$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8b68ae6b-07d9-4faf-96d3-0ed316306385.roa File: 8b68ae6b-07d9-4faf-96d3-0ed316306385.roa (raw, json) Hash identifier: gLCZYRTqE5WZGOuvcLzdZ+tSwkBjOmSv6G65fpMCgQ4= Subject key identifier: E4:B6:2A:B3:09:42:62:17:5D:51:23:B3:12:61:F4:83:F7:66:FA:4F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1C924F609ACC67A5381F28D38B439D344EAB5217 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8b68ae6b-07d9-4faf-96d3-0ed316306385.roa Signing time: Mon 13 Oct 2025 15:01:09 +0000 ROA not before: Mon 13 Oct 2025 15:01:09 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:70c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:92:4f:60:9a:cc:67:a5:38:1f:28:d3:8b:43:9d:34:4e:ab:52:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:01:09 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=a84bc81b077dfbdfcd8a952454200d9a8e108468695f665acfef1939f7afbbc9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:1a:e9:b6:66:72:8e:c4:e4:87:cc:e7:11:a0: 25:11:72:93:4e:57:3e:ae:9e:07:45:37:87:db:b6: 6a:8f:58:3b:8d:0c:94:14:24:fe:0d:d0:fd:34:c6: b5:32:ee:a1:9a:84:0c:60:99:7e:82:1a:1d:88:39: 22:a7:ad:fd:bb:42:65:6b:11:d9:64:4a:d5:79:a3: 01:a3:a6:b2:98:1e:e5:61:5c:a7:0d:d5:a4:db:10: 24:30:2d:4c:55:96:de:91:88:be:9e:83:0c:18:8b: d1:cf:15:b2:0a:86:7d:3d:e8:f5:17:9f:50:70:89: 6f:d8:46:b8:e6:a9:e6:7b:ac:82:8c:74:3b:cf:c0: d7:f6:db:ba:ae:1d:ef:d5:6a:2d:74:16:da:7c:47: e3:ee:89:f7:23:dd:1b:18:98:a8:29:78:56:cf:1d: ef:0d:7e:aa:0d:80:6a:9d:ac:48:05:30:2f:85:78: d7:0a:f8:34:fb:0e:88:30:fa:e2:a2:9a:ab:98:cb: f1:2d:ff:39:dd:65:64:40:bd:10:a2:71:4b:5d:0f: ec:6e:71:8b:c8:65:f9:c5:ae:39:88:c7:31:ae:37: 66:99:65:d3:5a:ef:e1:2f:3b:02:85:50:13:61:7f: 7b:90:3f:0e:51:6d:42:3c:d7:b4:93:02:12:1e:1c: 65:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:B6:2A:B3:09:42:62:17:5D:51:23:B3:12:61:F4:83:F7:66:FA:4F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8b68ae6b-07d9-4faf-96d3-0ed316306385.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:70c0::/48 Signature Algorithm: sha256WithRSAEncryption 75:7d:8f:24:0d:ec:ea:a1:67:9d:d6:64:7d:ef:f0:72:46:67: 7c:fb:e1:a7:28:65:9d:68:51:92:9d:d4:e1:15:92:a5:b1:e9: 40:a5:d4:f5:cc:ad:89:29:cb:55:ee:05:95:b3:8c:de:57:b0: 4c:52:0b:65:0d:eb:86:bd:51:96:23:59:4a:a8:d3:b5:0c:22: d6:10:61:a5:21:da:13:28:22:7f:2d:d2:d6:f9:0a:60:cb:f8: 92:46:6a:d6:10:bb:2f:82:1f:c3:5a:ae:93:10:67:20:57:7e: 7c:c5:03:a4:59:fb:16:e7:56:29:ca:c6:c0:db:82:de:ee:99: fa:02:80:d6:f3:4f:87:77:07:a8:ea:08:aa:89:20:f6:15:bb: 1c:5e:f7:38:34:20:d1:00:d4:a7:ca:a3:e8:21:00:09:b0:92: ee:1b:d3:0f:e5:bc:f4:fe:ec:fc:0a:ad:8b:77:c1:08:e2:bb: 1b:a3:c0:27:55:5f:28:7e:c6:ea:3e:72:d9:e3:c3:69:43:cf: a8:ce:75:58:47:62:70:da:63:e9:40:03:df:44:01:45:28:94: 6c:ea:11:1c:18:b0:ce:d1:d4:a0:cf:8a:2e:56:0f:f3:ce:b4: 8a:2b:a2:65:61:1d:1a:d1:5d:38:49:32:eb:4d:77:20:60:4c: d4:15:90:a3 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUHJJPYJrMZ6U4HyjTi0OdNE6rUhcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1MDEwOVoX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNAYTg0YmM4MWIwNzdkZmJkZmNkOGE5 NTI0NTQyMDBkOWE4ZTEwODQ2ODY5NWY2NjVhY2ZlZjE5MzlmN2FmYmJjOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxrptmZyjsTkh8znEaAlEXKTTlc+ rp4HRTeH27Zqj1g7jQyUFCT+DdD9NMa1Mu6hmoQMYJl+ghodiDkip639u0JlaxHZ ZErVeaMBo6aymB7lYVynDdWk2xAkMC1MVZbekYi+noMMGIvRzxWyCoZ9Pej1F59Q cIlv2Ea45qnme6yCjHQ7z8DX9tu6rh3v1WotdBbafEfj7on3I90bGJioKXhWzx3v DX6qDYBqnaxIBTAvhXjXCvg0+w6IMPriopqrmMvxLf853WVkQL0QonFLXQ/sbnGL yGX5xa45iMcxrjdmmWXTWu/hLzsChVATYX97kD8OUW1CPNe0kwISHhxlJwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOS2KrMJQmIXXVEjsxJh9IP3ZvpPMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhiNjhhZTZiLTA3ZDktNGZhZi05NmQzLTBlZDMxNjMwNjM4NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYXDAMA0GCSqGSIb3DQEBCwUAA4IBAQB1fY8kDezqoWed1mR9 7/ByRmd8++GnKGWdaFGSndThFZKlselApdT1zK2JKctV7gWVs4zeV7BMUgtlDeuG vVGWI1lKqNO1DCLWEGGlIdoTKCJ/LdLW+Qpgy/iSRmrWELsvgh/DWq6TEGcgV358 xQOkWfsW51YpysbA24Le7pn6AoDW80+Hdweo6giqiSD2FbscXvc4NCDRANSnyqPo IQAJsJLuG9MP5bz0/uz8Cq2Ld8EI4rsbo8AnVV8ofsbqPnLZ48NpQ8+oznVYR2Jw 2mPpQAPfRAFFKJRs6hEcGLDO0dSgz4ouVg/zzrSKK6JlYR0a0V04STLrTXcgYEzU FZCj -----END CERTIFICATE-----Generated at Mon Oct 20 13:10:45 2025 by rpki-client