$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/84ce14d5-7bf8-4610-8dae-0f2ea4ce82be.roa File: 84ce14d5-7bf8-4610-8dae-0f2ea4ce82be.roa (raw, json) Hash identifier: uwUISPLrAIi8vaoAQDL62KqL3xZ9Gm1sCPXfW7ktwB8= Subject key identifier: D7:5A:45:F3:0F:FE:26:D4:AA:63:36:EC:2E:FC:A8:65:E2:A2:D9:F7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1F9F19AEFA5B0B77A4E687B00E1235FD9C952259 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/84ce14d5-7bf8-4610-8dae-0f2ea4ce82be.roa Signing time: Mon 13 Oct 2025 15:38:58 +0000 ROA not before: Mon 13 Oct 2025 15:38:58 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:80c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:9f:19:ae:fa:5b:0b:77:a4:e6:87:b0:0e:12:35:fd:9c:95:22:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:38:58 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=29beaaee8d458b5ca2880c6c7b2dbe20fc8eee7609a6472ccd7734fe1da27c1f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:f4:4f:9f:3e:10:2c:61:4c:57:57:89:61:ae: d5:9d:35:9d:f3:10:79:2f:fd:55:77:aa:21:0f:50: e7:e4:c7:2f:5a:81:6e:d2:52:b0:fb:df:ef:9a:ec: 82:e0:81:f6:42:0f:53:13:1f:71:9e:6a:c8:a0:5b: ff:0d:4b:e4:92:e4:8f:9f:7a:3e:e3:f9:b8:26:82: d6:5e:b1:62:3c:e2:41:28:3d:75:6f:e2:6b:c9:b3: c8:85:b3:02:d9:66:09:35:5e:2a:71:a4:51:01:eb: 32:d3:e8:8c:20:8b:d4:0f:fb:2f:de:f1:d1:c3:bf: 1e:fd:c9:f2:31:0f:ac:21:f9:d6:bb:6b:60:30:75: d2:48:c2:31:69:b5:3a:59:88:2a:17:9e:21:2a:0a: a8:20:aa:1e:97:e5:ba:2b:e8:2a:a4:26:bf:7e:4e: 7a:88:dc:d3:2b:2c:f7:ef:97:25:cf:31:89:ff:a3: 67:6f:53:54:6b:6d:88:5e:b7:a1:7f:67:99:b8:d3: fc:c5:a9:c7:9b:4c:c9:20:f5:b5:98:d8:bc:14:66: 4b:b4:1b:f1:86:90:1a:24:45:94:ce:8a:2f:9c:34: a7:e2:75:49:37:bc:48:7c:41:ba:65:4e:1c:55:6f: 13:43:67:c6:c5:51:a8:3e:9a:b0:ec:d0:ac:84:d0: cf:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:5A:45:F3:0F:FE:26:D4:AA:63:36:EC:2E:FC:A8:65:E2:A2:D9:F7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/84ce14d5-7bf8-4610-8dae-0f2ea4ce82be.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:80c0::/48 Signature Algorithm: sha256WithRSAEncryption 28:17:5d:a6:00:40:59:59:a9:a9:59:c9:3f:70:11:ac:e7:06: 99:11:ac:02:0e:5e:4b:e9:41:bd:10:ae:6f:c4:12:b5:a5:87: 2e:66:5a:03:53:de:f6:f5:4b:44:2e:81:70:eb:81:df:4e:27: 1b:e7:c8:82:bf:35:11:8b:77:60:b3:2e:20:f4:61:57:c4:27: f7:ec:84:7d:eb:84:98:2c:74:83:54:a4:09:05:a7:0a:ac:9d: 60:2b:0b:6e:9a:d1:f1:9b:63:f5:0f:6b:50:24:8b:9c:53:c8: 21:a9:0d:20:6c:72:67:33:f5:e5:6f:87:f5:b4:d2:50:0b:77: e0:4e:d0:f9:34:63:79:aa:52:cb:67:e4:d5:90:f5:ab:35:5b: b2:a3:04:55:9d:2b:bf:6e:b6:93:7b:09:de:c5:7a:79:81:7c: 9e:24:7f:23:32:fc:12:00:a6:51:f7:eb:7f:21:35:5e:bc:b8: 42:d6:1c:f1:5e:2f:39:3c:96:f7:f5:5b:d7:6d:02:6b:90:5f: cd:0f:f9:62:0a:fe:2e:1a:cf:90:82:58:90:01:54:a9:a8:6c: 30:ec:f4:14:bf:e4:c5:ac:d9:f4:ee:26:31:95:d1:2e:c3:0b: 71:ae:84:9a:3d:e7:62:91:87:23:ae:e9:35:c0:4b:15:24:51: bb:46:2c:cc -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUH58ZrvpbC3ek5oewDhI1/ZyVIlkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1Mzg1OFoX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNAMjliZWFhZWU4ZDQ1OGI1Y2EyODgw YzZjN2IyZGJlMjBmYzhlZWU3NjA5YTY0NzJjY2Q3NzM0ZmUxZGEyN2MxZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfRPnz4QLGFMV1eJYa7VnTWd8xB5 L/1Vd6ohD1Dn5McvWoFu0lKw+9/vmuyC4IH2Qg9TEx9xnmrIoFv/DUvkkuSPn3o+ 4/m4JoLWXrFiPOJBKD11b+JrybPIhbMC2WYJNV4qcaRRAesy0+iMIIvUD/sv3vHR w78e/cnyMQ+sIfnWu2tgMHXSSMIxabU6WYgqF54hKgqoIKoel+W6K+gqpCa/fk56 iNzTKyz375clzzGJ/6Nnb1NUa22IXrehf2eZuNP8xanHm0zJIPW1mNi8FGZLtBvx hpAaJEWUzoovnDSn4nVJN7xIfEG6ZU4cVW8TQ2fGxVGoPpqw7NCshNDPiwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNdaRfMP/ibUqmM27C78qGXiotn3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg0Y2UxNGQ1LTdiZjgtNDYxMC04ZGFlLTBmMmVhNGNlODJiZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8oDAMA0GCSqGSIb3DQEBCwUAA4IBAQAoF12mAEBZWampWck/ cBGs5waZEawCDl5L6UG9EK5vxBK1pYcuZloDU9729UtELoFw64HfTicb58iCvzUR i3dgsy4g9GFXxCf37IR964SYLHSDVKQJBacKrJ1gKwtumtHxm2P1D2tQJIucU8gh qQ0gbHJnM/Xlb4f1tNJQC3fgTtD5NGN5qlLLZ+TVkPWrNVuyowRVnSu/braTewne xXp5gXyeJH8jMvwSAKZR9+t/ITVevLhC1hzxXi85PJb39VvXbQJrkF/ND/liCv4u Gs+QgliQAVSpqGww7PQUv+TFrNn07iYxldEuwwtxroSaPedikYcjruk1wEsVJFG7 RizM -----END CERTIFICATE-----Generated at Mon Oct 20 15:55:53 2025 by rpki-client