9f6e-495d-8005-1d32fd6005a0.roa Signing time: Sat 11 Oct 2025 00:20:08 +0000 ROA not before: Sat 11 Oct 2025 00:20:08 +0000 ROA not after: Sat 15 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:4840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:72:15:86:27:88:c7:fa:af:36:51:df:98:78:9d:94:44:f6:41:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 11 00:20:08 2025 GMT Not After : Nov 15 23:59:59 2025 GMT Subject: serialNumber=6ab7c42f07a7705e0e684d5d8a136cd44c896877e96adfb033b0dd7448a65ca6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:15:bd:9f:9b:08:5a:bc:0d:b1:7d:0f:79:9e: 5c:40:b3:25:04:71:fd:2c:65:b7:99:17:56:5b:d6: 24:f0:0c:da:9b:59:2c:e8:7f:4c:5b:97:f9:33:7c: 73:5c:0c:d0:6b:2a:3b:9d:5c:4f:92:c5:32:2b:a5: 74:64:7b:cb:b9:41:6f:f0:b9:d2:1f:73:18:fc:0d: a3:68:a5:f5:b6:0c:ec:73:70:98:32:72:e3:65:12: 88:ca:c9:ec:37:ca:a6:61:d9:e1:3c:65:6b:72:94: 76:97:2d:b8:e5:cb:8f:cf:b6:56:8e:98:e9:86:de: 58:37:5d:36:42:df:eb:fc:f4:45:41:d3:bc:a3:55: 1f:fb:5f:9d:0c:be:f9:c9:e9:4a:0b:dc:23:77:bd: cc:91:d1:9f:a1:e3:dc:df:ff:f2:92:fb:2d:29:36: 72:4a:44:4f:f9:bd:bf:ef:e4:b9:be:5b:a2:4f:d0: 2a:20:68:ff:55:9c:06:d0:13:4f:58:c4:90:7a:43: cc:06:46:7e:3a:37:e1:8a:2f:81:ec:0a:4b:1a:c4: 4f:45:66:3f:20:cf:e5:d3:53:e1:1a:3a:89:e5:83: dd:01:5a:7d:92:e0:11:7c:ab:c3:f3:1a:1c:eb:5f: 5f:7e:92:00:fc:22:2c:d3:80:7e:b7:2c:17:e4:fc: de:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:55:42:0E:86:AE:C5:2E:97:F4:55:57:73:9D:C1:B5:AD:60:89:4F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c30dddf-9f6e-495d-8005-1d32fd6005a0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:4840::/48 Signature Algorithm: sha256WithRSAEncryption 15:53:21:7c:12:98:f2:9a:16:0e:b8:84:15:33:b8:46:f0:14: df:36:22:61:ad:74:ac:90:37:8a:ce:8b:a2:7c:91:e5:f8:33: 54:eb:15:a5:b0:88:13:95:30:43:52:f2:e0:22:ee:00:95:19: e6:eb:33:d5:d0:5b:d7:3b:67:07:c3:6a:51:16:f4:25:1d:9f: 5d:65:ba:58:11:da:dd:56:f0:e4:bc:9a:ad:03:ef:c0:d0:1c: ab:15:b7:77:b4:77:fd:61:96:fb:0b:eb:96:a1:49:18:c6:7c: e5:9e:45:10:33:11:28:54:a0:c2:f7:f4:41:eb:e8:74:46:2f: a7:2f:46:29:11:8e:4d:c9:35:6f:70:65:76:10:3e:5a:3e:65: 47:86:0d:40:c7:24:4c:ea:49:02:03:cb:00:87:5d:ee:e7:d0: d3:af:a6:af:a7:af:2d:2b:b4:46:b3:63:df:5a:e3:78:46:d7: 6f:9c:bc:f7:ff:9d:54:ab:28:1e:bc:60:b0:62:aa:3c:30:19: a7:6d:63:c8:17:54:b9:7e:33:d0:45:54:95:e0:04:41:90:7f: 6f:37:43:91:f5:c4:6f:9b:67:4f:6b:aa:2d:86:2b:ec:c5:03: 2f:82:bb:5f:fc:62:0a:c2:3e:0b:36:d3:9b:d2:a2:8f:a0:81: 3c:1d:59:f7 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUdXIVhieIx/qvNlHfmHidlET2QdMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMTAwMjAwOFoX DTI1MTExNTIzNTk1OVowejFJMEcGA1UEBRNANmFiN2M0MmYwN2E3NzA1ZTBlNjg0 ZDVkOGExMzZjZDQ0Yzg5Njg3N2U5NmFkZmIwMzNiMGRkNzQ0OGE2NWNhNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhW9n5sIWrwNsX0PeZ5cQLMlBHH9 LGW3mRdWW9Yk8Azam1ks6H9MW5f5M3xzXAzQayo7nVxPksUyK6V0ZHvLuUFv8LnS H3MY/A2jaKX1tgzsc3CYMnLjZRKIysnsN8qmYdnhPGVrcpR2ly245cuPz7ZWjpjp ht5YN102Qt/r/PRFQdO8o1Uf+1+dDL75yelKC9wjd73MkdGfoePc3//ykvstKTZy SkRP+b2/7+S5vluiT9AqIGj/VZwG0BNPWMSQekPMBkZ+Ojfhii+B7ApLGsRPRWY/ IM/l01PhGjqJ5YPdAVp9kuARfKvD8xoc619ffpIA/CIs04B+tywX5PzetQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMhVQg6GrsUul/RVV3OdwbWtYIlPMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVjMzBkZGRmLTlmNmUtNDk1ZC04MDA1LTFkMzJmZDYwMDVhMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOEhAMA0GCSqGSIb3DQEBCwUAA4IBAQAVUyF8EpjymhYOuIQV M7hG8BTfNiJhrXSskDeKzouifJHl+DNU6xWlsIgTlTBDUvLgIu4AlRnm6zPV0FvX O2cHw2pRFvQlHZ9dZbpYEdrdVvDkvJqtA+/A0ByrFbd3tHf9YZb7C+uWoUkYxnzl nkUQMxEoVKDC9/RB6+h0Ri+nL0YpEY5NyTVvcGV2ED5aPmVHhg1AxyRM6kkCA8sA h13u59DTr6avp68tK7RGs2PfWuN4RtdvnLz3/51UqygevGCwYqo8MBmnbWPIF1S5 fjPQRVSV4ARBkH9vN0OR9cRvm2dPa6othivsxQMvgrtf/GIKwj4LNtOb0qKPoIE8 HVn3 -----END CERTIFICATE-----Generated at Mon Oct 20 07:20:01 2025 by rpki-client