$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/97acb09e-a4ac-498b-bfa8-ff2d8da2bf3a.roa File: 97acb09e-a4ac-498b-bfa8-ff2d8da2bf3a.roa (raw, json) Hash identifier: 689KNKUBZn0NoccQmQuuURUaLQ1jSLlg1QuNyo6h+MY= Subject key identifier: 3D:A4:60:F1:8B:A9:8D:95:91:DE:F5:0F:BE:0D:6B:E4:41:0E:33:B5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 386F8D06EDFCA86B605398965EB36EA577F8BD80 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/97acb09e-a4ac-498b-bfa8-ff2d8da2bf3a.roa Signing time: Mon 06 Oct 2025 15:20:08 +0000 ROA not before: Mon 06 Oct 2025 15:20:08 +0000 ROA not after: Mon 10 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da2b::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:6f:8d:06:ed:fc:a8:6b:60:53:98:96:5e:b3:6e:a5:77:f8:bd:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 6 15:20:08 2025 GMT Not After : Nov 10 23:59:59 2025 GMT Subject: serialNumber=aa6f7776b503a5dbb339c06acabc519369b1d9c8e94f9c127c135b9a2d79cb73, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:51:57:79:3d:31:23:0d:ec:db:d8:35:ec:3d: 48:b2:9b:40:95:fc:3e:0d:b8:32:47:29:b1:d2:2d: a3:3e:b4:5f:34:50:b6:c6:54:8d:8d:68:17:4f:18: 01:6b:eb:cc:91:26:f2:61:09:d0:09:66:95:01:7e: de:25:a7:32:23:a5:c3:ab:19:e1:98:98:4b:33:78: a4:c5:a3:ab:c9:ed:91:ed:fe:84:b0:e6:bd:72:7e: 8d:74:11:7a:40:5b:e3:42:ae:0e:59:2b:32:a2:d8: 02:71:a6:6b:7d:4d:54:ba:05:9c:02:6f:f2:8a:50: a5:b8:68:01:62:43:f2:cd:7d:8f:0e:2f:15:d9:89: f6:c8:2b:ce:1d:88:79:c0:ea:2f:3d:57:e3:cd:39: 2d:e3:fe:0b:3c:b7:15:93:6e:08:e0:f4:32:e9:1a: 86:cb:3d:37:f1:62:78:62:58:b8:90:4c:15:c9:f7: 4c:c1:21:7c:6d:01:bf:91:dd:a1:10:b3:a4:32:9d: b4:13:05:46:28:78:be:f1:c4:e8:85:95:c9:2f:63: c5:be:7b:f8:e5:43:ab:a6:c7:3b:2c:89:ae:40:99: 66:ac:0e:28:0e:27:14:12:21:44:ff:ea:13:ae:ce: 20:72:ff:ec:81:e7:81:1c:08:9d:29:ed:3e:94:23: 21:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:A4:60:F1:8B:A9:8D:95:91:DE:F5:0F:BE:0D:6B:E4:41:0E:33:B5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/97acb09e-a4ac-498b-bfa8-ff2d8da2bf3a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da2b::/36 Signature Algorithm: sha256WithRSAEncryption 0a:4b:41:df:be:c3:b8:34:f2:e6:c0:85:d6:18:3c:3d:5c:15: 55:cd:01:34:db:0d:8f:dd:e5:88:f8:a5:3e:a5:9c:75:3d:4c: f1:4b:04:b6:80:71:00:71:1c:4c:11:c1:4c:90:de:96:3a:57: 2a:76:14:16:42:dc:40:df:ad:3a:88:0e:53:e1:d2:6d:78:a4: 3e:06:46:fe:a7:cc:7f:ac:c1:bd:b2:53:be:e9:03:fc:66:3d: 99:58:2b:8d:1b:ab:46:80:75:9b:8a:2e:a8:3a:e7:9e:62:ff: c5:c4:a5:5c:13:30:20:79:76:b0:5c:02:80:54:b9:4d:db:16: 2e:91:80:ae:35:2b:fd:aa:1d:39:ed:99:45:87:ea:99:70:f1: b1:7d:b6:1c:0e:d0:b9:89:0f:82:05:e5:a1:1e:bc:b4:b4:5f: 77:e6:fd:c6:b3:f6:3f:00:32:c8:a5:85:7a:b6:9a:75:c0:74: 2b:27:eb:49:d2:b9:fd:17:06:2b:f5:f2:24:75:55:1e:2a:3c: fa:9e:1f:1d:eb:47:74:4d:79:12:e4:2d:ad:94:53:d2:57:5b: 0c:70:f1:05:de:47:d7:98:ca:29:a8:70:77:49:0e:c8:28:39: e0:c6:19:85:bd:0b:4f:0f:9a:a1:77:d5:26:3b:ed:9c:85:e9: c4:95:1e:18 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOG+NBu38qGtgU5iWXrNupXf4vYAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNjE1MjAwOFoX DTI1MTExMDIzNTk1OVowejFJMEcGA1UEBRNAYWE2Zjc3NzZiNTAzYTVkYmIzMzlj MDZhY2FiYzUxOTM2OWIxZDljOGU5NGY5YzEyN2MxMzViOWEyZDc5Y2I3MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilFXeT0xIw3s29g17D1IsptAlfw+ DbgyRymx0i2jPrRfNFC2xlSNjWgXTxgBa+vMkSbyYQnQCWaVAX7eJacyI6XDqxnh mJhLM3ikxaOrye2R7f6EsOa9cn6NdBF6QFvjQq4OWSsyotgCcaZrfU1UugWcAm/y ilCluGgBYkPyzX2PDi8V2Yn2yCvOHYh5wOovPVfjzTkt4/4LPLcVk24I4PQy6RqG yz038WJ4Yli4kEwVyfdMwSF8bQG/kd2hELOkMp20EwVGKHi+8cTohZXJL2PFvnv4 5UOrpsc7LImuQJlmrA4oDicUEiFE/+oTrs4gcv/sgeeBHAidKe0+lCMhoQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFD2kYPGLqY2Vkd71D74Na+RBDjO1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk3YWNiMDllLWE0YWMtNDk4Yi1iZmE4LWZmMmQ4ZGEyYmYzYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaKwAwDQYJKoZIhvcNAQELBQADggEBAApLQd++w7g08ubAhdYY PD1cFVXNATTbDY/d5Yj4pT6lnHU9TPFLBLaAcQBxHEwRwUyQ3pY6Vyp2FBZC3EDf rTqIDlPh0m14pD4GRv6nzH+swb2yU77pA/xmPZlYK40bq0aAdZuKLqg6555i/8XE pVwTMCB5drBcAoBUuU3bFi6RgK41K/2qHTntmUWH6plw8bF9thwO0LmJD4IF5aEe vLS0X3fm/caz9j8AMsilhXq2mnXAdCsn60nSuf0XBiv18iR1VR4qPPqeHx3rR3RN eRLkLa2UU9JXWwxw8QXeR9eYyimocHdJDsgoOeDGGYW9C08PmqF31SY77ZyF6cSV Hhg= -----END CERTIFICATE-----Generated at Mon Oct 20 20:28:24 2025 by rpki-client