$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8dba85b7-4730-4c28-98df-3c8484e0f1cc.roa File: 8dba85b7-4730-4c28-98df-3c8484e0f1cc.roa (raw, json) Hash identifier: pC5I+sdzNAbJLLd0Hx2o3COpc6sMW6g1bPXxEcKRH4A= Subject key identifier: B9:72:67:8E:31:A4:30:3C:11:07:DF:AA:5B:CD:A9:0F:85:29:44:A0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4542C4D42B0F23A5732B2DE34ACC042AA63A2CE2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8dba85b7-4730-4c28-98df-3c8484e0f1cc.roa Signing time: Mon 13 Oct 2025 15:20:03 +0000 ROA not before: Mon 13 Oct 2025 15:20:03 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:c840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:42:c4:d4:2b:0f:23:a5:73:2b:2d:e3:4a:cc:04:2a:a6:3a:2c:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:20:03 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=95ed089bdafbdc0ac6b66d967efcfafded4cef0040ad9e6756cfe62a19920cf6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:3d:26:4b:0d:17:14:d5:9d:b3:2c:7c:eb:ab: 26:ae:b7:55:73:40:36:8a:24:e0:2a:0e:c4:05:b6: 0d:cc:16:d4:b9:5f:a4:fe:28:0d:ea:99:5a:6b:7a: 4f:00:32:88:29:01:92:31:70:55:b0:0c:d1:7f:51: ba:e9:43:63:b8:b0:da:85:4a:55:94:a1:ec:53:7c: 1f:36:c7:fd:95:e9:0f:56:ba:b9:77:83:2b:fb:0d: 8c:48:28:e4:fd:e1:49:95:12:8a:e0:31:5d:7d:61: b9:f9:b7:51:15:b9:3a:93:68:61:53:4a:78:0d:f5: 11:9d:3f:98:f4:b7:d9:5a:f2:8b:93:81:8b:75:de: c9:65:a5:07:7a:7d:53:a4:6a:c4:cf:2f:51:78:27: 2c:07:7f:2b:04:f4:80:63:c2:54:9e:fb:3e:2e:79: 25:71:65:76:4f:5f:f3:42:72:fe:fb:15:48:86:d6: 30:ee:33:14:55:e6:9a:58:a0:c2:04:8c:0e:e8:34: ec:17:0b:cb:8c:71:5d:19:87:8b:d6:a2:92:24:ee: e2:8c:66:82:e4:3e:f2:6c:94:de:6e:24:70:a8:42: 36:a6:05:eb:44:92:bf:87:89:2e:00:f7:bc:98:c2: 92:8e:82:fb:10:dc:ea:0a:96:96:2a:f3:e0:da:6e: 0d:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:72:67:8E:31:A4:30:3C:11:07:DF:AA:5B:CD:A9:0F:85:29:44:A0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8dba85b7-4730-4c28-98df-3c8484e0f1cc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:c840::/48 Signature Algorithm: sha256WithRSAEncryption 5e:de:03:1d:80:07:88:2c:6e:bb:ca:1d:f1:bf:35:f1:2b:5a: 75:8b:58:a7:94:69:bf:65:f7:80:61:a2:f8:91:4b:f1:b7:d7: b5:27:15:00:6d:a5:b5:21:60:0b:ef:1f:c5:72:38:ae:b6:9e: e3:64:5b:54:ec:81:7a:69:e8:e8:bb:0b:73:5a:a8:a1:2e:79: a0:ca:22:ca:0e:26:9c:a9:df:fc:5d:2d:6d:36:20:84:be:f5: aa:f8:d1:b7:69:10:33:57:a6:0d:8f:8a:8d:13:f6:cd:ea:c5: 8c:b3:dd:15:0d:86:f3:60:2e:81:15:90:83:06:79:be:f1:3c: c1:d1:61:0f:2b:15:b7:c0:93:fa:42:56:dd:17:20:2c:1f:ae: 64:21:17:e3:a7:14:29:8e:3a:c8:3b:4c:6b:ec:8e:21:4d:26: 25:c8:b3:f5:7a:f5:08:39:53:c3:09:55:64:5f:fc:f5:93:37: ba:ec:f6:9b:08:44:66:01:95:22:8b:80:a3:1b:d0:e3:b2:43: b8:0b:a0:e2:a9:e4:1d:f8:da:57:d7:76:d0:64:79:b1:5c:43: 47:81:46:df:ce:89:bf:23:dc:e6:44:3e:48:ad:2f:b4:18:c6: b8:8f:2b:bc:dc:06:0d:7d:84:80:ea:1b:57:b0:e9:ad:2b:20: 5e:54:52:6c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIURULE1CsPI6VzKy3jSswEKqY6LOIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1MjAwM1oX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNAOTVlZDA4OWJkYWZiZGMwYWM2YjY2 ZDk2N2VmY2ZhZmRlZDRjZWYwMDQwYWQ5ZTY3NTZjZmU2MmExOTkyMGNmNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8z0mSw0XFNWdsyx866smrrdVc0A2 iiTgKg7EBbYNzBbUuV+k/igN6plaa3pPADKIKQGSMXBVsAzRf1G66UNjuLDahUpV lKHsU3wfNsf9lekPVrq5d4Mr+w2MSCjk/eFJlRKK4DFdfWG5+bdRFbk6k2hhU0p4 DfURnT+Y9LfZWvKLk4GLdd7JZaUHen1TpGrEzy9ReCcsB38rBPSAY8JUnvs+Lnkl cWV2T1/zQnL++xVIhtYw7jMUVeaaWKDCBIwO6DTsFwvLjHFdGYeL1qKSJO7ijGaC 5D7ybJTebiRwqEI2pgXrRJK/h4kuAPe8mMKSjoL7ENzqCpaWKvPg2m4NMQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLlyZ44xpDA8EQffqlvNqQ+FKUSgMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhkYmE4NWI3LTQ3MzAtNGMyOC05OGRmLTNjODQ4NGUwZjFjYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8shAMA0GCSqGSIb3DQEBCwUAA4IBAQBe3gMdgAeILG67yh3x vzXxK1p1i1inlGm/ZfeAYaL4kUvxt9e1JxUAbaW1IWAL7x/Fcjiutp7jZFtU7IF6 aejouwtzWqihLnmgyiLKDiacqd/8XS1tNiCEvvWq+NG3aRAzV6YNj4qNE/bN6sWM s90VDYbzYC6BFZCDBnm+8TzB0WEPKxW3wJP6QlbdFyAsH65kIRfjpxQpjjrIO0xr 7I4hTSYlyLP1evUIOVPDCVVkX/z1kze67PabCERmAZUii4CjG9DjskO4C6DiqeQd +NpX13bQZHmxXENHgUbfzom/I9zmRD5IrS+0GMa4jyu83AYNfYSA6htXsOmtKyBe VFJs -----END CERTIFICATE-----Generated at Mon Oct 20 12:32:15 2025 by rpki-client