$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/647d1ce2-309a-4cc5-8894-ff351320ce3d.roa File: 647d1ce2-309a-4cc5-8894-ff351320ce3d.roa (raw, json) Hash identifier: m3EE7jLCszNAnVVyoJrep9YnZvxi6VYFApNgxHzm0HM= Subject key identifier: 3C:9D:00:29:2D:E3:BF:43:F0:F2:7F:94:A8:6E:E7:B3:FA:57:E1:43 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0C061C56B3B2472A07D832D69E94F813138BD80F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/647d1ce2-309a-4cc5-8894-ff351320ce3d.roa Signing time: Mon 06 Oct 2025 15:01:05 +0000 ROA not before: Mon 06 Oct 2025 15:01:05 +0000 ROA not after: Mon 10 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafd:4080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:06:1c:56:b3:b2:47:2a:07:d8:32:d6:9e:94:f8:13:13:8b:d8:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 6 15:01:05 2025 GMT Not After : Nov 10 23:59:59 2025 GMT Subject: serialNumber=66dc0fc34279f58dfe4a2463b7cbaab9dacc1baea4ad18093e642bb6bed6de8b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:c5:b6:e4:b7:b2:ed:ea:05:d5:dd:d2:ea:7b: 25:c0:57:e6:03:0d:0e:22:4d:8f:cc:82:42:be:fb: 60:14:2d:03:46:98:05:4d:4f:33:a8:1f:bd:46:af: 38:0d:0a:da:f2:a0:59:be:9b:f6:26:5f:34:88:89: 5b:20:6d:58:7e:f3:f0:db:cb:fe:d2:02:09:5f:90: d1:e3:cb:82:2a:81:97:dc:49:12:13:28:6e:c0:f9: fc:e5:16:2b:c3:8d:67:e8:4c:3f:9b:2a:1c:d8:8b: 96:20:c4:fa:aa:0b:80:e2:8d:3e:aa:30:7e:60:80: 59:7e:95:b5:cc:75:71:4d:a5:bc:9b:31:3a:78:97: 02:73:25:10:27:b7:9e:24:71:9a:9d:0c:3a:86:dc: 6b:ba:3f:1f:50:98:d5:2b:a7:db:a9:5a:1a:bd:4f: e4:c7:08:85:39:a5:c7:5c:de:26:6e:54:ef:d2:fc: 05:8c:ad:f5:6f:4f:a3:d7:69:13:f4:a7:5c:45:d6: 2f:ea:b2:02:38:f2:24:c8:05:5c:6f:69:19:0f:36: 37:d6:07:26:ad:91:4e:4a:f3:43:b9:cc:15:67:fc: b1:1f:21:48:d8:11:7a:52:d4:03:04:2a:b3:8a:c2: 19:19:2e:c1:eb:72:23:5f:2a:84:52:60:6c:69:4f: 01:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:9D:00:29:2D:E3:BF:43:F0:F2:7F:94:A8:6E:E7:B3:FA:57:E1:43 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/647d1ce2-309a-4cc5-8894-ff351320ce3d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafd:4080::/48 Signature Algorithm: sha256WithRSAEncryption 2f:6c:f1:40:9d:ec:e0:fa:53:3e:99:0b:d4:2d:4c:66:5f:20: cc:33:ee:1a:6b:59:c8:57:31:e5:58:3d:3d:59:83:8b:ea:19: a1:ad:fa:c4:38:8a:49:6d:84:d2:4a:23:65:e2:a9:f0:bd:b8: b7:ef:e2:93:7b:23:5a:88:b1:41:63:26:c9:70:81:e5:ac:c7: e3:d7:ac:aa:f6:68:2e:d9:1c:cb:66:b7:b5:1f:c4:fa:77:70: 82:82:70:af:86:7a:76:6d:b2:32:5e:f1:c1:91:03:59:bd:56: 5c:b5:62:77:3e:01:64:93:68:0f:29:37:09:98:4e:24:f6:60: fd:e5:30:bc:d5:51:4f:c9:2c:c8:e6:0c:d6:58:40:35:85:a1: 97:a4:93:15:70:b7:59:6e:ed:c2:21:f9:a7:cf:fe:c9:23:c3: c3:b1:43:ae:43:b3:16:3f:e1:43:db:c5:9f:b1:a3:45:54:4b: 94:6b:89:b8:84:16:9b:fd:12:60:40:31:e7:a8:26:cc:0d:19: 0e:23:86:81:2e:b7:3b:ab:d2:1f:20:c6:57:40:05:f6:cf:57: 50:85:da:23:4f:46:66:48:29:e9:ac:87:71:75:ce:75:8c:90: 5c:b8:2c:61:3c:d4:d0:ec:c7:a9:26:33:c0:79:10:32:e1:73: 4f:5e:fc:e7 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUDAYcVrOyRyoH2DLWnpT4ExOL2A8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNjE1MDEwNVoX DTI1MTExMDIzNTk1OVowejFJMEcGA1UEBRNANjZkYzBmYzM0Mjc5ZjU4ZGZlNGEy NDYzYjdjYmFhYjlkYWNjMWJhZWE0YWQxODA5M2U2NDJiYjZiZWQ2ZGU4YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcW25Ley7eoF1d3S6nslwFfmAw0O Ik2PzIJCvvtgFC0DRpgFTU8zqB+9Rq84DQra8qBZvpv2Jl80iIlbIG1YfvPw28v+ 0gIJX5DR48uCKoGX3EkSEyhuwPn85RYrw41n6Ew/myoc2IuWIMT6qguA4o0+qjB+ YIBZfpW1zHVxTaW8mzE6eJcCcyUQJ7eeJHGanQw6htxruj8fUJjVK6fbqVoavU/k xwiFOaXHXN4mblTv0vwFjK31b0+j12kT9KdcRdYv6rICOPIkyAVcb2kZDzY31gcm rZFOSvNDucwVZ/yxHyFI2BF6UtQDBCqzisIZGS7B63IjXyqEUmBsaU8BOwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDydACkt479D8PJ/lKhu57P6V+FDMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY0N2QxY2UyLTMwOWEtNGNjNS04ODk0LWZmMzUxMzIwY2UzZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/UCAMA0GCSqGSIb3DQEBCwUAA4IBAQAvbPFAnezg+lM+mQvU LUxmXyDMM+4aa1nIVzHlWD09WYOL6hmhrfrEOIpJbYTSSiNl4qnwvbi37+KTeyNa iLFBYybJcIHlrMfj16yq9mgu2RzLZre1H8T6d3CCgnCvhnp2bbIyXvHBkQNZvVZc tWJ3PgFkk2gPKTcJmE4k9mD95TC81VFPySzI5gzWWEA1haGXpJMVcLdZbu3CIfmn z/7JI8PDsUOuQ7MWP+FD28WfsaNFVEuUa4m4hBab/RJgQDHnqCbMDRkOI4aBLrc7 q9IfIMZXQAX2z1dQhdojT0ZmSCnprIdxdc51jJBcuCxhPNTQ7MepJjPAeRAy4XNP Xvzn -----END CERTIFICATE-----Generated at Mon Oct 20 14:50:45 2025 by rpki-client