$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/841d2e32-ec89-44ad-8f86-21aa458e7070.roa File: 841d2e32-ec89-44ad-8f86-21aa458e7070.roa (raw, json) Hash identifier: /lC/FmmS722s+lD6TzTnvWwRzVt5KKvuaLBrDcrdirQ= Subject key identifier: F7:5A:67:7F:6B:6E:FE:04:81:CA:67:5E:E4:96:7E:CB:5B:98:10:1B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 59CCA73E6A5FD2FDBE25B4A399231BF4A545A84D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/841d2e32-ec89-44ad-8f86-21aa458e7070.roa Signing time: Tue 14 Oct 2025 00:20:09 +0000 ROA not before: Tue 14 Oct 2025 00:20:09 +0000 ROA not after: Tue 18 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:cc:a7:3e:6a:5f:d2:fd:be:25:b4:a3:99:23:1b:f4:a5:45:a8:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 14 00:20:09 2025 GMT Not After : Nov 18 23:59:59 2025 GMT Subject: serialNumber=1363209f8f50caf4c0660c1e214fdb3d97eada15b57360531fd9054e2d172504, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:8f:92:c6:d7:d2:11:8e:f2:3a:83:3a:37:5a: 85:89:85:62:41:8d:ad:ab:94:59:3c:14:96:1b:d8: 12:51:f8:fd:30:b3:31:21:6b:22:6d:a6:34:bb:a9: f4:b0:20:78:b0:55:1c:a4:e1:82:fe:b8:48:13:ef: cb:20:f0:44:64:f0:4a:7a:7a:e4:bf:c0:20:d3:b1: 77:ef:db:45:a2:96:86:30:4f:e9:04:1c:66:cf:7d: 2a:63:5b:95:cf:f4:5c:ad:00:3c:91:c4:f1:88:e4: 56:cd:ec:e7:30:f3:ca:95:d7:55:49:e4:51:bf:52: a2:59:ce:da:08:b3:72:c6:24:dd:41:3b:0c:1b:d1: 9e:ee:b2:4d:b0:7e:ef:c1:a4:ae:a8:31:dd:f2:9c: ec:60:41:bc:18:ac:d6:25:23:54:78:6d:86:e0:86: 06:26:73:da:88:9f:d4:df:e2:21:2a:db:7d:78:27: 5a:79:94:7b:d3:2d:d9:f7:d4:2c:84:1a:a8:77:6a: e9:b8:62:84:ee:a6:4e:6d:7e:3e:a2:07:f4:f3:f6: 29:43:20:e6:df:a8:71:f3:82:0e:ff:7d:a7:63:d7: 34:f8:b9:04:22:46:88:d0:1a:66:e6:31:20:c5:03: 72:da:5b:fe:05:0d:60:cc:dd:46:69:07:98:a4:3c: 67:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:5A:67:7F:6B:6E:FE:04:81:CA:67:5E:E4:96:7E:CB:5B:98:10:1B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/841d2e32-ec89-44ad-8f86-21aa458e7070.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:6000::/40 Signature Algorithm: sha256WithRSAEncryption 56:ee:2b:df:cb:12:be:ef:8c:dc:92:3d:31:b3:72:39:c4:fd: 38:5c:d6:1d:5b:8f:8d:85:d7:25:1c:e3:3a:d9:ba:cd:37:c7: 8f:e7:44:9c:e4:4b:0d:a0:60:9b:5a:6a:46:8e:04:48:85:ff: 10:17:6a:29:2e:46:45:91:5f:b0:8d:b9:6b:79:36:bb:56:ad: 19:be:a6:c3:a3:c4:66:55:7c:14:44:ae:e1:a3:f1:ec:ff:f6: 28:6a:c9:6e:e6:57:9a:cc:5e:69:9b:6c:d3:9f:c4:8e:ea:78: 7d:d8:7f:24:bd:26:65:ff:57:b4:b9:13:67:4f:10:2e:22:e9: db:d8:20:06:ee:52:fa:f8:d7:c9:3d:e3:73:d2:15:64:a3:5b: 5b:ba:2e:50:5c:f5:c4:b6:ea:e3:f9:c3:a4:1b:67:a6:92:42: d9:7a:3c:02:ae:89:1a:8c:ae:1c:79:2d:39:b1:a7:5e:ba:34: d3:63:87:61:8b:4d:5e:79:ff:d4:4a:d9:42:f7:c8:b9:38:68: ec:59:0a:c2:3e:c2:ef:e9:b7:65:ba:56:8f:ba:5c:7e:3a:26: 5b:fe:7c:7a:c4:4f:3b:a7:10:d7:97:42:09:8c:f7:aa:bc:a4: bc:63:37:f2:a6:56:a2:c2:88:4c:1b:c5:92:90:2c:1e:dc:f6: 36:e8:28:64 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWcynPmpf0v2+JbSjmSMb9KVFqE0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNDAwMjAwOVoX DTI1MTExODIzNTk1OVowejFJMEcGA1UEBRNAMTM2MzIwOWY4ZjUwY2FmNGMwNjYw YzFlMjE0ZmRiM2Q5N2VhZGExNWI1NzM2MDUzMWZkOTA1NGUyZDE3MjUwNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzo+SxtfSEY7yOoM6N1qFiYViQY2t q5RZPBSWG9gSUfj9MLMxIWsibaY0u6n0sCB4sFUcpOGC/rhIE+/LIPBEZPBKenrk v8Ag07F379tFopaGME/pBBxmz30qY1uVz/RcrQA8kcTxiORWzeznMPPKlddVSeRR v1KiWc7aCLNyxiTdQTsMG9Ge7rJNsH7vwaSuqDHd8pzsYEG8GKzWJSNUeG2G4IYG JnPaiJ/U3+IhKtt9eCdaeZR70y3Z99QshBqod2rpuGKE7qZObX4+ogf08/YpQyDm 36hx84IO/32nY9c0+LkEIkaI0Bpm5jEgxQNy2lv+BQ1gzN1GaQeYpDxnuQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPdaZ39rbv4EgcpnXuSWfstbmBAbMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg0MWQyZTMyLWVjODktNDRhZC04Zjg2LTIxYWE0NThlNzA3MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaWAwDQYJKoZIhvcNAQELBQADggEBAFbuK9/LEr7vjNySPTGz cjnE/Thc1h1bj42F1yUc4zrZus03x4/nRJzkSw2gYJtaakaOBEiF/xAXaikuRkWR X7CNuWt5NrtWrRm+psOjxGZVfBREruGj8ez/9ihqyW7mV5rMXmmbbNOfxI7qeH3Y fyS9JmX/V7S5E2dPEC4i6dvYIAbuUvr418k943PSFWSjW1u6LlBc9cS26uP5w6Qb Z6aSQtl6PAKuiRqMrhx5LTmxp166NNNjh2GLTV55/9RK2UL3yLk4aOxZCsI+wu/p t2W6Vo+6XH46Jlv+fHrETzunENeXQgmM96q8pLxjN/KmVqLCiEwbxZKQLB7c9jbo KGQ= -----END CERTIFICATE-----Generated at Mon Oct 20 07:29:58 2025 by rpki-client