$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7105aadf-8449-4060-98c4-d4b349ff7892.roa File: 7105aadf-8449-4060-98c4-d4b349ff7892.roa (raw, json) Hash identifier: enAcS6Df9O/KVPiHbbvNrKu4UP0HGm9+4sgA75k10N0= Subject key identifier: F0:89:CE:08:48:BC:55:C1:01:47:BA:EC:7F:CD:B7:BE:31:89:F1:A7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7A497B99B62EA7210D05C989C6F0B9818E7EB528 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7105aadf-8449-4060-98c4-d4b349ff7892.roa Signing time: Mon 06 Oct 2025 15:10:08 +0000 ROA not before: Mon 06 Oct 2025 15:10:08 +0000 ROA not after: Mon 10 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:49:7b:99:b6:2e:a7:21:0d:05:c9:89:c6:f0:b9:81:8e:7e:b5:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 6 15:10:08 2025 GMT Not After : Nov 10 23:59:59 2025 GMT Subject: serialNumber=762e3b31fbc6d5d1d2d808e02dea06fc7c754f8543163871ae574d9319b6f3ed, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:a0:2f:97:a8:c1:4b:2e:58:d3:0f:86:9b:e4: e7:9f:b5:73:ea:d7:0b:a1:77:98:47:e4:ee:63:9a: f8:38:9c:1f:81:c3:68:67:18:4d:43:9d:16:fb:32: 9e:a8:ac:82:ba:f4:53:ba:59:5b:3d:03:ff:0a:0e: 76:45:18:d8:11:67:f4:d5:72:08:92:ca:02:c3:8a: d3:58:63:69:38:92:89:56:73:2f:c1:0b:71:5e:f3: 24:dc:c5:99:b4:ea:21:2c:40:55:19:f8:d0:cb:53: 3f:d5:b8:a1:c6:14:61:e8:9c:68:b5:9e:5d:2c:b9: 00:21:58:20:d4:29:2a:05:a6:c1:a6:e3:c1:91:74: 46:55:37:2b:93:4c:47:3e:54:56:5e:7b:59:41:09: f5:89:27:ee:e8:c6:1c:e4:1d:42:25:13:84:16:13: 5d:6c:0f:12:00:e6:99:fe:74:1a:f2:ca:6e:37:1b: 10:3b:9b:c2:90:ad:ec:85:8f:56:a4:a2:12:34:18: 66:ae:7b:14:93:e9:0c:6e:76:76:b5:ac:2b:72:46: 83:70:52:e0:96:72:63:8b:c9:ce:13:cc:06:d3:21: 76:cf:a4:46:e6:ab:c6:6a:18:0f:d4:ea:4d:40:0e: b7:b1:81:87:28:21:1f:04:a1:00:92:d1:a4:49:3a: 08:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:89:CE:08:48:BC:55:C1:01:47:BA:EC:7F:CD:B7:BE:31:89:F1:A7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7105aadf-8449-4060-98c4-d4b349ff7892.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:b000::/40 Signature Algorithm: sha256WithRSAEncryption ac:e6:b0:20:35:bd:76:d2:30:d1:2e:32:15:7d:b9:ef:95:5b: 1b:33:b0:13:48:f0:d3:cb:7d:0f:c6:fe:08:1f:3a:a6:38:68: 9a:a8:7a:ae:1f:34:3b:ee:bc:8a:83:f3:43:24:3f:9d:86:8c: 2e:f3:8d:2e:27:c2:3e:99:fa:bc:ed:59:0f:1d:19:8e:31:dd: 88:ee:77:62:05:95:52:0d:06:5f:66:ac:2d:15:7b:5c:d0:46: 1c:c2:f3:44:e9:a0:eb:df:c3:6c:b8:76:29:a5:16:70:67:b6: 7e:96:6d:33:91:82:cd:8d:12:eb:af:2e:7d:d1:18:ac:e5:76: a7:29:e8:e3:fc:d7:d4:5d:51:eb:e1:01:7a:d4:43:c1:49:fb: 51:07:e1:d2:32:65:ec:ee:ce:03:80:04:92:ea:fe:b0:91:64: df:e4:67:ff:95:b8:de:8c:47:b6:9e:7c:c2:55:29:5b:b0:7d: 1e:7c:c8:6b:a2:f3:74:1c:c2:a5:4c:e3:e3:19:88:de:08:f5: 82:da:aa:01:11:0b:e3:e8:80:fa:5f:44:44:27:af:7f:51:0b: 14:60:ed:f4:44:71:c9:79:9a:12:66:ee:8f:c1:4b:aa:cf:a2: 60:6b:69:5f:a1:d0:5a:a0:2e:45:a9:7d:76:38:68:9c:81:b0: 80:57:46:6a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUekl7mbYupyENBcmJxvC5gY5+tSgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNjE1MTAwOFoX DTI1MTExMDIzNTk1OVowejFJMEcGA1UEBRNANzYyZTNiMzFmYmM2ZDVkMWQyZDgw OGUwMmRlYTA2ZmM3Yzc1NGY4NTQzMTYzODcxYWU1NzRkOTMxOWI2ZjNlZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7qAvl6jBSy5Y0w+Gm+Tnn7Vz6tcL oXeYR+TuY5r4OJwfgcNoZxhNQ50W+zKeqKyCuvRTullbPQP/Cg52RRjYEWf01XII ksoCw4rTWGNpOJKJVnMvwQtxXvMk3MWZtOohLEBVGfjQy1M/1bihxhRh6JxotZ5d LLkAIVgg1CkqBabBpuPBkXRGVTcrk0xHPlRWXntZQQn1iSfu6MYc5B1CJROEFhNd bA8SAOaZ/nQa8spuNxsQO5vCkK3shY9WpKISNBhmrnsUk+kMbnZ2tawrckaDcFLg lnJji8nOE8wG0yF2z6RG5qvGahgP1OpNQA63sYGHKCEfBKEAktGkSToIGwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPCJzghIvFXBAUe67H/Nt74xifGnMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcxMDVhYWRmLTg0NDktNDA2MC05OGM0LWQ0YjM0OWZmNzg5Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9bAwDQYJKoZIhvcNAQELBQADggEBAKzmsCA1vXbSMNEuMhV9 ue+VWxszsBNI8NPLfQ/G/ggfOqY4aJqoeq4fNDvuvIqD80MkP52GjC7zjS4nwj6Z +rztWQ8dGY4x3Yjud2IFlVINBl9mrC0Ve1zQRhzC80TpoOvfw2y4dimlFnBntn6W bTORgs2NEuuvLn3RGKzldqcp6OP819RdUevhAXrUQ8FJ+1EH4dIyZezuzgOABJLq /rCRZN/kZ/+VuN6MR7aefMJVKVuwfR58yGui83QcwqVM4+MZiN4I9YLaqgERC+Po gPpfREQnr39RCxRg7fREccl5mhJm7o/BS6rPomBraV+h0FqgLkWpfXY4aJyBsIBX Rmo= -----END CERTIFICATE-----Generated at Mon Oct 20 12:41:31 2025 by rpki-client