$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9add10b6-9103-4c19-a99b-242367ce96bd.roa File: 9add10b6-9103-4c19-a99b-242367ce96bd.roa (raw, json) Hash identifier: JFmBYAybdnxH0n9XblUgBvrGqISoVXxmwn9U+ApgcJI= Subject key identifier: D8:D9:4A:1D:22:5E:D7:97:F4:6F:D1:61:F9:46:63:BD:E9:CD:D4:D3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2ED6B856CD238FBE4FEA79CA9FA84EA857E259C7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9add10b6-9103-4c19-a99b-242367ce96bd.roa Signing time: Mon 13 Oct 2025 15:10:08 +0000 ROA not before: Mon 13 Oct 2025 15:10:08 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:4840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:d6:b8:56:cd:23:8f:be:4f:ea:79:ca:9f:a8:4e:a8:57:e2:59:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:10:08 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=a6eb3f635c63fe14011582b640dc47f4f69a6194eae745580a3a5048a5b56ea0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:ad:74:db:52:f1:79:36:5f:0d:3c:2b:6e:25: 59:42:5a:1e:eb:ca:1a:ac:af:c8:4c:a1:84:d4:18: 9a:64:27:49:8e:99:88:de:88:9c:92:ea:0c:dd:4e: d7:c6:9d:69:4c:c4:4a:cb:be:85:19:9c:e2:8c:1d: 11:d7:6c:a5:79:c5:af:ad:38:1f:c5:6f:ce:14:29: f3:84:b6:03:51:7d:f9:70:db:27:2f:3b:d2:20:74: f8:ac:e1:9c:1b:4a:eb:47:03:0b:cc:61:b6:ce:9a: e0:ed:b1:9d:33:92:c7:f0:02:cc:95:7e:50:2e:b3: 5a:51:97:3a:4d:20:95:ae:1f:bf:68:b2:2d:62:f5: 33:cc:cf:de:d4:99:27:68:8b:f1:47:00:e6:2b:98: 52:59:ce:0a:a1:12:e5:0b:aa:f6:77:6d:8e:2b:6f: 88:9d:c4:f3:1b:01:07:c4:58:9d:b6:2c:ee:6c:54: 78:d4:ad:12:e8:c2:eb:17:3c:a4:27:32:fc:2d:d7: 5e:bf:7c:11:87:6f:83:19:51:df:b2:5e:64:98:8b: f1:fd:d2:b5:03:f8:4c:77:0c:f8:98:b7:a2:98:ca: 03:5a:2f:46:25:c0:c4:fa:c1:39:d4:57:7b:86:84: f2:e7:5a:d0:be:cd:54:e0:5b:f9:97:c0:a6:94:cb: 44:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:D9:4A:1D:22:5E:D7:97:F4:6F:D1:61:F9:46:63:BD:E9:CD:D4:D3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9add10b6-9103-4c19-a99b-242367ce96bd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:4840::/48 Signature Algorithm: sha256WithRSAEncryption 24:41:48:ea:9e:5c:bf:26:08:63:1b:d5:5e:d4:11:27:d7:b2: f4:4e:4d:39:8d:fe:65:5b:a6:67:9a:be:ba:ea:7e:5a:a8:a2: 93:f7:d8:41:d1:4a:af:5f:7b:6c:6a:82:b9:9a:31:89:b1:e7: f9:e8:ce:a4:56:a6:9f:b1:2e:93:31:a4:04:6a:3f:65:16:25: 55:d0:85:c3:35:4b:7f:15:9a:04:b2:43:4e:71:45:8b:b7:78: 5c:ce:94:b1:3e:3a:f1:5f:ca:e0:4b:f6:b4:b9:1a:af:82:d9: 87:43:39:4e:82:ee:65:1e:45:64:ca:2f:fe:16:81:13:bf:f9: 3c:77:cc:e5:0a:8f:68:47:49:b6:b4:43:61:33:55:92:46:9a: 61:00:8c:d3:fc:55:93:14:f4:09:b0:d9:ee:44:a4:12:73:8f: 18:c1:5e:8f:e4:49:94:a2:1e:b0:6d:93:36:eb:1b:de:c7:3b: 0e:75:38:3c:57:b7:97:74:1b:f0:0e:c5:84:21:36:7e:83:ba: 63:75:bc:71:d1:fd:b1:1f:ea:7a:6f:59:f4:bf:9c:72:71:47: f8:79:f1:fe:af:2b:80:7f:e4:2d:e5:25:c0:fd:81:4a:26:6c: 5f:90:b3:ef:35:68:65:41:a3:4d:3d:2f:8b:7a:b9:2d:97:ba: e5:93:7e:30 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIULta4Vs0jj75P6nnKn6hOqFfiWccwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1MTAwOFoX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNAYTZlYjNmNjM1YzYzZmUxNDAxMTU4 MmI2NDBkYzQ3ZjRmNjlhNjE5NGVhZTc0NTU4MGEzYTUwNDhhNWI1NmVhMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkK1021LxeTZfDTwrbiVZQloe68oa rK/ITKGE1BiaZCdJjpmI3oickuoM3U7Xxp1pTMRKy76FGZzijB0R12ylecWvrTgf xW/OFCnzhLYDUX35cNsnLzvSIHT4rOGcG0rrRwMLzGG2zprg7bGdM5LH8ALMlX5Q LrNaUZc6TSCVrh+/aLItYvUzzM/e1JknaIvxRwDmK5hSWc4KoRLlC6r2d22OK2+I ncTzGwEHxFidtizubFR41K0S6MLrFzykJzL8Lddev3wRh2+DGVHfsl5kmIvx/dK1 A/hMdwz4mLeimMoDWi9GJcDE+sE51Fd7hoTy51rQvs1U4Fv5l8CmlMtEIQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNjZSh0iXteX9G/RYflGY73pzdTTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlhZGQxMGI2LTkxMDMtNGMxOS1hOTliLTI0MjM2N2NlOTZiZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/0hAMA0GCSqGSIb3DQEBCwUAA4IBAQAkQUjqnly/JghjG9Ve 1BEn17L0Tk05jf5lW6Znmr666n5aqKKT99hB0UqvX3tsaoK5mjGJsef56M6kVqaf sS6TMaQEaj9lFiVV0IXDNUt/FZoEskNOcUWLt3hczpSxPjrxX8rgS/a0uRqvgtmH QzlOgu5lHkVkyi/+FoETv/k8d8zlCo9oR0m2tENhM1WSRpphAIzT/FWTFPQJsNnu RKQSc48YwV6P5EmUoh6wbZM26xvexzsOdTg8V7eXdBvwDsWEITZ+g7pjdbxx0f2x H+p6b1n0v5xycUf4efH+ryuAf+Qt5SXA/YFKJmxfkLPvNWhlQaNNPS+Lerktl7rl k34w -----END CERTIFICATE-----Generated at Mon Oct 20 13:11:50 2025 by rpki-client