$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8d0314b7-fdd6-4cd4-9bd7-5dc63f6343a8.roa File: 8d0314b7-fdd6-4cd4-9bd7-5dc63f6343a8.roa (raw, json) Hash identifier: kiMWd9oMwH7VyGXuwiW+nOxRjNo1QQxt1z43pcYMLTs= Subject key identifier: E2:F1:66:A1:BB:55:5C:7E:2E:C5:E7:0B:90:F4:71:7A:34:36:62:10 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6C1172C7488B440125294718730A755AA5814B57 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8d0314b7-fdd6-4cd4-9bd7-5dc63f6343a8.roa Signing time: Tue 14 Oct 2025 00:00:39 +0000 ROA not before: Tue 14 Oct 2025 00:00:39 +0000 ROA not after: Tue 18 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:c000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:11:72:c7:48:8b:44:01:25:29:47:18:73:0a:75:5a:a5:81:4b:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 14 00:00:39 2025 GMT Not After : Nov 18 23:59:59 2025 GMT Subject: serialNumber=f1af7c00d18d72dc51fb1464684f8e7f201344ffd0e4328fed6a7f5bac4adc57, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:95:25:82:31:93:2e:8d:0a:12:f3:01:e6:a6: c5:f9:15:b1:1d:d5:ee:f8:a4:90:bf:7c:84:43:26: 0d:f8:58:78:72:a5:97:d6:52:40:1f:5e:48:c7:bb: aa:53:16:53:f7:ec:a6:96:f7:98:94:4c:ff:12:57: 55:f2:af:3a:4f:9c:59:24:7c:45:ce:a9:c1:2c:b0: 20:8d:fa:9f:7a:53:f1:53:db:19:43:c8:0f:7e:b0: 1a:7e:da:e4:ac:be:0e:a3:28:5e:31:21:5d:a0:75: 4e:54:4f:33:c8:3e:9a:ff:0e:2a:36:be:b4:0d:06: 3f:67:54:bb:07:d6:7a:2a:43:45:7b:8f:2b:bc:8f: 9a:56:36:7d:5f:12:d5:6a:72:b0:db:ed:ec:23:a2: 50:fc:00:d0:30:5f:68:f1:62:b8:d1:56:2a:b8:d7: 96:bf:9c:ee:9a:fc:62:58:a3:be:ed:8c:c4:1c:3b: b5:bb:c4:24:f6:41:a7:47:38:a2:3a:86:5b:b8:76: f8:e8:40:16:3a:05:c0:bf:80:27:f1:ba:ab:87:4e: 48:59:7b:03:e5:32:f1:91:f4:fc:78:18:c8:79:b3: 7d:cc:3e:7f:2c:74:9c:f0:58:b8:88:6c:d3:b1:03: 7a:54:75:1b:ff:1c:06:49:60:f8:2c:96:1c:48:ba: a6:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:F1:66:A1:BB:55:5C:7E:2E:C5:E7:0B:90:F4:71:7A:34:36:62:10 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8d0314b7-fdd6-4cd4-9bd7-5dc63f6343a8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:c000::/40 Signature Algorithm: sha256WithRSAEncryption 82:19:a4:d8:88:44:e4:91:e9:a9:e1:1f:62:1a:08:9f:d3:a4: b9:9e:f1:2c:bd:19:f7:a9:58:04:db:25:47:ad:28:64:5d:e6: 8c:d3:45:03:80:f0:03:6b:4d:46:aa:26:88:3a:93:f0:04:9f: d8:eb:3b:a9:fc:84:75:0a:fa:a5:f8:a8:fd:be:ef:35:aa:62: a1:b0:8f:73:b2:11:1b:e1:1a:84:12:4c:5e:99:5b:39:c1:49: 47:da:fa:ed:db:f8:e4:64:ef:e5:b3:dd:17:69:67:8a:42:cc: c3:95:de:59:07:3d:3c:16:57:61:44:79:c6:2a:a0:a6:45:8a: 8e:49:09:59:82:43:bf:41:90:d0:06:c7:2a:69:70:55:e1:9d: bf:cf:25:2f:7f:6b:99:78:7e:6a:cd:56:64:7f:9f:e3:68:03: 4e:90:d1:96:66:da:ae:c7:31:95:f9:db:4c:3e:2a:19:c7:10: d7:49:aa:52:d3:52:85:30:77:ec:48:1f:3b:20:c1:60:9a:6b: 7c:dd:9d:33:6b:84:cc:45:38:92:0d:86:43:e2:a0:23:2c:e3: 7f:45:4a:3b:c2:dc:90:85:3f:08:a0:72:29:98:ad:c9:0b:36: 6a:78:e8:f3:92:a8:1a:66:22:c6:c5:36:9a:14:f4:7c:93:4b: 3d:14:a8:51 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbBFyx0iLRAElKUcYcwp1WqWBS1cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNDAwMDAzOVoX DTI1MTExODIzNTk1OVowejFJMEcGA1UEBRNAZjFhZjdjMDBkMThkNzJkYzUxZmIx NDY0Njg0ZjhlN2YyMDEzNDRmZmQwZTQzMjhmZWQ2YTdmNWJhYzRhZGM1NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJUlgjGTLo0KEvMB5qbF+RWxHdXu +KSQv3yEQyYN+Fh4cqWX1lJAH15Ix7uqUxZT9+ymlveYlEz/EldV8q86T5xZJHxF zqnBLLAgjfqfelPxU9sZQ8gPfrAaftrkrL4OoyheMSFdoHVOVE8zyD6a/w4qNr60 DQY/Z1S7B9Z6KkNFe48rvI+aVjZ9XxLVanKw2+3sI6JQ/ADQMF9o8WK40VYquNeW v5zumvxiWKO+7YzEHDu1u8Qk9kGnRziiOoZbuHb46EAWOgXAv4An8bqrh05IWXsD 5TLxkfT8eBjIebN9zD5/LHSc8Fi4iGzTsQN6VHUb/xwGSWD4LJYcSLqmnQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOLxZqG7VVx+LsXnC5D0cXo0NmIQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhkMDMxNGI3LWZkZDYtNGNkNC05YmQ3LTVkYzYzZjYzNDNhOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/8AwDQYJKoZIhvcNAQELBQADggEBAIIZpNiIROSR6anhH2Ia CJ/TpLme8Sy9GfepWATbJUetKGRd5ozTRQOA8ANrTUaqJog6k/AEn9jrO6n8hHUK +qX4qP2+7zWqYqGwj3OyERvhGoQSTF6ZWznBSUfa+u3b+ORk7+Wz3RdpZ4pCzMOV 3lkHPTwWV2FEecYqoKZFio5JCVmCQ79BkNAGxyppcFXhnb/PJS9/a5l4fmrNVmR/ n+NoA06Q0ZZm2q7HMZX520w+KhnHENdJqlLTUoUwd+xIHzsgwWCaa3zdnTNrhMxF OJINhkPioCMs439FSjvC3JCFPwigcimYrckLNmp46POSqBpmIsbFNpoU9HyTSz0U qFE= -----END CERTIFICATE-----Generated at Mon Oct 20 07:27:48 2025 by rpki-client