$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/69b62cdf-1adc-4227-8782-99cecf187e33.roa File: 69b62cdf-1adc-4227-8782-99cecf187e33.roa (raw, json) Hash identifier: 8lUYttYs5cKST7Oc8uEBI0tzr0n/RKaJ6NiBgpRVa5I= Subject key identifier: A6:01:F6:4D:80:D1:32:99:8C:E4:54:93:DC:6D:A1:5E:03:07:87:AF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 60E6C8D1F30D1766441E6B446D410BF8AE856E36 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/69b62cdf-1adc-4227-8782-99cecf187e33.roa Signing time: Mon 13 Oct 2025 15:10:30 +0000 ROA not before: Mon 13 Oct 2025 15:10:30 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:7080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:e6:c8:d1:f3:0d:17:66:44:1e:6b:44:6d:41:0b:f8:ae:85:6e:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:10:30 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=34965fc6ee059af2b7338b84d06c827e3d062e40a4e5c2e1dee5b6eebb00b5c8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:8e:3f:fc:81:b1:4f:67:cc:0c:a7:7b:a7:1b: c4:cf:02:52:62:fb:ac:ed:42:e0:69:86:1a:2a:6b: e3:1d:a7:24:94:49:bb:2f:f3:0d:d8:de:1b:61:63: d7:cd:4c:d4:64:0f:4a:73:d1:4a:60:15:60:5d:80: 7a:db:cc:9f:3e:dc:2d:5b:f4:86:45:c7:dd:9e:a1: 94:a6:7c:82:cb:94:37:7a:d6:ca:a4:da:8e:a7:a7: 70:a8:70:37:3e:31:30:ae:25:49:7c:c4:fa:df:d0: ce:f7:60:da:1b:9b:7e:7b:13:50:a9:5a:ef:79:70: c6:e6:5b:c4:11:53:37:54:b6:b5:6a:2e:4e:86:68: 8a:c9:b4:7b:92:8e:96:15:53:94:85:02:64:bd:07: 9c:c5:1d:00:b0:34:05:27:1a:41:f4:b7:4b:00:37: e6:1f:c6:46:e5:08:b7:b9:d3:6d:59:e8:44:05:78: a9:97:7d:7d:20:ea:7c:cf:d7:3b:bf:14:f0:59:19: e3:57:3b:62:64:97:64:33:74:da:0e:bd:ae:b4:09: d2:38:45:fd:7c:e4:dc:a7:48:95:86:f3:da:37:22: d8:79:cf:be:bf:8f:86:08:2e:65:57:c6:df:b5:86: 61:11:a2:67:43:f3:5a:e8:cb:40:4c:bb:8a:82:eb: ef:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:01:F6:4D:80:D1:32:99:8C:E4:54:93:DC:6D:A1:5E:03:07:87:AF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/69b62cdf-1adc-4227-8782-99cecf187e33.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:7080::/48 Signature Algorithm: sha256WithRSAEncryption 79:f4:fb:9b:72:68:36:b4:20:25:b3:eb:59:6c:23:f4:f2:c0: a1:13:c0:cb:57:eb:29:ff:e3:ff:1e:79:58:18:24:92:e1:75: 51:cd:e6:d4:1b:c7:40:a5:16:1b:b4:40:78:1e:76:81:f0:94: f3:d8:94:06:fa:7a:ba:06:6c:62:0b:44:ba:e9:95:cd:36:11: ba:c6:84:84:47:eb:75:32:44:7d:12:0b:5a:1b:60:8b:15:67: 09:de:e0:d5:fc:c2:f2:ae:67:56:e7:b4:7b:c2:eb:98:d0:07: 88:9e:d5:27:fc:d9:ae:2a:ff:26:e8:74:a0:12:d3:65:1b:1f: b6:ef:a7:4f:80:e0:34:b0:bb:12:0e:8d:7b:41:d6:d3:c5:15: e3:7c:23:17:8d:a3:26:28:5b:44:dd:47:13:b3:12:8c:fd:9a: 4c:0e:73:d8:1b:5a:e4:06:d8:2c:f9:69:43:0f:cf:cd:c9:e0: 0b:b1:ef:71:f8:23:40:d6:a4:1c:a4:64:f8:80:cb:b9:b8:43: b6:52:6c:10:61:87:f5:07:f6:29:55:95:0d:37:8f:5a:28:e4: 85:d0:19:6e:03:52:0a:33:aa:95:e9:8e:14:61:d3:a3:9f:fe: b9:01:bd:62:46:30:f6:82:41:20:c9:b3:bc:4d:85:bc:45:0d: 3a:aa:c3:4b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYObI0fMNF2ZEHmtEbUEL+K6FbjYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1MTAzMFoX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNAMzQ5NjVmYzZlZTA1OWFmMmI3MzM4 Yjg0ZDA2YzgyN2UzZDA2MmU0MGE0ZTVjMmUxZGVlNWI2ZWViYjAwYjVjODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtI4//IGxT2fMDKd7pxvEzwJSYvus 7ULgaYYaKmvjHacklEm7L/MN2N4bYWPXzUzUZA9Kc9FKYBVgXYB628yfPtwtW/SG RcfdnqGUpnyCy5Q3etbKpNqOp6dwqHA3PjEwriVJfMT639DO92DaG5t+exNQqVrv eXDG5lvEEVM3VLa1ai5OhmiKybR7ko6WFVOUhQJkvQecxR0AsDQFJxpB9LdLADfm H8ZG5Qi3udNtWehEBXipl319IOp8z9c7vxTwWRnjVztiZJdkM3TaDr2utAnSOEX9 fOTcp0iVhvPaNyLYec++v4+GCC5lV8bftYZhEaJnQ/Na6MtATLuKguvvtQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKYB9k2A0TKZjORUk9xtoV4DB4evMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY5YjYyY2RmLTFhZGMtNDIyNy04NzgyLTk5Y2VjZjE4N2UzMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8nCAMA0GCSqGSIb3DQEBCwUAA4IBAQB59Pubcmg2tCAls+tZ bCP08sChE8DLV+sp/+P/HnlYGCSS4XVRzebUG8dApRYbtEB4HnaB8JTz2JQG+nq6 BmxiC0S66ZXNNhG6xoSER+t1MkR9EgtaG2CLFWcJ3uDV/MLyrmdW57R7wuuY0AeI ntUn/NmuKv8m6HSgEtNlGx+276dPgOA0sLsSDo17QdbTxRXjfCMXjaMmKFtE3UcT sxKM/ZpMDnPYG1rkBtgs+WlDD8/NyeALse9x+CNA1qQcpGT4gMu5uEO2UmwQYYf1 B/YpVZUNN49aKOSF0BluA1IKM6qV6Y4UYdOjn/65Ab1iRjD2gkEgybO8TYW8RQ06 qsNL -----END CERTIFICATE-----Generated at Mon Oct 20 07:22:37 2025 by rpki-client