$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a018f2e9-f03d-4656-89f3-616151515896.roa File: a018f2e9-f03d-4656-89f3-616151515896.roa (raw, json) Hash identifier: 0UYRmthBTTRQ0aCPAAh3T7NhxHtOcQQ2qVXs3s7FpQs= Subject key identifier: 98:0E:B2:22:D6:3C:36:00:C1:C5:29:60:58:CD:00:40:BF:9E:78:27 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6F8F11A5F1BBD88AE7B75C7112B1BE710123A65D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a018f2e9-f03d-4656-89f3-616151515896.roa Signing time: Tue 14 Oct 2025 00:00:05 +0000 ROA not before: Tue 14 Oct 2025 00:00:05 +0000 ROA not after: Tue 18 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 126.191.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:8f:11:a5:f1:bb:d8:8a:e7:b7:5c:71:12:b1:be:71:01:23:a6:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 14 00:00:05 2025 GMT Not After : Nov 18 23:59:59 2025 GMT Subject: serialNumber=88dca3952e484add64ab8f90ade53a211db363acc1099d65d94020e5adcf90f7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:10:f1:fe:7c:44:01:72:c9:82:ea:58:ce:49: 6c:16:b2:ad:f1:c7:c6:d1:78:ad:a9:c8:38:34:6e: 64:9e:d9:39:b0:e7:98:20:8b:53:fc:9e:b2:f9:b7: 55:33:d4:59:47:e6:04:ab:50:fd:78:55:cd:57:49: 71:84:77:08:92:89:c9:c2:11:cb:32:c2:0b:b6:4e: d8:eb:7c:23:db:87:17:46:3e:09:fa:d8:e7:eb:1e: fc:e0:f1:03:23:e0:48:38:31:7d:3f:e1:0e:9d:77: 81:ea:eb:42:0e:99:63:c6:55:b2:b2:d5:0f:b7:f9: 27:58:7d:1e:51:7f:f5:ea:42:a1:63:e7:f5:40:b2: bd:89:ab:60:3b:1f:a8:65:14:13:48:c8:41:8d:67: ec:32:95:b3:2e:63:e9:8d:a8:e7:d6:ea:bf:12:1d: 4e:c4:6a:5e:0d:d0:01:c4:e9:ab:9a:53:98:6c:07: 7d:4d:61:3b:f8:8b:af:4b:de:eb:63:d3:5f:37:d9: 80:7a:bd:b5:10:85:65:de:78:91:4f:37:73:e5:4b: d4:ef:3b:dd:bd:0a:28:b0:46:40:25:54:0c:db:f1: 56:1c:6b:cd:fd:39:96:4c:e5:0d:0d:59:75:74:7e: 01:ba:25:ab:b1:55:09:4c:ee:bf:f7:aa:4e:2b:49: d0:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:0E:B2:22:D6:3C:36:00:C1:C5:29:60:58:CD:00:40:BF:9E:78:27 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a018f2e9-f03d-4656-89f3-616151515896.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 126.191.0.0/16 Signature Algorithm: sha256WithRSAEncryption 19:c7:09:e0:1e:66:2e:98:f5:fd:3b:f0:57:0f:f1:88:da:45: c8:51:a7:9a:e1:f1:f1:e2:51:4b:8f:49:51:13:26:c2:70:49: 93:a1:65:9a:28:71:7d:94:6b:f3:e1:cd:2c:9e:19:bd:b4:46: 0a:21:1a:a2:71:6a:2a:1c:67:1b:14:e3:7d:6f:63:2f:64:44: 51:a5:39:b5:c5:f1:96:2a:e7:18:85:09:3d:98:6e:c4:39:22: 98:ff:16:92:a0:24:1e:3b:2c:52:05:d1:7b:98:5e:b8:d2:d3: 2c:e0:c4:81:63:b2:9b:fd:30:9b:ed:3b:d8:72:0a:f9:e0:61: 97:80:bf:c0:23:4a:f3:fd:5c:f6:ad:60:79:a5:ec:b1:91:b1: a4:bb:fc:fa:da:75:9a:35:42:b0:ea:36:02:f9:4b:e5:a2:7a: ec:4f:ee:6f:76:11:f7:7c:c0:4d:fb:b2:84:a6:5a:d6:c8:08: e5:1c:73:24:37:98:e3:cb:1f:5a:10:12:42:fa:a3:0f:c3:fc: 33:57:46:b8:a0:88:45:82:24:7f:9a:5e:a2:27:fd:fb:63:4c: d7:f0:28:93:90:fc:14:17:1d:9a:db:7a:72:d9:a5:a9:35:cd: 2b:a1:ea:f6:ad:3a:fe:1e:d2:02:db:2d:e4:34:66:63:d1:40: 56:b3:e8:6c -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUb48RpfG72Irnt1xxErG+cQEjpl0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNDAwMDAwNVoX DTI1MTExODIzNTk1OVowejFJMEcGA1UEBRNAODhkY2EzOTUyZTQ4NGFkZDY0YWI4 ZjkwYWRlNTNhMjExZGIzNjNhY2MxMDk5ZDY1ZDk0MDIwZTVhZGNmOTBmNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BDx/nxEAXLJgupYzklsFrKt8cfG 0Xitqcg4NG5kntk5sOeYIItT/J6y+bdVM9RZR+YEq1D9eFXNV0lxhHcIkonJwhHL MsILtk7Y63wj24cXRj4J+tjn6x784PEDI+BIODF9P+EOnXeB6utCDpljxlWystUP t/knWH0eUX/16kKhY+f1QLK9iatgOx+oZRQTSMhBjWfsMpWzLmPpjajn1uq/Eh1O xGpeDdABxOmrmlOYbAd9TWE7+IuvS97rY9NfN9mAer21EIVl3niRTzdz5UvU7zvd vQoosEZAJVQM2/FWHGvN/TmWTOUNDVl1dH4BuiWrsVUJTO6/96pOK0nQgwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFJgOsiLWPDYAwcUpYFjNAEC/nngnMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EwMThmMmU5LWYwM2QtNDY1Ni04OWYzLTYxNjE1MTUxNTg5Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMAfr8wDQYJKoZIhvcNAQELBQADggEBABnHCeAeZi6Y9f078FcP8Yja RchRp5rh8fHiUUuPSVETJsJwSZOhZZoocX2Ua/PhzSyeGb20RgohGqJxaiocZxsU 431vYy9kRFGlObXF8ZYq5xiFCT2YbsQ5Ipj/FpKgJB47LFIF0XuYXrjS0yzgxIFj spv9MJvtO9hyCvngYZeAv8AjSvP9XPatYHml7LGRsaS7/PradZo1QrDqNgL5S+Wi euxP7m92Efd8wE37soSmWtbICOUccyQ3mOPLH1oQEkL6ow/D/DNXRrigiEWCJH+a XqIn/ftjTNfwKJOQ/BQXHZrbenLZpak1zSuh6vatOv4e0gLbLeQ0ZmPRQFaz6Gw= -----END CERTIFICATE-----Generated at Mon Oct 20 07:32:59 2025 by rpki-client