$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8c6b3e2f-c441-4d2e-a3fb-511aebd72aa2.roa File: 8c6b3e2f-c441-4d2e-a3fb-511aebd72aa2.roa (raw, json) Hash identifier: jAfTCZzvaYKsIjjoTvLexrpbfDP9YKThm9D9fPA8uN4= Subject key identifier: 98:5F:8A:A5:17:38:D6:7E:62:18:12:94:9C:BC:F1:52:2A:65:AD:A7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 19E3BB7AF9B7F655E0C1510D24F61A9437522090 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8c6b3e2f-c441-4d2e-a3fb-511aebd72aa2.roa Signing time: Mon 13 Oct 2025 15:50:08 +0000 ROA not before: Mon 13 Oct 2025 15:50:08 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:2040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:e3:bb:7a:f9:b7:f6:55:e0:c1:51:0d:24:f6:1a:94:37:52:20:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:50:08 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=780818fdde297f4319e1a5c535048c1f2c5dbfe9f9e90d03c7c7c29a70a4625c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:88:fa:7f:e2:0b:1c:9b:b9:16:be:4f:db:b7: 4c:7c:bf:26:49:62:eb:24:26:19:6e:76:08:9d:2d: 96:7d:49:11:ac:84:cf:84:69:9a:3f:ad:47:56:87: 22:3e:8f:42:df:45:24:99:39:e9:f0:70:31:df:bb: 1a:0b:aa:a3:1c:1a:aa:33:27:d6:1e:75:00:fb:e8: f3:6e:58:7f:ee:8c:68:be:a6:0e:4e:e6:57:aa:f5: 48:98:09:d7:e5:d6:73:b1:43:fb:2e:16:36:7b:e4: 82:4a:b5:9d:18:b1:6a:e7:d8:73:8a:83:72:1d:69: bf:fd:cf:2a:41:3f:b2:55:d7:06:07:45:7b:cf:fd: c2:f3:60:dc:7f:b6:98:3d:db:2c:da:a5:3e:c1:74: d2:b6:b8:1d:05:1f:39:0d:a9:5e:9c:a7:51:4a:b7: 81:4d:3f:d1:06:f2:48:9c:af:fb:8d:89:58:8a:23: 98:fa:11:d1:2c:72:e3:5a:2b:9b:17:5e:21:d7:f6: ed:e5:02:24:42:2d:6e:4a:b0:36:68:ea:fa:79:4f: 5e:44:d3:1e:4f:cd:79:13:27:1a:11:07:56:13:1c: ee:3a:07:d6:a8:f1:76:b4:1a:24:ab:48:02:f1:8c: 07:e9:35:84:d0:6b:e1:2e:c0:eb:2a:b3:f7:8b:75: b4:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:5F:8A:A5:17:38:D6:7E:62:18:12:94:9C:BC:F1:52:2A:65:AD:A7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8c6b3e2f-c441-4d2e-a3fb-511aebd72aa2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:2040::/48 Signature Algorithm: sha256WithRSAEncryption 50:17:36:05:87:c1:53:ec:b2:b9:9c:5d:a1:a2:f6:68:78:14: a7:2c:8d:e8:ca:cf:ad:52:ec:42:be:2d:38:10:04:95:c1:3f: 6e:f3:97:aa:35:91:71:78:6c:2e:5a:e4:ff:ac:e3:f9:6a:4c: 31:df:cf:12:36:5c:f3:49:94:6c:f6:8a:54:6f:c7:79:e8:31: b8:16:e3:ae:4c:9c:27:d8:6c:79:b1:24:82:ab:79:bf:63:5c: ef:81:27:e4:31:44:d1:8c:b8:48:0c:2b:a4:88:9a:16:be:01: bb:1f:c2:d5:77:7b:b2:d6:93:b4:0c:47:b6:76:5d:1d:7f:b1: bc:b7:34:8f:ca:3f:9d:00:de:5b:1f:77:57:8e:2f:b7:44:e0: 87:b3:7e:77:73:b9:1c:ab:f7:b4:d1:6f:e0:d1:26:a5:72:4b: 90:3d:fa:49:13:5f:4f:dd:dc:14:a7:54:da:18:35:be:de:d2: d3:7c:2d:03:f8:f3:29:07:55:58:92:1b:16:79:6c:15:e4:59: bc:f1:b1:b2:87:b9:89:68:9f:c8:79:9b:a9:a1:b0:a3:d3:50: ab:e6:50:63:13:d7:e6:99:c8:cc:a5:63:b1:35:ca:8e:ad:ce: f0:b1:a2:1e:44:f9:26:2c:01:6f:07:51:bf:91:42:a1:c7:e9: d4:81:44:ba -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGeO7evm39lXgwVENJPYalDdSIJAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1NTAwOFoX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNANzgwODE4ZmRkZTI5N2Y0MzE5ZTFh NWM1MzUwNDhjMWYyYzVkYmZlOWY5ZTkwZDAzYzdjN2MyOWE3MGE0NjI1YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ij6f+ILHJu5Fr5P27dMfL8mSWLr JCYZbnYInS2WfUkRrITPhGmaP61HVociPo9C30UkmTnp8HAx37saC6qjHBqqMyfW HnUA++jzblh/7oxovqYOTuZXqvVImAnX5dZzsUP7LhY2e+SCSrWdGLFq59hzioNy HWm//c8qQT+yVdcGB0V7z/3C82Dcf7aYPdss2qU+wXTStrgdBR85DalenKdRSreB TT/RBvJInK/7jYlYiiOY+hHRLHLjWiubF14h1/bt5QIkQi1uSrA2aOr6eU9eRNMe T815EycaEQdWExzuOgfWqPF2tBokq0gC8YwH6TWE0GvhLsDrKrP3i3W0eQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJhfiqUXONZ+YhgSlJy88VIqZa2nMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhjNmIzZTJmLWM0NDEtNGQyZS1hM2ZiLTUxMWFlYmQ3MmFhMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/yBAMA0GCSqGSIb3DQEBCwUAA4IBAQBQFzYFh8FT7LK5nF2h ovZoeBSnLI3oys+tUuxCvi04EASVwT9u85eqNZFxeGwuWuT/rOP5akwx388SNlzz SZRs9opUb8d56DG4FuOuTJwn2Gx5sSSCq3m/Y1zvgSfkMUTRjLhIDCukiJoWvgG7 H8LVd3uy1pO0DEe2dl0df7G8tzSPyj+dAN5bH3dXji+3ROCHs353c7kcq/e00W/g 0SalckuQPfpJE19P3dwUp1TaGDW+3tLTfC0D+PMpB1VYkhsWeWwV5Fm88bGyh7mJ aJ/IeZupobCj01Cr5lBjE9fmmcjMpWOxNcqOrc7wsaIeRPkmLAFvB1G/kUKhx+nU gUS6 -----END CERTIFICATE-----Generated at Mon Oct 20 09:50:10 2025 by rpki-client