$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6a98863c-3d93-49b3-9136-f76155006403.roa File: 6a98863c-3d93-49b3-9136-f76155006403.roa (raw, json) Hash identifier: Y0W6Fnp1Foc3U44fysbPAtHvX2iSKmwClgrbHI6hrj8= Subject key identifier: 9F:3E:A6:96:00:EB:58:5D:14:E7:23:5D:59:83:17:B6:D1:76:9F:5F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 08F641075807881FB87BE9DB44B0D01A38A084FA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6a98863c-3d93-49b3-9136-f76155006403.roa Signing time: Mon 06 Oct 2025 15:01:01 +0000 ROA not before: Mon 06 Oct 2025 15:01:01 +0000 ROA not after: Mon 10 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafd:8840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:f6:41:07:58:07:88:1f:b8:7b:e9:db:44:b0:d0:1a:38:a0:84:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 6 15:01:01 2025 GMT Not After : Nov 10 23:59:59 2025 GMT Subject: serialNumber=cadf82445f24d3869451c5eca6e25f206b0238d7d3da54ed477b9f8acfd0e0a9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:b3:b7:49:b9:94:1f:4a:25:4d:c2:a1:cf:83: 1f:f5:a0:17:b1:ba:b5:3b:63:04:06:3a:01:cd:c1: 9a:b8:9d:71:c5:cd:a4:ec:88:9e:af:18:35:89:df: 6b:fd:ac:59:e0:4f:5c:f2:2b:17:67:8b:5d:89:7f: a9:69:1f:9e:5b:25:7d:84:fc:be:fd:b4:3f:99:d0: 2d:f6:20:13:30:b4:9b:e3:eb:f6:3d:fe:b9:12:71: 92:dc:60:ef:ce:36:36:62:27:01:2b:2d:ea:9c:28: 58:52:d9:81:7a:7c:2b:a1:10:67:33:c3:4b:dd:a8: 34:c0:47:1f:6c:37:8b:91:16:2d:f9:85:d8:15:2a: c0:b6:3d:4a:b3:f8:a8:e9:4b:b6:3b:02:59:80:ca: 4a:eb:57:02:80:de:e6:aa:28:17:cf:82:7c:76:cd: 52:80:57:88:f2:39:c4:c4:33:a3:d4:77:1f:14:8b: 17:d9:08:ab:e5:79:e7:58:35:bf:1f:77:ab:1b:be: 23:d2:85:a8:2b:67:8f:09:f2:c2:0e:bb:e7:a0:7b: 16:fe:39:a7:bf:c5:73:d9:18:83:29:b7:7b:49:6c: 98:22:aa:6a:6f:f5:29:ad:28:c0:4b:b0:c5:6e:59: 44:ca:d3:64:8e:a0:81:ce:9b:38:80:e8:0b:20:2d: 90:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:3E:A6:96:00:EB:58:5D:14:E7:23:5D:59:83:17:B6:D1:76:9F:5F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6a98863c-3d93-49b3-9136-f76155006403.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafd:8840::/48 Signature Algorithm: sha256WithRSAEncryption 88:70:56:3b:0f:9d:80:81:0e:88:41:81:1f:d6:91:51:91:9c: 14:dd:e0:fa:f5:69:3e:ae:78:cc:f6:05:bf:b3:65:3c:7d:4d: 11:b6:df:64:fc:ff:13:0e:b8:3a:94:67:c1:ca:57:00:47:49: bb:6b:21:b6:8e:34:fd:a6:ad:ef:98:07:fb:c4:4f:ac:c3:d2: bd:eb:ba:0d:21:d4:17:e4:e0:bc:7c:00:76:48:6b:8a:77:c1: 2f:be:1b:43:d9:81:7d:a9:00:1e:e2:18:a2:8d:81:c4:05:ad: 60:a0:1b:4a:29:ea:40:c9:59:78:77:95:c7:4c:4a:20:0c:0e: 05:79:17:24:d5:1a:26:65:4e:01:1b:84:9d:f3:fd:78:d3:3e: 91:37:8a:8a:a4:8b:eb:4e:38:85:3c:dc:3d:fa:e6:cc:9d:fa: 56:5f:77:33:1f:39:53:f0:2e:96:cf:6a:29:e4:b3:30:43:c8: 0c:fd:f5:2b:98:cd:cf:f4:35:0d:a5:8f:31:47:e2:5b:29:0f: 59:fd:48:41:44:30:30:90:0a:15:d1:12:a0:13:57:d9:44:b0: b7:e3:20:07:25:d3:57:a7:85:3f:e2:4c:b3:47:20:db:b1:94: be:0d:d4:a7:96:5a:78:80:54:6c:35:06:9b:f9:5c:c0:e3:34: 01:7f:c2:72 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUCPZBB1gHiB+4e+nbRLDQGjighPowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNjE1MDEwMVoX DTI1MTExMDIzNTk1OVowejFJMEcGA1UEBRNAY2FkZjgyNDQ1ZjI0ZDM4Njk0NTFj NWVjYTZlMjVmMjA2YjAyMzhkN2QzZGE1NGVkNDc3YjlmOGFjZmQwZTBhOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LO3SbmUH0olTcKhz4Mf9aAXsbq1 O2MEBjoBzcGauJ1xxc2k7Iierxg1id9r/axZ4E9c8isXZ4tdiX+paR+eWyV9hPy+ /bQ/mdAt9iATMLSb4+v2Pf65EnGS3GDvzjY2YicBKy3qnChYUtmBenwroRBnM8NL 3ag0wEcfbDeLkRYt+YXYFSrAtj1Ks/io6Uu2OwJZgMpK61cCgN7mqigXz4J8ds1S gFeI8jnExDOj1HcfFIsX2Qir5XnnWDW/H3erG74j0oWoK2ePCfLCDrvnoHsW/jmn v8Vz2RiDKbd7SWyYIqpqb/UprSjAS7DFbllEytNkjqCBzps4gOgLIC2Q+QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJ8+ppYA61hdFOcjXVmDF7bRdp9fMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZhOTg4NjNjLTNkOTMtNDliMy05MTM2LWY3NjE1NTAwNjQwMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/YhAMA0GCSqGSIb3DQEBCwUAA4IBAQCIcFY7D52AgQ6IQYEf 1pFRkZwU3eD69Wk+rnjM9gW/s2U8fU0Rtt9k/P8TDrg6lGfBylcAR0m7ayG2jjT9 pq3vmAf7xE+sw9K967oNIdQX5OC8fAB2SGuKd8EvvhtD2YF9qQAe4hiijYHEBa1g oBtKKepAyVl4d5XHTEogDA4FeRck1RomZU4BG4Sd8/140z6RN4qKpIvrTjiFPNw9 +ubMnfpWX3czHzlT8C6Wz2op5LMwQ8gM/fUrmM3P9DUNpY8xR+JbKQ9Z/UhBRDAw kAoV0RKgE1fZRLC34yAHJdNXp4U/4kyzRyDbsZS+DdSnllp4gFRsNQab+VzA4zQB f8Jy -----END CERTIFICATE-----Generated at Mon Oct 20 10:00:43 2025 by rpki-client