$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9890d9ef-a083-463c-9928-98be77ac9ced.roa File: 9890d9ef-a083-463c-9928-98be77ac9ced.roa (raw, json) Hash identifier: OA6SyZvDj88FLj6u0vF/S6FnWrlKvmKTWg8+lJpRSuc= Subject key identifier: C1:8D:74:75:BD:41:4E:3D:BC:69:8A:C4:52:CC:5C:24:82:24:D6:F5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 756E6AB4B57500FC9E9BF187400BE23A068A3747 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9890d9ef-a083-463c-9928-98be77ac9ced.roa Signing time: Sat 11 Oct 2025 00:00:36 +0000 ROA not before: Sat 11 Oct 2025 00:00:36 +0000 ROA not after: Sat 15 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:4090::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:6e:6a:b4:b5:75:00:fc:9e:9b:f1:87:40:0b:e2:3a:06:8a:37:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 11 00:00:36 2025 GMT Not After : Nov 15 23:59:59 2025 GMT Subject: serialNumber=a2818f917377fd7a58aeb4fd9a39df56007fe1612c269374124cfa184a94448b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:1b:30:4a:1e:81:86:6d:e8:85:6c:82:25:71: b7:22:5d:9e:17:c7:86:ff:a5:35:ab:79:cd:8d:6b: c9:ba:6e:51:02:58:56:84:89:8a:8c:6f:c2:33:80: 8d:cf:24:07:9f:0a:8a:f6:a9:b1:5a:85:a0:9e:d3: 45:4b:10:57:88:e9:f7:73:5c:4a:81:8f:bf:51:25: f4:5b:0d:99:9e:a5:c9:b7:1a:8a:4e:d5:95:0c:63: 40:ef:ad:35:37:ce:a7:79:96:3b:71:06:e7:ae:ef: 11:80:07:fb:8b:26:e6:67:4c:e8:90:74:b3:bd:41: d2:42:cc:d1:f6:4d:2f:46:db:dc:8e:d8:44:b1:51: 35:02:a2:2c:38:f2:de:74:bf:da:16:05:d9:6b:62: b4:92:f8:b9:3f:a8:0b:2d:3b:f1:e0:f6:b7:d8:6a: ac:99:d0:35:1c:15:bc:cb:61:05:2f:91:32:3c:e5: 8a:09:d8:ad:3d:ca:b9:85:80:0c:6d:02:d1:e7:d4: d1:4c:1d:a0:61:5e:c6:6b:7e:8d:53:f6:0f:52:30: 8e:79:2b:93:73:56:2d:68:b0:b9:9b:dc:fe:ad:44: b1:d9:27:06:e5:20:04:d3:63:2a:40:ef:7a:68:c2: bd:25:a4:dc:72:11:2b:08:47:6e:93:af:66:a9:2a: 01:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:8D:74:75:BD:41:4E:3D:BC:69:8A:C4:52:CC:5C:24:82:24:D6:F5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9890d9ef-a083-463c-9928-98be77ac9ced.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:4090::/48 Signature Algorithm: sha256WithRSAEncryption 5a:84:3d:71:16:b9:96:4c:ba:39:8a:ad:06:60:8f:6e:44:59: ac:7d:81:19:fc:ed:c0:63:19:7e:00:45:ec:08:b3:08:34:45: d4:5c:14:e1:7c:a4:76:a4:7f:b0:67:a1:35:34:a0:7e:2a:be: e0:bd:f0:6a:2e:35:ba:21:7c:e9:df:73:e9:a8:8e:5c:ed:ef: 13:d8:04:a5:64:1e:a7:4f:fa:82:10:47:e5:e2:69:3f:2b:2d: 89:38:66:3f:55:fe:54:ad:48:c6:fd:3b:c1:f5:ea:fe:5e:ac: 8a:a2:59:d2:10:da:aa:82:4e:ca:0f:b3:7b:9d:15:27:f1:b6: 1c:b9:46:17:32:96:81:d6:dd:0d:9d:c0:81:34:0f:47:83:9a: ec:a3:8e:e6:b5:8e:75:3c:96:d2:c8:14:8b:a9:1c:04:e2:36: 3f:41:29:54:13:16:5c:66:12:30:20:d5:fb:f1:b5:d4:1d:a2: dd:1d:d8:7a:cd:6b:77:7f:2e:f3:8a:91:3e:61:b7:b7:a6:c2: 3d:40:0b:17:94:0f:bd:30:58:e5:e3:8c:b0:f6:1d:a3:36:30: 69:74:59:d3:9d:12:f7:9f:d2:2e:e3:3c:29:15:31:90:c8:ce: 6b:46:6b:8c:77:69:1a:a5:34:46:c8:65:2c:0d:b7:d6:2e:6b: 43:d8:e8:0b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUdW5qtLV1APyem/GHQAviOgaKN0cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMTAwMDAzNloX DTI1MTExNTIzNTk1OVowejFJMEcGA1UEBRNAYTI4MThmOTE3Mzc3ZmQ3YTU4YWVi NGZkOWEzOWRmNTYwMDdmZTE2MTJjMjY5Mzc0MTI0Y2ZhMTg0YTk0NDQ4YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBswSh6Bhm3ohWyCJXG3Il2eF8eG /6U1q3nNjWvJum5RAlhWhImKjG/CM4CNzyQHnwqK9qmxWoWgntNFSxBXiOn3c1xK gY+/USX0Ww2ZnqXJtxqKTtWVDGNA7601N86neZY7cQbnru8RgAf7iybmZ0zokHSz vUHSQszR9k0vRtvcjthEsVE1AqIsOPLedL/aFgXZa2K0kvi5P6gLLTvx4Pa32Gqs mdA1HBW8y2EFL5EyPOWKCditPcq5hYAMbQLR59TRTB2gYV7Ga36NU/YPUjCOeSuT c1YtaLC5m9z+rUSx2ScG5SAE02MqQO96aMK9JaTcchErCEduk69mqSoBawIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMGNdHW9QU49vGmKxFLMXCSCJNb1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk4OTBkOWVmLWEwODMtNDYzYy05OTI4LTk4YmU3N2FjOWNlZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/0CQMA0GCSqGSIb3DQEBCwUAA4IBAQBahD1xFrmWTLo5iq0G YI9uRFmsfYEZ/O3AYxl+AEXsCLMINEXUXBThfKR2pH+wZ6E1NKB+Kr7gvfBqLjW6 IXzp33PpqI5c7e8T2ASlZB6nT/qCEEfl4mk/Ky2JOGY/Vf5UrUjG/TvB9er+XqyK olnSENqqgk7KD7N7nRUn8bYcuUYXMpaB1t0NncCBNA9Hg5rso47mtY51PJbSyBSL qRwE4jY/QSlUExZcZhIwINX78bXUHaLdHdh6zWt3fy7zipE+Ybe3psI9QAsXlA+9 MFjl44yw9h2jNjBpdFnTnRL3n9Iu4zwpFTGQyM5rRmuMd2kapTRGyGUsDbfWLmtD 2OgL -----END CERTIFICATE-----Generated at Mon Oct 20 12:36:10 2025 by rpki-client