$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6ee8dd2d-118b-4944-8dc4-dc7103368204.roa File: 6ee8dd2d-118b-4944-8dc4-dc7103368204.roa (raw, json) Hash identifier: Sz0woOjmaWwLBk6UVgJMQJRCa5ROxPVAFFePlpzfZD0= Subject key identifier: DB:BC:7A:3F:F8:C2:79:35:E3:DC:86:F9:5B:BC:43:1A:0F:B9:7C:2C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 79A5734A474D15BF19030013064F481EE9A27155 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6ee8dd2d-118b-4944-8dc4-dc7103368204.roa Signing time: Mon 06 Oct 2025 15:00:05 +0000 ROA not before: Mon 06 Oct 2025 15:00:05 +0000 ROA not after: Mon 10 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:a5:73:4a:47:4d:15:bf:19:03:00:13:06:4f:48:1e:e9:a2:71:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 6 15:00:05 2025 GMT Not After : Nov 10 23:59:59 2025 GMT Subject: serialNumber=6a2fa0d1612f2be49bac9978928e717568006e00842b5d8687a7740d1e200fb8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:9c:44:20:b8:87:db:c8:29:d0:a7:95:9a:9f: 25:7d:32:d6:92:24:6a:b0:a8:2c:91:0c:eb:1e:2a: e2:ba:fa:0f:a9:4c:a7:fc:76:e9:4f:87:de:f6:08: da:f9:cc:e1:55:ff:9e:65:b0:ec:0e:a2:0e:85:85: 29:72:31:dd:89:02:02:21:ac:93:0f:8e:61:f1:70: 1f:c2:62:ee:7b:2d:7e:7b:10:ef:2d:5b:ec:14:64: 5a:34:bd:d8:3b:70:a4:fb:d1:d6:62:92:f7:af:45: 67:7a:6f:a5:f3:c5:c0:f0:3b:56:b5:83:8b:83:3f: 2d:67:ff:48:20:ed:83:5e:69:1b:18:05:dc:22:6f: 15:5d:c6:da:94:a7:84:d4:65:a7:2d:13:cc:0d:ca: 6a:0f:76:fb:04:cd:78:00:a3:10:b7:30:72:5b:04: 62:a1:a8:86:0e:90:f5:fb:34:b4:d2:0e:11:ac:d8: ab:ad:d3:0f:80:a8:e5:e1:3e:a2:87:f0:73:d3:ad: 8e:90:bd:2d:64:02:ef:76:0f:a7:29:37:17:ef:cb: 4e:6b:42:5b:12:cf:66:0c:64:c5:49:df:86:33:61: 73:69:e7:86:37:43:81:8c:bf:0f:98:4c:60:b6:1a: 0d:b1:ec:13:d2:e4:ad:2d:4e:cc:46:8b:71:a4:2a: 85:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:BC:7A:3F:F8:C2:79:35:E3:DC:86:F9:5B:BC:43:1A:0F:B9:7C:2C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6ee8dd2d-118b-4944-8dc4-dc7103368204.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:a000::/40 Signature Algorithm: sha256WithRSAEncryption 0f:df:04:a6:7a:bb:96:7f:01:b4:eb:38:42:56:65:11:ce:71: fb:43:a2:e2:e9:15:f6:be:08:27:63:c9:d8:2e:5a:a0:8f:de: 51:f1:d0:76:34:e5:18:16:10:39:80:ab:dd:2c:eb:4c:67:66: 72:80:7c:52:4c:e5:30:a7:45:85:36:bf:b9:dc:51:b9:02:8c: 9f:b6:c2:d8:d6:e6:7d:62:1e:a6:3e:69:1d:71:cf:81:9c:d2: 53:c7:5d:07:98:d5:20:1c:13:f1:3e:28:4c:75:5d:7b:6f:0c: dc:2f:93:98:22:bb:9d:9e:f6:69:3d:42:27:5d:ca:a8:81:b9: 0c:d4:90:36:9b:c5:c1:1a:29:52:6b:2f:ea:00:97:b9:b7:5f: e1:5f:ec:13:76:0e:e1:88:04:64:9a:f2:c6:89:21:1d:45:0b: 0b:47:41:fa:d0:3e:ab:f3:66:aa:12:e6:68:ac:01:42:82:cc: 7f:55:ac:a3:b0:5b:e2:6a:c6:2b:b0:d8:b5:16:54:9c:58:14: 35:d1:e1:37:33:f6:67:12:e1:9b:72:92:04:57:ba:c4:87:6e: 04:c9:1f:a0:af:e8:93:d6:4c:96:38:d9:49:cd:74:16:73:05: fa:84:14:34:c7:bc:ec:ea:84:fb:74:3f:fc:88:b8:ba:cd:ff: 95:ef:5e:6f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeaVzSkdNFb8ZAwATBk9IHumicVUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNjE1MDAwNVoX DTI1MTExMDIzNTk1OVowejFJMEcGA1UEBRNANmEyZmEwZDE2MTJmMmJlNDliYWM5 OTc4OTI4ZTcxNzU2ODAwNmUwMDg0MmI1ZDg2ODdhNzc0MGQxZTIwMGZiODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5xEILiH28gp0KeVmp8lfTLWkiRq sKgskQzrHiriuvoPqUyn/HbpT4fe9gja+czhVf+eZbDsDqIOhYUpcjHdiQICIayT D45h8XAfwmLuey1+exDvLVvsFGRaNL3YO3Ck+9HWYpL3r0Vnem+l88XA8DtWtYOL gz8tZ/9IIO2DXmkbGAXcIm8VXcbalKeE1GWnLRPMDcpqD3b7BM14AKMQtzByWwRi oaiGDpD1+zS00g4RrNirrdMPgKjl4T6ih/Bz062OkL0tZALvdg+nKTcX78tOa0Jb Es9mDGTFSd+GM2FzaeeGN0OBjL8PmExgthoNsewT0uStLU7MRotxpCqF1wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNu8ej/4wnk149yG+Vu8QxoPuXwsMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZlZThkZDJkLTExOGItNDk0NC04ZGM0LWRjNzEwMzM2ODIwNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9qAwDQYJKoZIhvcNAQELBQADggEBAA/fBKZ6u5Z/AbTrOEJW ZRHOcftDouLpFfa+CCdjydguWqCP3lHx0HY05RgWEDmAq90s60xnZnKAfFJM5TCn RYU2v7ncUbkCjJ+2wtjW5n1iHqY+aR1xz4Gc0lPHXQeY1SAcE/E+KEx1XXtvDNwv k5giu52e9mk9QiddyqiBuQzUkDabxcEaKVJrL+oAl7m3X+Ff7BN2DuGIBGSa8saJ IR1FCwtHQfrQPqvzZqoS5misAUKCzH9VrKOwW+Jqxiuw2LUWVJxYFDXR4Tcz9mcS 4ZtykgRXusSHbgTJH6Cv6JPWTJY42UnNdBZzBfqEFDTHvOzqhPt0P/yIuLrN/5Xv Xm8= -----END CERTIFICATE-----Generated at Mon Oct 20 13:11:38 2025 by rpki-client