$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/61c0a164-da93-428a-bae0-35d34ec93555.roa File: 61c0a164-da93-428a-bae0-35d34ec93555.roa (raw, json) Hash identifier: iV+nqcX02URZgxaq6X2e+61WecUGhfEToVMtJr6vZE4= Subject key identifier: E4:C7:FC:29:5F:A5:0B:54:CA:8E:A9:32:3A:A5:50:0F:26:21:98:EC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 55B68A2890FB223A2D13233F4E9FED9AE9FA05BA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/61c0a164-da93-428a-bae0-35d34ec93555.roa Signing time: Wed 15 Oct 2025 00:40:11 +0000 ROA not before: Wed 15 Oct 2025 00:40:11 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1a:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:b6:8a:28:90:fb:22:3a:2d:13:23:3f:4e:9f:ed:9a:e9:fa:05:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:40:11 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=e54c553b68ae1d07dc8fef16f79402a9cf82417ef872a33e1a133b5e7958f42b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:7d:cc:61:7c:d6:08:03:c5:08:72:63:b3:e9: 09:7a:99:47:5e:40:0b:5b:89:41:a8:57:e0:53:70: 87:af:f8:c9:7a:11:82:dd:97:eb:92:d3:f0:71:1e: eb:90:0e:60:82:e1:35:68:d3:82:6c:f1:39:63:41: c2:4f:41:74:1f:60:67:ab:b4:cd:6c:d5:36:c3:57: 26:49:56:b3:da:e3:f6:56:aa:af:35:85:83:41:c4: 17:0c:35:c9:89:1a:a9:47:05:6f:c6:9e:47:8e:e9: 76:e9:97:4b:92:cc:98:1f:1c:53:bb:2b:a0:d5:43: 11:49:0c:af:48:2f:18:90:80:8f:38:ce:80:00:a0: f4:cb:5c:ee:e6:01:a8:1c:26:a7:7f:3f:1e:a1:83: 7d:b2:1e:96:87:4e:43:2d:fd:c5:ed:96:9f:8b:e3: 24:76:98:88:db:ed:67:8f:df:df:af:9c:40:44:a6: df:73:53:ca:e5:3e:64:02:fb:33:72:bc:59:82:88: f8:62:7c:0c:a5:83:7e:1b:cc:70:6c:71:50:c3:5f: b8:fd:da:61:45:b0:21:86:d6:6d:4f:4f:56:44:d2: 62:64:f4:9c:db:4e:ee:b9:f9:66:82:f3:a0:8a:8c: 0a:11:3c:93:8d:9a:0a:80:2e:96:7f:e4:cd:d0:ed: c3:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:C7:FC:29:5F:A5:0B:54:CA:8E:A9:32:3A:A5:50:0F:26:21:98:EC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/61c0a164-da93-428a-bae0-35d34ec93555.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1a:400::/38 Signature Algorithm: sha256WithRSAEncryption 68:92:ae:31:bc:ef:4e:fc:d3:49:4b:88:da:8f:c7:31:25:df: cf:9a:ad:bb:c8:88:60:cf:12:e7:91:ce:37:8e:4a:42:33:eb: ba:83:9d:2c:2d:26:cf:f8:be:9d:6f:84:3e:2b:45:e7:dd:70: 0a:9b:57:0c:4f:f9:a9:74:7c:69:b1:19:bf:90:e1:0a:29:7a: 44:09:f4:f9:94:a1:32:0b:b7:31:17:de:88:6f:bf:13:83:37: 75:93:bc:84:b6:83:d3:b5:79:d4:a1:ba:88:e3:f3:ff:20:e0: 35:97:cf:de:f6:f7:72:5d:6f:5a:43:3e:d0:13:8a:49:a8:71: 7e:5f:f2:5e:bd:a8:1c:4f:f1:77:b4:b0:c6:71:f0:83:c3:8f: 58:99:d0:0d:11:99:18:20:aa:0a:6d:77:53:43:55:75:b2:2b: 75:2d:7e:81:15:df:ed:c5:32:0e:9c:ac:58:dd:a2:0e:a5:7a: 70:43:74:32:fe:7c:d7:8a:bb:33:f9:0f:b0:69:bf:40:c6:ed: 02:ed:7c:8e:bb:d9:a4:48:19:ea:78:ce:fd:cd:df:20:3c:67: 60:b4:00:de:29:ed:cd:a1:7f:04:e1:93:5f:0f:52:7f:86:34: 3f:1e:b2:34:7e:67:17:01:c3:bc:e1:23:3c:fa:6b:18:26:01: 34:54:36:cb -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVbaKKJD7IjotEyM/Tp/tmun6BbowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwNDAxMVoX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNAZTU0YzU1M2I2OGFlMWQwN2RjOGZl ZjE2Zjc5NDAyYTljZjgyNDE3ZWY4NzJhMzNlMWExMzNiNWU3OTU4ZjQyYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzn3MYXzWCAPFCHJjs+kJeplHXkAL W4lBqFfgU3CHr/jJehGC3ZfrktPwcR7rkA5gguE1aNOCbPE5Y0HCT0F0H2Bnq7TN bNU2w1cmSVaz2uP2VqqvNYWDQcQXDDXJiRqpRwVvxp5Hjul26ZdLksyYHxxTuyug 1UMRSQyvSC8YkICPOM6AAKD0y1zu5gGoHCanfz8eoYN9sh6Wh05DLf3F7Zafi+Mk dpiI2+1nj9/fr5xARKbfc1PK5T5kAvszcrxZgoj4YnwMpYN+G8xwbHFQw1+4/dph RbAhhtZtT09WRNJiZPSc207uuflmgvOgiowKETyTjZoKgC6Wf+TN0O3DVQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOTH/ClfpQtUyo6pMjqlUA8mIZjsMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzYxYzBhMTY0LWRhOTMtNDI4YS1iYWUwLTM1ZDM0ZWM5MzU1NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaGgQwDQYJKoZIhvcNAQELBQADggEBAGiSrjG8707800lLiNqP xzEl38+arbvIiGDPEueRzjeOSkIz67qDnSwtJs/4vp1vhD4rRefdcAqbVwxP+al0 fGmxGb+Q4QopekQJ9PmUoTILtzEX3ohvvxODN3WTvIS2g9O1edShuojj8/8g4DWX z97293Jdb1pDPtATikmocX5f8l69qBxP8Xe0sMZx8IPDj1iZ0A0RmRggqgptd1ND VXWyK3UtfoEV3+3FMg6crFjdog6lenBDdDL+fNeKuzP5D7Bpv0DG7QLtfI672aRI Gep4zv3N3yA8Z2C0AN4p7c2hfwThk18PUn+GND8esjR+ZxcBw7zhIzz6axgmATRU Nss= -----END CERTIFICATE-----Generated at Mon Oct 20 13:06:02 2025 by rpki-client