$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6edf2912-47ba-4d32-af54-cfec67c5a726.roa File: 6edf2912-47ba-4d32-af54-cfec67c5a726.roa (raw, json) Hash identifier: C+UcZcB3W4U5cQ7GiKkyyZU7eo3ZMPtWvVPoYlUYdEo= Subject key identifier: 08:21:23:BC:A3:79:85:4F:00:FA:46:52:3A:77:A4:73:EC:77:56:ED Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 088A2F6C49A690C8C50296623A1656BA7DC8D4FA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6edf2912-47ba-4d32-af54-cfec67c5a726.roa Signing time: Wed 15 Oct 2025 00:10:55 +0000 ROA not before: Wed 15 Oct 2025 00:10:55 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:8a:2f:6c:49:a6:90:c8:c5:02:96:62:3a:16:56:ba:7d:c8:d4:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:10:55 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=789c2ccca2f9afa380d28a3bd98398e2f425218d680287aee8d6bb1ee12e1c6a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:7d:db:73:74:e6:1b:9c:8c:8f:da:92:11:43: 2d:2a:58:93:1f:1a:aa:5c:6c:93:28:c7:e6:05:54: d0:d1:b8:a7:58:02:e6:90:8d:e8:d8:3e:ea:20:bd: 62:d4:43:79:dc:10:e0:55:49:9d:c6:80:f2:aa:d5: 0a:02:05:20:21:de:bc:f1:25:ad:86:f3:b5:70:7f: 99:63:0e:32:aa:f1:2a:51:f4:78:05:67:9d:62:6c: f2:55:4f:0d:0e:33:aa:d6:74:fd:ff:6c:a1:0e:25: 18:44:ef:11:a2:00:bb:3d:73:af:ba:c0:18:d8:c7: 05:5e:f5:0d:75:21:63:03:e7:31:01:d3:bc:e6:ff: dd:f6:2f:c1:b5:c0:49:36:b9:e3:44:2b:e3:dd:79: 02:56:d9:2a:5d:4e:31:45:89:1e:da:c3:7b:62:ea: 42:f1:7b:c0:61:ac:c5:5d:ca:fc:b4:c0:f6:1a:7a: 6f:78:c0:ee:47:c7:4c:20:9c:f2:56:04:1f:6e:09: e7:ef:88:bd:a2:c1:a6:8a:be:cd:50:41:24:61:f1: 6b:92:a4:29:91:b4:25:17:fa:ce:90:84:29:e3:9e: 7b:26:0d:ec:62:0c:40:a9:79:9c:b3:83:c3:bf:19: e1:57:bb:9f:5e:ca:22:bb:fa:a1:25:ee:be:26:c5: ea:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:21:23:BC:A3:79:85:4F:00:FA:46:52:3A:77:A4:73:EC:77:56:ED X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6edf2912-47ba-4d32-af54-cfec67c5a726.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:800::/40 Signature Algorithm: sha256WithRSAEncryption a0:6d:19:31:57:3b:02:d0:53:fa:9e:d1:fd:18:d4:bd:65:06: 78:b7:8c:7a:8e:84:57:ec:b0:61:db:64:fc:d1:80:7a:d7:80: cd:f6:e9:b5:2b:7c:1a:04:35:48:8b:72:b3:dd:85:50:96:f7: 78:99:15:32:ea:0f:55:d1:1c:08:e8:91:3d:75:d5:be:57:79: b2:6e:a0:95:b7:5a:19:fd:fa:fa:c9:76:d5:f9:57:ce:02:d9: c7:95:6d:2d:30:22:f9:7c:b4:05:98:cd:95:be:e0:b4:4c:71: 8c:07:1a:7d:6f:c5:f9:57:80:a7:6e:28:10:cd:38:de:73:5a: c6:1c:a7:d9:90:83:f6:a6:34:74:be:eb:90:24:3d:42:3e:6a: 4b:c4:dc:b7:2b:8c:e0:20:5e:e0:96:e9:a3:b1:58:e1:6d:b9: 87:b7:f8:75:93:ed:87:79:7a:d4:11:5e:2b:92:0a:7a:58:94: eb:45:22:c7:f4:eb:eb:30:98:fd:1a:bd:80:46:33:92:eb:a6: b3:7e:2a:b4:c2:34:ca:cf:fd:ec:ab:54:7c:64:c4:dd:9f:a8: f7:37:38:6b:5f:70:a8:b1:a0:13:96:35:28:74:27:4d:5a:09: bc:91:b9:21:3d:a2:cb:f7:f2:cb:02:5e:f3:b9:97:b7:8d:fe: b9:03:59:4d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCIovbEmmkMjFApZiOhZWun3I1PowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwMTA1NVoX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNANzg5YzJjY2NhMmY5YWZhMzgwZDI4 YTNiZDk4Mzk4ZTJmNDI1MjE4ZDY4MDI4N2FlZThkNmJiMWVlMTJlMWM2YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6H3bc3TmG5yMj9qSEUMtKliTHxqq XGyTKMfmBVTQ0binWALmkI3o2D7qIL1i1EN53BDgVUmdxoDyqtUKAgUgId688SWt hvO1cH+ZYw4yqvEqUfR4BWedYmzyVU8NDjOq1nT9/2yhDiUYRO8RogC7PXOvusAY 2McFXvUNdSFjA+cxAdO85v/d9i/BtcBJNrnjRCvj3XkCVtkqXU4xRYke2sN7YupC 8XvAYazFXcr8tMD2GnpveMDuR8dMIJzyVgQfbgnn74i9osGmir7NUEEkYfFrkqQp kbQlF/rOkIQp4557Jg3sYgxAqXmcs4PDvxnhV7ufXsoiu/qhJe6+JsXqWwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAghI7yjeYVPAPpGUjp3pHPsd1btMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZlZGYyOTEyLTQ3YmEtNGQzMi1hZjU0LWNmZWM2N2M1YTcyNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacAgwDQYJKoZIhvcNAQELBQADggEBAKBtGTFXOwLQU/qe0f0Y 1L1lBni3jHqOhFfssGHbZPzRgHrXgM326bUrfBoENUiLcrPdhVCW93iZFTLqD1XR HAjokT111b5XebJuoJW3Whn9+vrJdtX5V84C2ceVbS0wIvl8tAWYzZW+4LRMcYwH Gn1vxflXgKduKBDNON5zWsYcp9mQg/amNHS+65AkPUI+akvE3LcrjOAgXuCW6aOx WOFtuYe3+HWT7Yd5etQRXiuSCnpYlOtFIsf06+swmP0avYBGM5LrprN+KrTCNMrP /eyrVHxkxN2fqPc3OGtfcKixoBOWNSh0J01aCbyRuSE9osv38ssCXvO5l7eN/rkD WU0= -----END CERTIFICATE-----Generated at Mon Oct 20 07:25:00 2025 by rpki-client