$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/635b223e-f641-496e-be0c-3d916b763149.roa File: 635b223e-f641-496e-be0c-3d916b763149.roa (raw, json) Hash identifier: sK0v9vCQ0JK6N4+86+efxuDUYMqKha3BcPLWrmM2GDg= Subject key identifier: 25:A4:58:07:FB:8F:8B:F8:63:46:45:B1:E7:03:36:00:67:AA:94:3B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 59C4F31948CC474B3CDFBE4E8E0CF9E4025ACB6D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/635b223e-f641-496e-be0c-3d916b763149.roa Signing time: Mon 06 Oct 2025 15:20:07 +0000 ROA not before: Mon 06 Oct 2025 15:20:07 +0000 ROA not after: Mon 10 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da29::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:c4:f3:19:48:cc:47:4b:3c:df:be:4e:8e:0c:f9:e4:02:5a:cb:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 6 15:20:07 2025 GMT Not After : Nov 10 23:59:59 2025 GMT Subject: serialNumber=79d528e101b6442b52321ef7f7df2f8da713677752dec4f00ef9d437794207cf, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:73:92:f7:78:02:77:67:cf:49:5d:21:88:6d: f6:84:50:ff:42:c3:31:16:ac:78:17:df:7e:7d:5f: 7d:1d:3f:31:40:73:a3:0d:a8:d6:56:6f:bb:76:dd: b7:56:ff:26:e0:9c:fa:90:de:9b:a2:8b:2b:c7:43: 80:70:85:ca:3b:2c:00:0e:ef:d3:c7:3f:ac:1b:34: 78:49:fb:ad:ee:8f:74:db:72:df:7f:d3:7c:46:35: 4e:7d:bb:99:33:b8:4b:53:de:2f:fa:17:ba:6a:e0: cc:e5:d7:90:59:d5:76:88:6f:d4:4b:f4:5b:01:87: 52:48:4a:a3:f4:a3:45:d2:b0:db:9f:43:8c:b9:35: b8:3a:51:32:87:c6:a9:3a:51:1c:1b:63:29:e7:da: e5:53:bc:02:84:f0:cd:fc:b8:2d:b6:9c:9f:64:be: 6c:3d:a7:96:e7:25:ef:9f:71:10:7a:63:82:27:da: 29:32:29:9b:56:f1:98:18:8f:58:50:aa:3f:cf:92: 6a:35:a2:e5:72:61:f7:c5:64:a3:83:41:e0:05:93: 5a:ed:85:56:25:fa:36:21:f1:6e:a0:83:6c:52:40: ad:c2:ca:a7:2c:71:ff:5d:6c:32:a8:2f:7b:9c:14: 56:36:47:5e:8f:ba:de:4e:27:11:5c:e4:98:af:c3: ee:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:A4:58:07:FB:8F:8B:F8:63:46:45:B1:E7:03:36:00:67:AA:94:3B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/635b223e-f641-496e-be0c-3d916b763149.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da29::/36 Signature Algorithm: sha256WithRSAEncryption 09:f1:6a:ab:4d:dc:8d:6c:d0:0c:c8:c6:0b:8a:4b:ee:f3:b4: d1:cb:64:20:59:5d:f9:4f:c6:0d:30:9d:b0:97:33:b8:32:4c: b6:67:7c:28:0a:5c:42:5e:49:d9:84:c9:43:82:56:7e:97:31: 25:7b:9e:c0:11:d0:b0:04:6c:64:37:24:79:97:e1:62:5b:a2: f5:49:59:04:82:dc:65:43:1e:95:f2:57:50:6c:52:9d:ec:66: bc:62:b4:86:58:dc:31:91:00:34:1a:b9:4c:a9:b6:6d:d9:40: 88:7a:9b:95:23:a4:d8:88:4f:61:cc:54:c3:6c:e9:14:da:45: ac:5a:9c:4f:4e:66:06:c2:d4:4e:fa:72:87:4b:5a:2c:27:b4: f2:52:a4:33:e2:a0:b5:75:0b:48:1f:a2:e8:1c:e6:93:25:0b: 82:a8:d3:4a:cd:24:08:70:17:73:50:09:15:29:0f:a0:56:1a: d8:7b:3b:96:2a:29:26:84:36:c4:30:ee:83:68:51:f3:f5:f0: 83:8d:5d:be:d4:fb:5b:d6:3d:16:54:2d:e8:66:e1:b8:01:51: ff:16:a8:35:cf:07:46:cd:e7:ab:c1:fe:fe:d0:dd:b4:ce:0c: f0:5d:03:e6:49:19:c7:a3:48:88:93:b5:3e:38:08:8e:ed:cc: 02:5e:17:c8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWcTzGUjMR0s8375Ojgz55AJay20wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNjE1MjAwN1oX DTI1MTExMDIzNTk1OVowejFJMEcGA1UEBRNANzlkNTI4ZTEwMWI2NDQyYjUyMzIx ZWY3ZjdkZjJmOGRhNzEzNjc3NzUyZGVjNGYwMGVmOWQ0Mzc3OTQyMDdjZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXOS93gCd2fPSV0hiG32hFD/QsMx Fqx4F99+fV99HT8xQHOjDajWVm+7dt23Vv8m4Jz6kN6boosrx0OAcIXKOywADu/T xz+sGzR4Sfut7o9023Lff9N8RjVOfbuZM7hLU94v+he6auDM5deQWdV2iG/US/Rb AYdSSEqj9KNF0rDbn0OMuTW4OlEyh8apOlEcG2Mp59rlU7wChPDN/LgttpyfZL5s PaeW5yXvn3EQemOCJ9opMimbVvGYGI9YUKo/z5JqNaLlcmH3xWSjg0HgBZNa7YVW Jfo2IfFuoINsUkCtwsqnLHH/XWwyqC97nBRWNkdej7reTicRXOSYr8PuQwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCWkWAf7j4v4Y0ZFsecDNgBnqpQ7MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzYzNWIyMjNlLWY2NDEtNDk2ZS1iZTBjLTNkOTE2Yjc2MzE0OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaKQAwDQYJKoZIhvcNAQELBQADggEBAAnxaqtN3I1s0AzIxguK S+7ztNHLZCBZXflPxg0wnbCXM7gyTLZnfCgKXEJeSdmEyUOCVn6XMSV7nsAR0LAE bGQ3JHmX4WJbovVJWQSC3GVDHpXyV1BsUp3sZrxitIZY3DGRADQauUyptm3ZQIh6 m5UjpNiIT2HMVMNs6RTaRaxanE9OZgbC1E76codLWiwntPJSpDPioLV1C0gfougc 5pMlC4Ko00rNJAhwF3NQCRUpD6BWGth7O5YqKSaENsQw7oNoUfP18IONXb7U+1vW PRZULehm4bgBUf8WqDXPB0bN56vB/v7Q3bTODPBdA+ZJGcejSIiTtT44CI7tzAJe F8g= -----END CERTIFICATE-----Generated at Mon Oct 20 18:19:25 2025 by rpki-client