$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/70781597-6edc-49bc-bd8c-c9adc68d1b2b.roa File: 70781597-6edc-49bc-bd8c-c9adc68d1b2b.roa (raw, json) Hash identifier: 7rqoWU4pJkQFoZ/+i5JIr+EBNL8hs9S3slNtNizQ3Kg= Subject key identifier: B3:C4:8F:84:8C:39:41:F5:9A:AF:8A:DE:15:9A:82:57:3F:1B:DE:12 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1BD3FF64021821EB3B8506D03EBEFF1638874376 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/70781597-6edc-49bc-bd8c-c9adc68d1b2b.roa Signing time: Sat 11 Oct 2025 00:00:49 +0000 ROA not before: Sat 11 Oct 2025 00:00:49 +0000 ROA not after: Sat 15 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:a080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:d3:ff:64:02:18:21:eb:3b:85:06:d0:3e:be:ff:16:38:87:43:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 11 00:00:49 2025 GMT Not After : Nov 15 23:59:59 2025 GMT Subject: serialNumber=fec05dfa62fab507944fd528d14a9519f31b353ea65e2bf7328290df23867320, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:ca:1f:c1:25:59:3f:78:73:fc:d0:3d:fc:61: e7:c2:a5:50:df:3f:03:26:4c:3c:04:ce:31:0d:2d: 61:92:a0:9c:6c:eb:c1:8d:ae:75:54:be:70:ea:62: f3:23:f6:3b:7c:32:3c:b2:73:b2:78:9a:ca:7a:c2: 12:14:52:6b:64:39:db:5f:cf:c6:d4:00:e2:eb:60: dc:81:3d:57:19:b6:1a:83:41:9d:82:11:94:5f:87: 71:be:5a:19:76:c2:5f:c1:5d:27:0f:f8:19:4e:25: 63:6f:a6:08:e7:65:f1:72:1a:96:73:e5:28:14:6e: 3d:89:c4:7e:52:86:d8:f9:fc:09:b5:5a:6e:91:39: 50:b8:61:a5:06:af:d1:18:69:18:c5:f7:0a:e1:c6: 33:0e:dd:98:ba:72:76:00:f8:1e:05:21:14:9e:4d: bb:81:48:40:36:a8:f3:87:01:eb:d8:9c:07:e8:3f: 56:91:27:73:41:c4:ad:50:22:fc:95:1f:6d:21:3c: 6e:4c:df:5e:d8:6c:eb:71:88:50:56:97:96:bb:46: a6:ed:da:3b:2d:ab:f5:79:e2:9a:00:3d:34:1a:25: 4b:da:68:a6:b7:69:55:bc:d3:a7:4e:2c:f5:4e:0e: 9a:f2:61:66:39:76:9f:19:94:2c:e4:a9:92:07:e2: 8b:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:C4:8F:84:8C:39:41:F5:9A:AF:8A:DE:15:9A:82:57:3F:1B:DE:12 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/70781597-6edc-49bc-bd8c-c9adc68d1b2b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:a080::/48 Signature Algorithm: sha256WithRSAEncryption 0c:5e:84:bf:88:db:0d:5f:4f:04:5d:c5:c6:31:88:fb:b5:9e: bf:1d:66:92:f8:44:ed:71:6d:cd:8b:56:be:1f:f5:11:0d:f7: db:2d:30:72:6f:81:51:d4:c0:78:9b:72:12:bf:3c:e7:07:4c: 28:c8:bb:e5:2d:8a:a3:42:3e:6d:2f:76:67:97:ce:c3:6d:37: 57:c4:e2:57:97:48:40:23:27:0e:21:1d:49:7a:3a:3d:c0:52: 99:42:44:bc:b5:12:d2:ed:49:fe:d8:3a:21:2c:bd:03:0a:15: 62:f7:3a:2c:5c:2c:65:2a:57:30:69:87:5b:c1:b6:57:9a:4c: 46:4f:4a:2f:d3:d6:28:ca:c6:66:d6:5b:f2:09:9c:1b:ec:aa: 3b:ed:69:f2:71:90:69:42:e0:dc:c8:80:9d:4f:98:8b:33:c5: bc:a2:dd:af:0f:53:31:86:f7:8e:f3:5e:84:4d:e0:e5:94:31: 16:c2:03:64:26:43:88:b6:94:b6:22:7c:04:c4:96:4d:0a:dc: 52:c1:cf:79:d0:99:c1:05:2a:11:f6:95:56:ca:54:45:86:ea: 51:2e:4c:51:98:56:6c:d3:88:45:cc:b4:4a:8f:5b:47:da:82: 14:ac:eb:82:55:26:ce:f1:4b:95:9c:1c:a8:19:ea:32:55:01: 37:e6:92:5c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUG9P/ZAIYIes7hQbQPr7/FjiHQ3YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMTAwMDA0OVoX DTI1MTExNTIzNTk1OVowejFJMEcGA1UEBRNAZmVjMDVkZmE2MmZhYjUwNzk0NGZk NTI4ZDE0YTk1MTlmMzFiMzUzZWE2NWUyYmY3MzI4MjkwZGYyMzg2NzMyMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA58ofwSVZP3hz/NA9/GHnwqVQ3z8D Jkw8BM4xDS1hkqCcbOvBja51VL5w6mLzI/Y7fDI8snOyeJrKesISFFJrZDnbX8/G 1ADi62DcgT1XGbYag0GdghGUX4dxvloZdsJfwV0nD/gZTiVjb6YI52XxchqWc+Uo FG49icR+UobY+fwJtVpukTlQuGGlBq/RGGkYxfcK4cYzDt2YunJ2APgeBSEUnk27 gUhANqjzhwHr2JwH6D9WkSdzQcStUCL8lR9tITxuTN9e2GzrcYhQVpeWu0am7do7 Lav1eeKaAD00GiVL2mimt2lVvNOnTiz1Tg6a8mFmOXafGZQs5KmSB+KLYwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLPEj4SMOUH1mq+K3hWaglc/G94SMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcwNzgxNTk3LTZlZGMtNDliYy1iZDhjLWM5YWRjNjhkMWIyYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYaCAMA0GCSqGSIb3DQEBCwUAA4IBAQAMXoS/iNsNX08EXcXG MYj7tZ6/HWaS+ETtcW3Ni1a+H/URDffbLTByb4FR1MB4m3ISvzznB0woyLvlLYqj Qj5tL3Znl87DbTdXxOJXl0hAIycOIR1Jejo9wFKZQkS8tRLS7Un+2DohLL0DChVi 9zosXCxlKlcwaYdbwbZXmkxGT0ov09YoysZm1lvyCZwb7Ko77WnycZBpQuDcyICd T5iLM8W8ot2vD1MxhveO816ETeDllDEWwgNkJkOItpS2InwExJZNCtxSwc950JnB BSoR9pVWylRFhupRLkxRmFZs04hFzLRKj1tH2oIUrOuCVSbO8UuVnByoGeoyVQE3 5pJc -----END CERTIFICATE-----Generated at Mon Oct 20 09:56:50 2025 by rpki-client