$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6b95ed28-78dc-4a87-8241-9602df8787d4.roa File: 6b95ed28-78dc-4a87-8241-9602df8787d4.roa (raw, json) Hash identifier: VdHBBrwoES4j2hIWzcFjfjxqvJEaj7XvBQgGJCY7vcY= Subject key identifier: 7D:72:45:D3:9C:39:EA:A9:47:0A:6B:7A:75:BE:91:CC:02:58:47:5E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3A6104A31F9FB68A328A217DED3254F154A61E01 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6b95ed28-78dc-4a87-8241-9602df8787d4.roa Signing time: Tue 14 Oct 2025 00:10:46 +0000 ROA not before: Tue 14 Oct 2025 00:10:46 +0000 ROA not after: Tue 18 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:61:04:a3:1f:9f:b6:8a:32:8a:21:7d:ed:32:54:f1:54:a6:1e:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 14 00:10:46 2025 GMT Not After : Nov 18 23:59:59 2025 GMT Subject: serialNumber=7fed848ddb97ea05e93fd67238569ab48f5b49af429ebb4c06db11acb175c4c2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:2e:f1:b5:95:e4:fc:77:5f:2c:47:07:82:09: 94:e2:a0:17:cf:cd:36:63:2f:32:d6:0d:08:3a:da: ba:2b:2e:71:41:90:0f:9e:d3:93:2f:68:db:dd:fa: 23:ce:27:85:c2:02:ca:9d:b4:e1:42:b6:09:81:58: 32:d8:87:39:4e:73:40:42:78:8d:23:de:b0:44:ef: ca:34:27:ce:00:e2:27:52:e5:15:17:2d:f7:0a:fa: 96:7b:d4:21:fd:79:21:ff:ed:26:b4:98:5a:7d:07: d8:2d:0a:70:d7:02:99:56:88:15:ca:7d:8a:14:ce: 31:42:89:62:fb:ba:4b:92:45:46:3b:13:96:b9:a8: 9a:ad:dd:eb:bd:78:6a:cd:2f:8b:0f:f8:12:66:66: bd:32:b4:12:aa:81:bf:d4:88:af:ae:b5:39:66:18: 54:0c:ad:51:fa:1e:04:3e:6c:68:18:fa:5c:3e:7b: e3:76:83:7a:c6:c5:c5:f0:a2:d0:62:dd:bf:d1:5c: 59:0e:58:f6:a4:4a:11:8e:c5:37:d1:2a:e4:c6:fb: 50:98:1c:09:a7:2a:fe:e0:75:d9:60:4e:02:d2:89: fb:f6:e9:aa:00:bf:23:2e:c7:c1:30:24:45:6e:45: 6a:fb:f2:68:49:9e:1e:39:94:6e:13:42:c8:3f:b2: 1f:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:72:45:D3:9C:39:EA:A9:47:0A:6B:7A:75:BE:91:CC:02:58:47:5E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6b95ed28-78dc-4a87-8241-9602df8787d4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:c800::/40 Signature Algorithm: sha256WithRSAEncryption 63:64:08:78:08:e6:b0:d7:4e:7f:74:8a:14:88:16:c8:26:f8: 31:d6:b6:f1:23:93:68:20:ae:03:eb:9e:44:0d:d6:52:f3:fc: c8:9c:ed:17:d4:17:67:9e:e8:4b:d9:0f:a1:fc:9e:47:75:3c: 06:15:0d:2b:c6:f0:9e:8a:06:4a:ef:43:fb:02:f6:dd:ae:bf: fa:0b:b5:fa:0f:13:c9:0a:70:98:46:0e:42:fd:f7:93:88:b4: 7a:7d:69:ab:56:4f:cb:de:44:b1:a5:e5:69:9d:33:e4:c3:4c: 3b:e1:da:a8:cb:72:cf:77:18:e2:d5:91:88:92:5e:a1:be:19: 6e:83:f4:fa:21:7c:3e:cc:f2:e1:c6:07:a3:61:97:d8:0d:41: a1:10:5b:1b:7e:a8:ae:e2:f8:e3:cf:00:c1:38:00:03:fa:db: 8a:16:5e:c3:3d:62:61:f4:3d:a8:32:e0:29:c3:e1:c6:f8:6c: c0:f2:4f:e6:6e:cc:8a:77:f9:1e:58:03:94:7a:8d:0a:20:70: e5:4a:39:e0:27:f7:16:ff:af:78:12:a8:fc:09:db:46:dc:bd: 3a:b2:88:72:a0:dc:28:e3:13:60:e5:59:f7:67:04:8d:c8:08: 61:5d:db:04:d7:92:a2:bd:6a:d0:f4:86:ce:d2:86:f7:27:87: 9c:66:09:35 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOmEEox+ftooyiiF97TJU8VSmHgEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNDAwMTA0NloX DTI1MTExODIzNTk1OVowejFJMEcGA1UEBRNAN2ZlZDg0OGRkYjk3ZWEwNWU5M2Zk NjcyMzg1NjlhYjQ4ZjViNDlhZjQyOWViYjRjMDZkYjExYWNiMTc1YzRjMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmC7xtZXk/HdfLEcHggmU4qAXz802 Yy8y1g0IOtq6Ky5xQZAPntOTL2jb3fojzieFwgLKnbThQrYJgVgy2Ic5TnNAQniN I96wRO/KNCfOAOInUuUVFy33CvqWe9Qh/Xkh/+0mtJhafQfYLQpw1wKZVogVyn2K FM4xQoli+7pLkkVGOxOWuaiard3rvXhqzS+LD/gSZma9MrQSqoG/1IivrrU5ZhhU DK1R+h4EPmxoGPpcPnvjdoN6xsXF8KLQYt2/0VxZDlj2pEoRjsU30SrkxvtQmBwJ pyr+4HXZYE4C0on79umqAL8jLsfBMCRFbkVq+/JoSZ4eOZRuE0LIP7IfgwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFH1yRdOcOeqpRwprenW+kcwCWEdeMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZiOTVlZDI4LTc4ZGMtNGE4Ny04MjQxLTk2MDJkZjg3ODdkNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaacgwDQYJKoZIhvcNAQELBQADggEBAGNkCHgI5rDXTn90ihSI Fsgm+DHWtvEjk2ggrgPrnkQN1lLz/Mic7RfUF2ee6EvZD6H8nkd1PAYVDSvG8J6K BkrvQ/sC9t2uv/oLtfoPE8kKcJhGDkL995OItHp9aatWT8veRLGl5WmdM+TDTDvh 2qjLcs93GOLVkYiSXqG+GW6D9PohfD7M8uHGB6Nhl9gNQaEQWxt+qK7i+OPPAME4 AAP624oWXsM9YmH0Pagy4CnD4cb4bMDyT+ZuzIp3+R5YA5R6jQogcOVKOeAn9xb/ r3gSqPwJ20bcvTqyiHKg3CjjE2DlWfdnBI3ICGFd2wTXkqK9atD0hs7Shvcnh5xm CTU= -----END CERTIFICATE-----Generated at Mon Oct 20 13:11:09 2025 by rpki-client