$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6c88c264-a40d-4c0b-9138-31ff0c2ca926.roa File: 6c88c264-a40d-4c0b-9138-31ff0c2ca926.roa (raw, json) Hash identifier: vqIWJiO0/nMqWkjJXquVG3yDpsR6xi6vc47m9bus6k0= Subject key identifier: 6A:55:BD:50:A7:94:05:08:A0:6B:5D:F8:B4:80:35:6D:4B:C1:65:83 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3F65545DA1D69192D71CF2AA34656920CD9167A8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6c88c264-a40d-4c0b-9138-31ff0c2ca926.roa Signing time: Tue 14 Oct 2025 00:00:04 +0000 ROA not before: Tue 14 Oct 2025 00:00:04 +0000 ROA not after: Tue 18 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 116.206.72.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:65:54:5d:a1:d6:91:92:d7:1c:f2:aa:34:65:69:20:cd:91:67:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 14 00:00:04 2025 GMT Not After : Nov 18 23:59:59 2025 GMT Subject: serialNumber=a3f3b38ea2060555eedb8ad4e3f661478079f007b103199265af880a544a794b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:ac:9a:82:7b:d0:31:ae:6f:bb:df:cf:1f:e9: 95:09:d6:a7:30:a5:4b:f3:68:55:af:4b:f1:f6:af: e2:f9:2a:0a:40:ca:73:c6:55:9d:c2:fe:d8:bb:0f: 72:da:48:99:ac:8f:80:93:d7:53:14:70:18:de:f0: 03:e8:28:ab:5d:15:0f:48:16:79:d2:cf:a3:d3:ef: ee:78:60:9e:c7:2f:f5:43:f5:34:1f:87:c3:e2:c0: 86:a9:49:3e:91:72:49:b0:c0:2d:cd:24:75:6c:50: bf:71:67:40:c1:f4:57:48:46:99:22:94:1f:d9:03: 66:b5:8e:28:35:1d:06:10:68:85:7a:fd:f8:8c:ff: d1:ac:67:f4:43:c7:c0:c2:5c:fb:dc:4f:19:eb:49: bf:40:c8:fc:18:5a:8b:c7:1f:c0:62:75:2d:0c:af: 30:08:f0:b7:f1:ea:a3:d4:79:56:98:27:2b:22:89: 1b:98:1a:e6:59:e6:0f:1c:2b:ba:a8:ef:62:17:e5: e7:c8:fb:55:dd:0e:72:98:32:ad:ee:7e:01:28:b3: e4:f8:61:35:4b:d3:16:0c:f6:f8:c0:46:fb:32:16: a2:d3:ab:cc:4d:e6:44:22:bd:8e:a5:1c:2a:bf:f8: 47:84:4b:26:4e:09:30:8b:f2:14:21:74:ef:2e:85: 8b:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:55:BD:50:A7:94:05:08:A0:6B:5D:F8:B4:80:35:6D:4B:C1:65:83 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6c88c264-a40d-4c0b-9138-31ff0c2ca926.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 116.206.72.0/22 Signature Algorithm: sha256WithRSAEncryption 1d:f7:22:1c:2d:1b:07:e8:6d:8c:71:57:2c:74:5b:04:7b:4c: 26:b4:f1:41:61:12:2a:aa:94:51:05:f0:5a:7f:6e:e7:9d:32: b6:d4:90:a3:ff:cd:62:45:a8:f8:82:49:af:fc:46:6f:d9:ec: 09:65:82:a5:2c:12:4c:bb:81:a2:af:fa:25:d6:5e:d5:4c:9f: c3:3a:e6:94:6c:d2:61:c0:54:29:18:6d:2e:ac:4f:81:4e:1b: f9:91:f7:ee:a9:b3:ec:77:5c:79:3c:69:0e:50:74:2c:96:b2: 7e:98:16:76:1a:1e:0d:2a:50:a7:eb:e7:8f:4f:4a:81:4b:c9: 20:ef:c7:98:76:bc:57:4e:58:6e:b8:78:e1:92:c1:f9:31:83: 2a:f0:a5:25:0b:a2:0b:cb:5b:66:49:ec:5e:09:09:b4:16:68: 90:2f:54:10:05:ec:b8:ed:12:9f:ad:16:12:19:52:9c:49:be: 70:11:b2:af:f7:7d:18:f7:2f:39:99:2b:6f:a6:6a:0d:d3:96: 6b:2e:26:e9:4f:db:43:62:3b:16:70:1a:17:28:86:76:e3:07: 40:0f:75:b3:f5:ec:b6:a0:10:36:6f:8e:4e:5e:a5:45:ab:45: 00:96:36:a8:42:1c:0c:20:2d:fa:e6:6c:8f:e0:c3:40:90:d8: b2:f2:ff:59 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUP2VUXaHWkZLXHPKqNGVpIM2RZ6gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNDAwMDAwNFoX DTI1MTExODIzNTk1OVowejFJMEcGA1UEBRNAYTNmM2IzOGVhMjA2MDU1NWVlZGI4 YWQ0ZTNmNjYxNDc4MDc5ZjAwN2IxMDMxOTkyNjVhZjg4MGE1NDRhNzk0YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8qyagnvQMa5vu9/PH+mVCdanMKVL 82hVr0vx9q/i+SoKQMpzxlWdwv7Yuw9y2kiZrI+Ak9dTFHAY3vAD6CirXRUPSBZ5 0s+j0+/ueGCexy/1Q/U0H4fD4sCGqUk+kXJJsMAtzSR1bFC/cWdAwfRXSEaZIpQf 2QNmtY4oNR0GEGiFev34jP/RrGf0Q8fAwlz73E8Z60m/QMj8GFqLxx/AYnUtDK8w CPC38eqj1HlWmCcrIokbmBrmWeYPHCu6qO9iF+XnyPtV3Q5ymDKt7n4BKLPk+GE1 S9MWDPb4wEb7Mhai06vMTeZEIr2OpRwqv/hHhEsmTgkwi/IUIXTvLoWLOwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFGpVvVCnlAUIoGtd+LSANW1LwWWDMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZjODhjMjY0LWE0MGQtNGMwYi05MTM4LTMxZmYwYzJjYTkyNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCdM5IMA0GCSqGSIb3DQEBCwUAA4IBAQAd9yIcLRsH6G2McVcsdFsE e0wmtPFBYRIqqpRRBfBaf27nnTK21JCj/81iRaj4gkmv/EZv2ewJZYKlLBJMu4Gi r/ol1l7VTJ/DOuaUbNJhwFQpGG0urE+BThv5kffuqbPsd1x5PGkOUHQslrJ+mBZ2 Gh4NKlCn6+ePT0qBS8kg78eYdrxXTlhuuHjhksH5MYMq8KUlC6ILy1tmSexeCQm0 FmiQL1QQBey47RKfrRYSGVKcSb5wEbKv930Y9y85mStvpmoN05ZrLibpT9tDYjsW cBoXKIZ24wdAD3Wz9ey2oBA2b45OXqVFq0UAljaoQhwMIC365myP4MNAkNiy8v9Z -----END CERTIFICATE-----Generated at Mon Oct 20 12:38:27 2025 by rpki-client