$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8457b23d-d50e-4b48-bd70-aa0e3c7abb86.roa File: 8457b23d-d50e-4b48-bd70-aa0e3c7abb86.roa (raw, json) Hash identifier: YvBNe0rSWbl/3MYYDFdjymg4racj65EP2aIBsSNxUa8= Subject key identifier: E0:40:8C:94:69:35:A6:12:DE:52:94:58:F3:77:A8:46:AA:65:1D:FB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 181E9AC546504438402DFDC25243BD9E261CFFBC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8457b23d-d50e-4b48-bd70-aa0e3c7abb86.roa Signing time: Tue 14 Oct 2025 00:20:14 +0000 ROA not before: Tue 14 Oct 2025 00:20:14 +0000 ROA not after: Tue 18 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:1e:9a:c5:46:50:44:38:40:2d:fd:c2:52:43:bd:9e:26:1c:ff:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 14 00:20:14 2025 GMT Not After : Nov 18 23:59:59 2025 GMT Subject: serialNumber=7eec489884ff7af1257573c2e20cb2b787fd125c0d23be782dab7f72a105f3da, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:84:33:7a:4a:af:83:c8:fc:f5:6f:74:d5:2f: 08:4d:70:9d:24:e6:70:0f:9e:83:7d:6e:ee:c9:31: 1a:4e:1c:4b:7f:c4:dd:f8:04:bd:b3:27:b0:3b:bd: 52:ea:66:c8:2a:1e:6d:b4:a9:66:0f:da:eb:ff:d3: bf:f5:79:46:18:6d:29:dc:0f:5b:62:da:12:88:03: 86:88:38:d9:46:59:71:74:49:56:f2:83:dc:5b:64: 92:92:48:41:6a:3c:b4:3b:8f:47:d2:0f:7c:56:57: 08:64:07:2f:b8:fd:5c:cd:38:93:59:7b:fc:0d:cd: b0:c9:1e:1f:09:ea:03:a3:22:89:31:fd:1c:89:9f: 98:f0:bd:fb:2b:cc:cc:84:05:25:dc:49:35:e9:f7: 1e:6e:ba:84:a5:21:9d:82:b6:87:df:25:d2:32:7d: ff:19:2f:22:9c:65:de:06:a7:aa:4b:a6:6d:ab:02: 45:ab:7d:07:30:97:ac:8b:e0:7b:a7:a6:0c:7f:7f: cd:d4:bc:1e:e5:08:9c:4a:aa:e0:69:4b:cd:a6:91: 57:3d:6c:dd:b8:87:08:a9:ca:ce:e6:82:63:e8:33: c1:46:86:31:29:93:41:82:2f:9d:b8:d3:d3:1c:9f: 2d:d9:ae:b3:db:00:97:99:fe:14:a2:d3:71:5d:89: ad:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:40:8C:94:69:35:A6:12:DE:52:94:58:F3:77:A8:46:AA:65:1D:FB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8457b23d-d50e-4b48-bd70-aa0e3c7abb86.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:b000::/40 Signature Algorithm: sha256WithRSAEncryption c3:91:20:12:37:06:6a:bd:15:61:82:a0:ab:34:0f:9c:01:7f: f2:61:58:6d:96:c6:8e:88:c3:82:9b:eb:a1:d1:0f:88:12:d5: 51:97:bf:16:ef:84:24:26:90:dd:65:9a:f5:6e:fe:69:9a:b5: 85:c4:61:e9:56:ab:dd:79:2d:a7:2c:d7:82:06:2d:da:89:b1: 32:c6:01:4b:f5:b8:17:3b:50:87:ff:c6:90:aa:7e:ec:8a:6e: 00:75:b9:93:73:51:40:b2:f1:6b:60:85:60:a8:a7:d6:ba:e8: 4c:7c:ef:c5:d3:0a:14:20:10:76:ce:09:b3:fd:62:60:88:3c: 7c:13:a5:46:4d:c6:ac:48:7b:d8:c4:73:80:8a:7e:9e:b8:60: 30:3a:76:5d:70:98:b8:1b:1b:c9:9c:36:37:60:5a:5e:02:2d: f4:0c:4b:61:34:12:75:cc:69:d7:3f:ee:d3:bc:df:91:96:87: 9a:13:e5:90:6f:e1:75:4d:a1:90:b5:af:c3:f1:c5:1f:4b:f5: 0a:88:5d:32:45:12:a0:d1:d9:f2:a4:16:f2:50:89:bd:16:0c: 18:00:ef:31:f0:ac:3f:a2:15:16:6d:49:ae:a8:f0:98:3f:84: 36:83:d0:ad:f2:37:9d:eb:e8:90:24:42:16:24:0e:9a:e7:a8: 9a:1f:65:5b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGB6axUZQRDhALf3CUkO9niYc/7wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNDAwMjAxNFoX DTI1MTExODIzNTk1OVowejFJMEcGA1UEBRNAN2VlYzQ4OTg4NGZmN2FmMTI1NzU3 M2MyZTIwY2IyYjc4N2ZkMTI1YzBkMjNiZTc4MmRhYjdmNzJhMTA1ZjNkYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA94Qzekqvg8j89W901S8ITXCdJOZw D56DfW7uyTEaThxLf8Td+AS9syewO71S6mbIKh5ttKlmD9rr/9O/9XlGGG0p3A9b YtoSiAOGiDjZRllxdElW8oPcW2SSkkhBajy0O49H0g98VlcIZAcvuP1czTiTWXv8 Dc2wyR4fCeoDoyKJMf0ciZ+Y8L37K8zMhAUl3Ek16fcebrqEpSGdgraH3yXSMn3/ GS8inGXeBqeqS6ZtqwJFq30HMJesi+B7p6YMf3/N1Lwe5QicSqrgaUvNppFXPWzd uIcIqcrO5oJj6DPBRoYxKZNBgi+duNPTHJ8t2a6z2wCXmf4UotNxXYmt9QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOBAjJRpNaYS3lKUWPN3qEaqZR37MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg0NTdiMjNkLWQ1MGUtNGI0OC1iZDcwLWFhMGUzYzdhYmI4Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+7AwDQYJKoZIhvcNAQELBQADggEBAMORIBI3Bmq9FWGCoKs0 D5wBf/JhWG2Wxo6Iw4Kb66HRD4gS1VGXvxbvhCQmkN1lmvVu/mmatYXEYelWq915 Lacs14IGLdqJsTLGAUv1uBc7UIf/xpCqfuyKbgB1uZNzUUCy8WtghWCop9a66Ex8 78XTChQgEHbOCbP9YmCIPHwTpUZNxqxIe9jEc4CKfp64YDA6dl1wmLgbG8mcNjdg Wl4CLfQMS2E0EnXMadc/7tO835GWh5oT5ZBv4XVNoZC1r8PxxR9L9QqIXTJFEqDR 2fKkFvJQib0WDBgA7zHwrD+iFRZtSa6o8Jg/hDaD0K3yN53r6JAkQhYkDprnqJof ZVs= -----END CERTIFICATE-----Generated at Mon Oct 20 07:27:05 2025 by rpki-client