$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bd3366c-489c-4afe-af18-d26b5824bd0e.roa File: 8bd3366c-489c-4afe-af18-d26b5824bd0e.roa (raw, json) Hash identifier: BQKPl2i6voKKTNzxCWDz+wj88xClOztvgyf7qDD19rs= Subject key identifier: 20:9E:63:6F:FD:EA:38:12:AC:60:47:CE:90:37:B2:51:05:94:BB:3D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 016FE8FADC0A82A943FCBB11956D11A6BA951BCB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bd3366c-489c-4afe-af18-d26b5824bd0e.roa Signing time: Mon 13 Oct 2025 15:38:55 +0000 ROA not before: Mon 13 Oct 2025 15:38:55 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:9040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:6f:e8:fa:dc:0a:82:a9:43:fc:bb:11:95:6d:11:a6:ba:95:1b:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:38:55 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=61660ecf343112cddefd0e3cfaf5a3fbf5af28a9b45ab25242604ea95a49053a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:be:f0:2a:4f:c7:ee:3c:e8:fc:b7:68:e2:e5: d2:24:fb:5a:00:9c:ce:9f:22:61:db:d7:c2:09:98: 76:35:71:ae:05:6d:dd:d5:ce:95:0a:1c:53:53:df: 23:44:59:7a:94:a8:15:9b:a0:03:db:51:d3:59:5c: bd:c1:f2:db:49:cd:aa:d7:11:bb:14:36:4e:78:8a: ed:3e:27:a4:05:0d:ca:07:49:53:0a:28:62:41:50: 48:f4:75:9a:f9:57:10:17:b2:dc:2d:f4:f0:97:18: 93:d3:80:7b:96:a7:22:66:ab:3c:82:d2:65:14:02: 49:46:ae:95:00:44:ba:35:a6:f1:cd:56:41:ec:37: 06:2a:b5:92:ba:14:ca:4e:1a:00:ea:3b:59:08:25: 9d:d8:28:f5:07:56:e3:ee:57:ce:f9:5c:db:03:99: ed:6c:a0:ec:d4:89:29:d3:d2:49:66:9f:55:42:fe: 7b:dc:67:aa:d5:06:f2:a7:e3:a3:2f:52:0e:1b:bf: 57:b6:85:6b:59:28:9c:13:1e:f0:77:38:a2:5c:fa: 7c:66:9d:eb:07:88:45:bc:5b:17:6e:4f:37:42:af: cf:bc:f6:0a:d1:c4:49:c0:74:8b:4d:67:a7:29:fc: b3:5c:d1:84:39:cb:12:00:fe:62:53:72:4b:f5:5c: 72:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:9E:63:6F:FD:EA:38:12:AC:60:47:CE:90:37:B2:51:05:94:BB:3D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bd3366c-489c-4afe-af18-d26b5824bd0e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:9040::/48 Signature Algorithm: sha256WithRSAEncryption b4:1d:34:7c:45:bf:d9:35:05:cf:b0:b1:f8:1e:14:33:ef:23: c5:b2:7c:d7:6b:13:27:80:f8:2a:0a:9f:9d:43:f8:88:a2:9b: f8:21:07:b4:63:94:87:23:52:e6:a6:17:27:49:70:7d:a0:9a: 1e:2d:d3:27:64:28:02:5e:2c:5c:76:99:2b:00:82:b7:12:11: f5:fd:fc:e1:b0:95:63:97:ee:e3:23:d4:ac:75:31:81:a8:c4: 72:8d:d8:9e:b7:34:7f:8f:62:d5:41:48:93:12:af:de:a4:a3: 88:87:2f:08:91:44:54:75:7f:6d:8c:be:b2:a3:b6:f8:09:dd: 5b:94:6c:60:de:55:c5:8d:4c:62:b5:89:20:5f:64:b2:4f:47: bd:f0:e1:b6:ba:09:96:cb:e2:7d:22:bf:88:93:89:f0:25:59: d0:93:9d:00:18:66:51:b2:36:5b:d4:98:8b:a1:54:72:dc:4f: 14:bc:6c:ea:a6:fa:f1:f6:73:89:d9:af:5e:08:e7:3a:65:29: d2:3a:91:17:5b:6e:a6:d7:ee:bc:da:32:01:93:7d:32:28:d3: a4:ef:14:42:fa:d0:c5:bc:80:ed:e3:d5:03:fc:92:8c:68:63: 0d:06:2d:c9:c5:a5:5f:66:2c:84:a4:e9:88:a0:ac:6e:d2:02: 8b:b8:e7:f9 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUAW/o+twKgqlD/LsRlW0RprqVG8swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1Mzg1NVoX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNANjE2NjBlY2YzNDMxMTJjZGRlZmQw ZTNjZmFmNWEzZmJmNWFmMjhhOWI0NWFiMjUyNDI2MDRlYTk1YTQ5MDUzYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhb7wKk/H7jzo/Ldo4uXSJPtaAJzO nyJh29fCCZh2NXGuBW3d1c6VChxTU98jRFl6lKgVm6AD21HTWVy9wfLbSc2q1xG7 FDZOeIrtPiekBQ3KB0lTCihiQVBI9HWa+VcQF7LcLfTwlxiT04B7lqciZqs8gtJl FAJJRq6VAES6NabxzVZB7DcGKrWSuhTKThoA6jtZCCWd2Cj1B1bj7lfO+VzbA5nt bKDs1Ikp09JJZp9VQv573Geq1Qbyp+OjL1IOG79XtoVrWSicEx7wdziiXPp8Zp3r B4hFvFsXbk83Qq/PvPYK0cRJwHSLTWenKfyzXNGEOcsSAP5iU3JL9VxynQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCCeY2/96jgSrGBHzpA3slEFlLs9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhiZDMzNjZjLTQ4OWMtNGFmZS1hZjE4LWQyNmI1ODI0YmQwZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8pBAMA0GCSqGSIb3DQEBCwUAA4IBAQC0HTR8Rb/ZNQXPsLH4 HhQz7yPFsnzXaxMngPgqCp+dQ/iIopv4IQe0Y5SHI1LmphcnSXB9oJoeLdMnZCgC XixcdpkrAIK3EhH1/fzhsJVjl+7jI9SsdTGBqMRyjdietzR/j2LVQUiTEq/epKOI hy8IkURUdX9tjL6yo7b4Cd1blGxg3lXFjUxitYkgX2SyT0e98OG2ugmWy+J9Ir+I k4nwJVnQk50AGGZRsjZb1JiLoVRy3E8UvGzqpvrx9nOJ2a9eCOc6ZSnSOpEXW26m 1+682jIBk30yKNOk7xRC+tDFvIDt49UD/JKMaGMNBi3JxaVfZiyEpOmIoKxu0gKL uOf5 -----END CERTIFICATE-----Generated at Mon Oct 20 12:33:01 2025 by rpki-client