$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/71525ec8-f99c-4180-8e1b-a59672d69567.roa File: 71525ec8-f99c-4180-8e1b-a59672d69567.roa (raw, json) Hash identifier: bmPYDZZjXR2YGWPirmEkWtmU6S10AxI0n15bYFfZ51w= Subject key identifier: 18:DB:30:6C:24:1D:A0:35:6E:1C:22:65:D6:1F:79:F9:06:59:EB:7A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1AD213CF488B601DE37AA2C6759882CF774205FD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/71525ec8-f99c-4180-8e1b-a59672d69567.roa Signing time: Mon 13 Oct 2025 15:39:09 +0000 ROA not before: Mon 13 Oct 2025 15:39:09 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:c040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:d2:13:cf:48:8b:60:1d:e3:7a:a2:c6:75:98:82:cf:77:42:05:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:39:09 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=7c69ac4a35a0a22f9de5c4467edfbadabd62b0fd1670f88788179e93f3938fca, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:7a:da:3e:4a:2d:f3:c6:e3:ee:57:74:4d:8c: 39:8c:ab:c1:a9:3b:65:4b:7a:b3:31:08:16:5c:1f: ac:9d:9f:08:8a:c0:a2:61:e8:ec:d8:4e:05:44:1f: 5e:81:19:39:70:a3:8f:48:8d:10:2b:76:ca:79:08: d0:61:71:05:ea:d2:c1:92:db:44:71:94:62:ae:c2: 9c:fc:44:9c:bf:94:de:7f:66:d5:3c:5e:6a:0e:a9: 90:28:4e:9c:96:fd:1d:7e:3f:51:85:ae:b6:44:c7: 2f:59:82:3b:54:a1:ee:53:22:16:82:cb:4c:e2:13: e6:5c:85:4e:7b:ba:44:51:92:05:6c:8a:fc:f8:ec: 1c:23:f7:d8:97:4a:e2:df:d6:73:4a:b0:29:41:e3: b3:9b:37:2d:70:a8:15:de:39:f6:63:d6:c8:5a:ae: 2b:23:a0:e7:3d:3d:f0:16:32:49:ce:68:a2:b2:80: 3b:8d:eb:d4:03:4a:a6:5e:bd:38:7f:a8:da:78:65: f3:71:2a:1a:9c:ec:f9:11:0b:dc:d3:40:5b:a6:98: 84:1f:95:6a:ac:f3:1a:f3:b6:8c:1f:1c:54:3b:2e: f9:33:88:27:e3:78:29:08:5a:89:f3:30:f3:ce:4a: b4:71:d7:ca:48:9d:52:ec:26:15:4b:5e:e2:c2:c5: 79:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:DB:30:6C:24:1D:A0:35:6E:1C:22:65:D6:1F:79:F9:06:59:EB:7A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/71525ec8-f99c-4180-8e1b-a59672d69567.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:c040::/48 Signature Algorithm: sha256WithRSAEncryption 9d:81:66:25:94:cc:da:7e:6b:d6:de:17:95:0e:db:f3:46:da: 34:1c:d0:37:d7:b8:b3:36:8e:ba:76:2e:ec:ac:3f:0d:28:3a: 77:12:82:bf:6f:76:43:0b:8e:cc:1b:82:4d:3a:2a:dc:27:54: f6:bd:3d:6b:8b:18:33:f3:52:dd:cb:d1:55:4a:75:c5:cc:5c: 50:44:07:c3:cf:dc:c9:18:2e:d7:1f:52:5e:46:92:ab:52:84: df:66:bb:de:8d:a7:5e:38:ce:f1:c6:0c:39:42:f0:6d:7e:b4: fc:07:ce:60:98:51:bc:61:e0:4f:7c:4e:34:db:47:d2:bf:82: b5:c1:3d:c0:4e:90:a8:f2:3c:a1:b1:f1:77:dc:2f:75:b3:67: 65:84:a6:a2:ed:f6:6d:36:54:57:ff:db:a4:b1:ff:c6:16:54: 18:66:56:f2:2a:82:81:01:a5:c1:b9:ce:05:81:e8:74:fb:fe: 02:e6:08:b1:50:a7:7e:48:72:9a:c0:ab:c0:a2:ab:95:23:22: cf:7d:a8:c4:6d:18:fc:bc:16:36:a6:04:b2:f3:f1:5b:b8:79: 96:eb:3a:e8:e1:70:c0:dc:cd:ef:b5:07:4e:4d:43:78:c2:bf: b7:e8:79:42:85:0d:64:e0:54:56:6c:65:de:5e:80:3f:01:0c: 6e:f7:41:79 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGtITz0iLYB3jeqLGdZiCz3dCBf0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1MzkwOVoX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNAN2M2OWFjNGEzNWEwYTIyZjlkZTVj NDQ2N2VkZmJhZGFiZDYyYjBmZDE2NzBmODg3ODgxNzllOTNmMzkzOGZjYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnraPkot88bj7ld0TYw5jKvBqTtl S3qzMQgWXB+snZ8IisCiYejs2E4FRB9egRk5cKOPSI0QK3bKeQjQYXEF6tLBkttE cZRirsKc/EScv5Tef2bVPF5qDqmQKE6clv0dfj9Rha62RMcvWYI7VKHuUyIWgstM 4hPmXIVOe7pEUZIFbIr8+OwcI/fYl0ri39ZzSrApQeOzmzctcKgV3jn2Y9bIWq4r I6DnPT3wFjJJzmiisoA7jevUA0qmXr04f6jaeGXzcSoanOz5EQvc00BbppiEH5Vq rPMa87aMHxxUOy75M4gn43gpCFqJ8zDzzkq0cdfKSJ1S7CYVS17iwsV5/QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBjbMGwkHaA1bhwiZdYfefkGWet6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcxNTI1ZWM4LWY5OWMtNDE4MC04ZTFiLWE1OTY3MmQ2OTU2Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/8BAMA0GCSqGSIb3DQEBCwUAA4IBAQCdgWYllMzafmvW3heV DtvzRto0HNA317izNo66di7srD8NKDp3EoK/b3ZDC47MG4JNOircJ1T2vT1rixgz 81Ldy9FVSnXFzFxQRAfDz9zJGC7XH1JeRpKrUoTfZrvejadeOM7xxgw5QvBtfrT8 B85gmFG8YeBPfE4020fSv4K1wT3ATpCo8jyhsfF33C91s2dlhKai7fZtNlRX/9uk sf/GFlQYZlbyKoKBAaXBuc4Fgeh0+/4C5gixUKd+SHKawKvAoquVIyLPfajEbRj8 vBY2pgSy8/FbuHmW6zro4XDA3M3vtQdOTUN4wr+36HlChQ1k4FRWbGXeXoA/AQxu 90F5 -----END CERTIFICATE-----Generated at Mon Oct 20 09:57:25 2025 by rpki-client