$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bcecca4-2643-4406-bbf4-e5e9f63786ec.roa File: 8bcecca4-2643-4406-bbf4-e5e9f63786ec.roa (raw, json) Hash identifier: ZUMF8s5WgiBhBLGCtHHZAFf6jeFqJhMjrYtKVFSsz08= Subject key identifier: 33:58:87:F0:16:AE:C1:F2:39:7D:FB:1D:CD:5E:66:7D:8D:9F:42:7C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 257A6923EA7987C9353BA7ACAA25930B280472B4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bcecca4-2643-4406-bbf4-e5e9f63786ec.roa Signing time: Sat 11 Oct 2025 00:10:01 +0000 ROA not before: Sat 11 Oct 2025 00:10:01 +0000 ROA not after: Sat 15 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:b0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:7a:69:23:ea:79:87:c9:35:3b:a7:ac:aa:25:93:0b:28:04:72:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 11 00:10:01 2025 GMT Not After : Nov 15 23:59:59 2025 GMT Subject: serialNumber=445350609d1879522803ef816aa2aa09d78bbfb1e5fcb30f08ab95e1272e7261, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:4c:be:ad:64:8e:b2:3b:c3:22:11:5e:a3:58: b0:73:91:f4:dc:37:d9:09:6c:0f:47:8b:59:15:36: 8d:17:74:37:c2:66:3c:93:f9:dd:0e:06:8f:7f:e4: e5:66:ee:03:6f:74:fa:8d:61:cd:96:97:c1:c4:90: 67:5a:66:9b:a1:54:c8:90:70:f9:e9:77:7d:16:db: 97:cd:39:0f:82:74:fe:0d:cf:a3:0e:f7:98:85:42: 1e:79:5d:20:15:01:9b:bd:00:9a:00:1f:56:19:10: e1:49:98:22:ff:77:fe:fb:21:3f:1c:3c:17:c1:df: 9a:bc:3c:05:c3:f2:47:3b:f7:f1:df:d3:f6:f7:6c: 8b:b7:1b:f4:cf:a0:83:a0:dd:e4:55:0e:dc:b0:0b: 2e:2f:e7:78:d3:1f:40:12:da:eb:ac:0b:14:03:68: 52:eb:ac:62:60:c4:34:1b:0c:17:52:b8:f4:7a:43: 24:87:2f:fd:2b:ed:46:da:90:55:13:b8:53:e2:66: 39:a4:13:bf:85:98:75:f8:30:0b:90:d6:71:78:bc: bb:54:80:3c:87:55:21:c4:76:30:09:67:64:ec:be: f1:5b:28:6e:b2:65:67:bb:13:d2:98:35:83:8f:54: f8:b6:36:07:a9:f8:cb:ac:da:22:06:fe:89:ca:bc: 78:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:58:87:F0:16:AE:C1:F2:39:7D:FB:1D:CD:5E:66:7D:8D:9F:42:7C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bcecca4-2643-4406-bbf4-e5e9f63786ec.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:b0c0::/48 Signature Algorithm: sha256WithRSAEncryption 7c:1d:82:36:60:9a:75:eb:1a:cc:d4:fe:64:3c:b9:f2:af:c7: eb:b8:6b:d1:ac:5b:7e:8f:76:fa:c7:46:0f:25:84:2e:0a:61: 49:c0:4a:a6:68:88:88:75:3d:fd:d9:e0:2e:ad:ea:44:b3:26: 3e:ea:b5:6a:fc:ed:e9:65:95:63:ae:19:12:af:97:3c:ae:13: cd:c1:eb:53:2b:a8:55:b5:6a:de:7d:02:ff:2c:6f:11:a9:18: f1:08:a6:f9:82:44:ee:5c:6e:e9:f2:71:46:85:8d:9d:38:62: 57:12:cc:a4:0c:64:b1:fa:4c:94:c9:b9:6d:7c:69:4f:2b:12: 8e:55:64:5a:f7:d6:c3:ff:8d:fd:57:28:08:28:5b:c6:df:2b: 66:3b:56:da:8b:24:e3:ff:2d:93:9a:c8:29:b9:30:60:9e:18: 7e:c9:51:2b:e8:b6:e8:b5:20:3a:a2:80:83:eb:19:3f:30:b4: 1d:da:38:75:17:3d:c9:8f:16:ca:7e:30:48:29:65:52:31:ab: bb:8c:22:1a:11:58:cb:8b:75:df:c8:c5:fd:02:21:75:3e:c8: 02:51:78:c2:51:e5:03:3a:ea:22:c0:74:52:6f:f1:1c:28:59: e9:ef:4f:f5:17:09:23:1a:71:21:7a:06:a2:18:bd:cc:3b:ac: 74:57:85:b8 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUJXppI+p5h8k1O6esqiWTCygEcrQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMTAwMTAwMVoX DTI1MTExNTIzNTk1OVowejFJMEcGA1UEBRNANDQ1MzUwNjA5ZDE4Nzk1MjI4MDNl ZjgxNmFhMmFhMDlkNzhiYmZiMWU1ZmNiMzBmMDhhYjk1ZTEyNzJlNzI2MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0y+rWSOsjvDIhFeo1iwc5H03DfZ CWwPR4tZFTaNF3Q3wmY8k/ndDgaPf+TlZu4Db3T6jWHNlpfBxJBnWmaboVTIkHD5 6Xd9FtuXzTkPgnT+Dc+jDveYhUIeeV0gFQGbvQCaAB9WGRDhSZgi/3f++yE/HDwX wd+avDwFw/JHO/fx39P292yLtxv0z6CDoN3kVQ7csAsuL+d40x9AEtrrrAsUA2hS 66xiYMQ0GwwXUrj0ekMkhy/9K+1G2pBVE7hT4mY5pBO/hZh1+DALkNZxeLy7VIA8 h1UhxHYwCWdk7L7xWyhusmVnuxPSmDWDj1T4tjYHqfjLrNoiBv6Jyrx44wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDNYh/AWrsHyOX37Hc1eZn2Nn0J8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhiY2VjY2E0LTI2NDMtNDQwNi1iYmY0LWU1ZTlmNjM3ODZlYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/7DAMA0GCSqGSIb3DQEBCwUAA4IBAQB8HYI2YJp16xrM1P5k PLnyr8fruGvRrFt+j3b6x0YPJYQuCmFJwEqmaIiIdT392eAurepEsyY+6rVq/O3p ZZVjrhkSr5c8rhPNwetTK6hVtWrefQL/LG8RqRjxCKb5gkTuXG7p8nFGhY2dOGJX EsykDGSx+kyUybltfGlPKxKOVWRa99bD/439VygIKFvG3ytmO1baiyTj/y2Tmsgp uTBgnhh+yVEr6LbotSA6ooCD6xk/MLQd2jh1Fz3JjxbKfjBIKWVSMau7jCIaEVjL i3XfyMX9AiF1PsgCUXjCUeUDOuoiwHRSb/EcKFnp70/1FwkjGnEhegaiGL3MO6x0 V4W4 -----END CERTIFICATE-----Generated at Mon Oct 20 07:28:16 2025 by rpki-client