$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6de13c1e-8034-41b3-90e3-760249997c22.roa File: 6de13c1e-8034-41b3-90e3-760249997c22.roa (raw, json) Hash identifier: gHqMuL25cX7ypox7TeXQeijqj0lqth4CEu/LdarTXrY= Subject key identifier: E1:D9:04:3F:27:A4:88:B2:74:3F:E3:A3:25:2E:6E:93:A6:64:0C:FA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6252DDB8E81A7374631F6B464359646D05CDCC36 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6de13c1e-8034-41b3-90e3-760249997c22.roa Signing time: Sat 04 Oct 2025 00:20:03 +0000 ROA not before: Sat 04 Oct 2025 00:20:03 +0000 ROA not after: Sat 08 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:52:dd:b8:e8:1a:73:74:63:1f:6b:46:43:59:64:6d:05:cd:cc:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 4 00:20:03 2025 GMT Not After : Nov 8 23:59:59 2025 GMT Subject: serialNumber=7163fee39fd2e744c759d53dd45fe7bd4cb9e7c03931b86ef74b0c43106dd81e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:5b:f7:65:21:f0:d8:87:0b:c4:91:24:26:47: fa:42:fb:f2:d7:55:91:3c:f2:57:d1:36:ad:d4:ac: c4:ef:10:6d:dd:7d:ef:d1:87:cb:fa:df:7b:0c:fe: 3a:1b:7e:c9:61:df:3c:6c:f8:32:45:f7:2b:27:7f: e2:fc:1c:f8:5b:84:1f:a3:24:a2:63:60:6f:90:20: a5:49:74:8c:ac:f0:b0:f2:7c:4f:99:80:80:9b:70: f6:24:de:73:b5:83:17:67:ee:31:9b:ee:94:6c:21: ca:c6:ae:1d:b1:b1:c9:32:fc:07:a3:d6:b0:4f:bd: 54:0b:91:1a:de:78:9f:0f:25:59:52:9e:9e:d7:4b: 17:31:76:90:f3:c9:0f:35:05:9f:a3:e5:fc:64:97: 79:9b:91:ad:e2:2b:4e:eb:be:43:8a:08:a9:21:bb: 68:fd:cd:98:46:47:3c:43:3b:23:f0:ac:7c:37:b4: f5:05:bd:de:13:19:94:05:cb:26:59:e9:d2:85:6e: 92:0f:98:c1:ed:cf:98:5d:42:3d:71:46:a3:d9:cf: f8:66:d9:f6:13:23:53:3a:89:94:6d:cb:6d:50:cc: 78:4c:7c:05:69:6b:08:25:90:d0:a6:4e:dc:eb:75: c3:84:d3:87:ed:f7:47:43:a8:c9:48:2b:ac:d4:da: 67:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:D9:04:3F:27:A4:88:B2:74:3F:E3:A3:25:2E:6E:93:A6:64:0C:FA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6de13c1e-8034-41b3-90e3-760249997c22.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:8800::/40 Signature Algorithm: sha256WithRSAEncryption cb:50:44:8b:fb:6f:c5:8f:19:fb:99:85:42:48:ef:ef:b7:db: 4a:48:2b:47:ab:c5:fb:f1:01:65:a0:b0:a8:79:08:83:f7:58: 8c:b2:3a:88:fa:e6:a9:09:93:91:87:ac:39:b9:6c:c1:7e:75: dc:9f:6c:eb:31:d0:34:0c:92:3b:13:85:17:fb:9e:e6:d7:e1: 64:8b:59:4d:7e:39:70:87:ab:ac:80:30:79:0c:aa:88:8a:4a: b7:28:a6:86:5e:19:4b:b1:24:08:a5:f1:bf:66:dd:d1:d0:07: fa:96:f1:71:2e:8b:76:9a:3b:a5:98:6d:4a:3e:a9:7d:a4:8c: f4:20:1b:3a:74:d7:82:ee:9a:b5:09:3a:50:9f:af:4f:f4:58: 7d:ed:47:ee:0a:99:b1:e4:8a:bf:3c:66:51:b5:c5:d2:ae:53: 3f:4b:58:45:f4:27:15:cd:f4:3b:9f:6e:6d:1c:9b:db:40:9f: 35:a4:ad:0d:e9:85:1e:2e:53:f4:db:87:3d:1e:46:5a:ec:ac: a7:97:c6:db:12:f2:d9:a8:f4:99:a8:7d:04:58:92:da:08:93: f1:b6:c3:7d:a0:f3:60:6e:31:e8:d1:00:c3:af:41:f9:dd:e7: 01:bf:a8:2f:de:c9:a8:eb:71:53:b6:c0:dc:fc:1e:fd:bd:f7: f1:4b:8f:b1 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUYlLduOgac3RjH2tGQ1lkbQXNzDYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNDAwMjAwM1oX DTI1MTEwODIzNTk1OVowejFJMEcGA1UEBRNANzE2M2ZlZTM5ZmQyZTc0NGM3NTlk NTNkZDQ1ZmU3YmQ0Y2I5ZTdjMDM5MzFiODZlZjc0YjBjNDMxMDZkZDgxZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Vv3ZSHw2IcLxJEkJkf6Qvvy11WR PPJX0Tat1KzE7xBt3X3v0YfL+t97DP46G37JYd88bPgyRfcrJ3/i/Bz4W4QfoySi Y2BvkCClSXSMrPCw8nxPmYCAm3D2JN5ztYMXZ+4xm+6UbCHKxq4dsbHJMvwHo9aw T71UC5Ea3nifDyVZUp6e10sXMXaQ88kPNQWfo+X8ZJd5m5Gt4itO675DigipIbto /c2YRkc8Qzsj8Kx8N7T1Bb3eExmUBcsmWenShW6SD5jB7c+YXUI9cUaj2c/4Ztn2 EyNTOomUbcttUMx4THwFaWsIJZDQpk7c63XDhNOH7fdHQ6jJSCus1NpnowIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOHZBD8npIiydD/joyUubpOmZAz6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZkZTEzYzFlLTgwMzQtNDFiMy05MGUzLTc2MDI0OTk5N2MyMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/ogwDQYJKoZIhvcNAQELBQADggEBAMtQRIv7b8WPGfuZhUJI 7++320pIK0erxfvxAWWgsKh5CIP3WIyyOoj65qkJk5GHrDm5bMF+ddyfbOsx0DQM kjsThRf7nubX4WSLWU1+OXCHq6yAMHkMqoiKSrcopoZeGUuxJAil8b9m3dHQB/qW 8XEui3aaO6WYbUo+qX2kjPQgGzp014LumrUJOlCfr0/0WH3tR+4KmbHkir88ZlG1 xdKuUz9LWEX0JxXN9Dufbm0cm9tAnzWkrQ3phR4uU/Tbhz0eRlrsrKeXxtsS8tmo 9JmofQRYktoIk/G2w32g82BuMejRAMOvQfnd5wG/qC/eyajrcVO2wNz8Hv299/FL j7E= -----END CERTIFICATE-----Generated at Mon Oct 20 07:23:38 2025 by rpki-client