$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d6097bb-46f7-4a39-9afe-98271c8b05b9.roa File: 9d6097bb-46f7-4a39-9afe-98271c8b05b9.roa (raw, json) Hash identifier: dEeJQ0uGcB3dUsFxt757zMfzMmIbVjPV9xJZv9ro4DU= Subject key identifier: 9D:50:90:B7:7A:0C:56:2F:93:13:EC:3D:ED:24:C6:8A:78:94:50:A6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5ED1677C2B627A526E8604AA9658C94EF0664F9D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d6097bb-46f7-4a39-9afe-98271c8b05b9.roa Signing time: Wed 15 Oct 2025 00:38:17 +0000 ROA not before: Wed 15 Oct 2025 00:38:17 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1c:8c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:d1:67:7c:2b:62:7a:52:6e:86:04:aa:96:58:c9:4e:f0:66:4f:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:38:17 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=9cf474bada7bfa70c6a3acc26720dfe0c30f734515cee4f96070448f66cb0f25, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:5c:77:1e:3e:8c:33:9d:2a:f1:af:da:22:09: 16:b1:58:9c:e4:99:91:11:63:b2:c9:72:ad:da:84: 32:32:1a:3c:df:93:6d:27:9a:06:d0:7a:5e:cb:57: fe:c8:77:be:e7:68:81:6d:39:39:17:25:4b:f8:fe: 9c:a1:71:8c:f3:18:56:18:c3:fc:0e:fb:1a:d8:50: cc:ce:5d:ec:19:8a:f5:3f:ab:df:13:7b:83:ec:9f: 3d:42:4b:46:f2:30:7e:83:da:13:29:0f:72:40:36: f9:2f:e6:e7:45:23:d7:63:ab:13:63:07:55:4c:6b: c5:c3:d9:45:ab:06:9d:da:ee:2e:ab:7c:21:74:77: 03:d8:36:6a:25:48:59:4f:6e:d6:04:b4:58:20:c5: 04:ce:c1:bc:5d:4a:8d:7b:80:e8:94:d2:19:23:85: 90:85:c3:ed:3c:82:45:26:c4:f1:43:ed:2f:b3:ae: e2:09:d2:64:d6:3c:31:55:36:d7:97:8b:92:c6:9f: 7b:62:7d:97:99:1c:95:a0:93:91:99:17:3d:e9:94: 3d:31:7d:67:90:d1:5a:f1:7c:2e:3e:2e:4f:9e:b9: 39:f6:59:1b:9a:a4:e2:02:67:ad:43:02:26:2f:46: 0c:fa:29:f6:35:a0:f1:02:30:ac:d7:6a:07:db:27: b2:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:50:90:B7:7A:0C:56:2F:93:13:EC:3D:ED:24:C6:8A:78:94:50:A6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d6097bb-46f7-4a39-9afe-98271c8b05b9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1c:8c00::/38 Signature Algorithm: sha256WithRSAEncryption 9c:1a:59:d8:fb:fc:1b:2e:91:73:71:33:7e:6c:f5:d3:c7:7f: 3c:d0:86:1c:b8:f0:86:d0:70:2c:12:ee:1a:f8:c1:95:44:a9: cd:37:46:e8:9c:09:f4:2d:a9:b9:61:de:0d:5c:2f:d3:61:23: 52:3a:d2:f8:ac:70:72:87:9d:74:31:58:b3:02:5b:0c:4f:31: 5c:78:59:bb:ea:e4:97:08:b2:52:31:68:65:f9:f6:78:ae:2f: 76:fe:b1:6a:14:40:23:5b:df:7c:60:62:3c:1e:c4:db:23:11: 91:09:8a:7a:37:62:b0:a0:56:d0:45:f8:a6:4c:53:62:68:d1: 59:24:19:60:dd:e5:ea:3e:33:04:a7:45:41:6d:ac:fb:73:b1: f9:75:f6:fb:da:1d:70:58:b6:05:9c:6b:5f:aa:98:a6:7b:d6: f8:f6:57:04:53:8f:b3:9d:08:5b:e7:93:88:18:5a:26:fe:01: 85:07:2c:a7:bd:26:0d:a6:1f:e2:38:ad:dc:3a:d0:19:8b:56: 80:e0:dc:94:6e:1c:6a:7d:7e:64:ba:a8:12:50:e8:8f:4f:6f: 4a:36:62:c8:2e:de:9c:01:04:63:17:a1:b8:9d:21:37:74:13: ec:74:13:89:ce:98:4b:75:20:25:18:03:e2:bf:f7:22:a1:9e: 94:01:4e:03 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXtFnfCtielJuhgSqlljJTvBmT50wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwMzgxN1oX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNAOWNmNDc0YmFkYTdiZmE3MGM2YTNh Y2MyNjcyMGRmZTBjMzBmNzM0NTE1Y2VlNGY5NjA3MDQ0OGY2NmNiMGYyNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolx3Hj6MM50q8a/aIgkWsVic5JmR EWOyyXKt2oQyMho835NtJ5oG0Hpey1f+yHe+52iBbTk5FyVL+P6coXGM8xhWGMP8 Dvsa2FDMzl3sGYr1P6vfE3uD7J89QktG8jB+g9oTKQ9yQDb5L+bnRSPXY6sTYwdV TGvFw9lFqwad2u4uq3whdHcD2DZqJUhZT27WBLRYIMUEzsG8XUqNe4DolNIZI4WQ hcPtPIJFJsTxQ+0vs67iCdJk1jwxVTbXl4uSxp97Yn2XmRyVoJORmRc96ZQ9MX1n kNFa8XwuPi5Pnrk59lkbmqTiAmetQwImL0YM+in2NaDxAjCs12oH2yeybQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJ1QkLd6DFYvkxPsPe0kxop4lFCmMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlkNjA5N2JiLTQ2ZjctNGEzOS05YWZlLTk4MjcxYzhiMDViOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaHIwwDQYJKoZIhvcNAQELBQADggEBAJwaWdj7/BsukXNxM35s 9dPHfzzQhhy48IbQcCwS7hr4wZVEqc03RuicCfQtqblh3g1cL9NhI1I60viscHKH nXQxWLMCWwxPMVx4Wbvq5JcIslIxaGX59niuL3b+sWoUQCNb33xgYjwexNsjEZEJ ino3YrCgVtBF+KZMU2Jo0VkkGWDd5eo+MwSnRUFtrPtzsfl19vvaHXBYtgWca1+q mKZ71vj2VwRTj7OdCFvnk4gYWib+AYUHLKe9Jg2mH+I4rdw60BmLVoDg3JRuHGp9 fmS6qBJQ6I9Pb0o2Ysgu3pwBBGMXobidITd0E+x0E4nOmEt1ICUYA+K/9yKhnpQB TgM= -----END CERTIFICATE-----Generated at Mon Oct 20 15:52:06 2025 by rpki-client