$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a6bff16f-4159-48b7-bc80-a4353edd73ed.roa File: a6bff16f-4159-48b7-bc80-a4353edd73ed.roa (raw, json) Hash identifier: ERovGTO/5fOpVaS7REdTgPwSpM9sB8Mzo/szkhgX90w= Subject key identifier: 71:B3:D0:10:A1:83:4D:EC:46:28:BD:CC:7D:0D:21:54:15:C7:92:4A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 757BE325A3907755B8030F65248A849E098FBBD0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a6bff16f-4159-48b7-bc80-a4353edd73ed.roa Signing time: Wed 15 Oct 2025 00:50:25 +0000 ROA not before: Wed 15 Oct 2025 00:50:25 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da14:8000::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:7b:e3:25:a3:90:77:55:b8:03:0f:65:24:8a:84:9e:09:8f:bb:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:50:25 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=47f61e094fb58282dd4097537d391bb07ee681d823db76c8719081fe06e054d4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:a4:9e:b2:51:75:11:3e:2b:20:84:4d:6b:69: f6:38:f8:4e:49:f2:95:a3:7c:2d:74:4d:29:3a:f6: 49:30:84:9d:ac:2c:92:c5:dd:f5:d2:06:4b:f2:e8: ea:7a:cd:e7:f2:5d:88:81:b5:5c:10:37:ce:e7:da: ef:10:b1:e3:8f:47:00:5d:dc:06:1e:a0:47:46:6d: 61:04:20:76:d9:7e:16:55:28:b7:46:60:f7:2b:f2: c3:ca:b7:be:fa:ef:24:fa:cf:b8:38:f2:32:42:d9: 24:85:78:c0:88:a7:6a:7b:ec:69:66:7d:33:ca:8b: ce:9e:5e:ad:29:2a:4b:86:b7:46:f4:b4:21:e2:63: c6:24:8c:30:45:43:ca:5d:b3:30:87:4f:6e:c2:95: e5:30:6b:52:00:b6:65:4c:32:86:96:37:ec:5a:bd: 87:da:17:f5:b4:93:79:6e:fb:d5:d7:d5:8e:81:18: b9:cb:21:75:8b:84:a2:87:bf:73:6a:1a:6f:90:e9: 52:55:b5:71:89:59:5c:8c:54:d3:bb:5e:da:cf:3e: 34:bb:91:d7:61:12:10:7b:07:27:e2:68:90:42:00: 94:21:ed:00:67:21:d7:5d:d9:ad:fb:83:19:86:63: c8:01:c4:14:34:3a:3d:f2:23:a4:f0:2f:4d:d9:3c: 22:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:B3:D0:10:A1:83:4D:EC:46:28:BD:CC:7D:0D:21:54:15:C7:92:4A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a6bff16f-4159-48b7-bc80-a4353edd73ed.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da14:8000::/38 Signature Algorithm: sha256WithRSAEncryption 40:92:6a:80:56:75:2a:92:bb:b9:16:c7:47:48:9a:2b:74:db: df:99:84:7e:98:45:74:ec:73:d7:fa:13:30:08:33:f4:c2:d4: e7:0a:f0:55:ce:45:41:9f:be:38:8f:87:fc:74:a7:34:3c:eb: 6f:a1:c3:d1:c4:1a:85:09:4b:0c:ae:9e:f8:af:d7:38:68:f3: e4:40:2c:0e:a5:57:89:8f:85:5e:c5:7a:e0:74:56:c6:a1:ca: f6:7d:66:6e:13:3a:e9:81:a8:e8:12:37:8a:0f:19:95:66:be: cb:3b:67:a9:da:d6:b5:34:cf:21:14:b9:1e:90:ea:1b:a0:68: d6:6d:b1:8d:f6:e2:16:ac:3a:8d:8c:d9:22:6b:0d:45:82:94: dd:d3:04:5f:8a:7c:55:a8:6d:55:56:af:a3:23:47:cc:ce:f8: ca:b6:f8:e3:5d:6a:04:5a:25:5f:18:2c:c1:85:fa:bf:83:7d: d9:fd:27:b1:97:95:d0:7f:b5:db:7a:1d:43:2d:7c:b5:f3:0c: 96:cc:da:31:2f:3a:a4:82:00:2a:7c:17:8f:c1:db:a4:12:c0: ed:10:9d:c0:ef:41:50:71:ca:ef:29:a9:06:03:09:63:f8:07: d2:85:88:cb:52:0b:1e:ac:52:2e:a2:3e:2b:40:d8:ec:10:b8: b4:ff:9a:48 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdXvjJaOQd1W4Aw9lJIqEngmPu9AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwNTAyNVoX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNANDdmNjFlMDk0ZmI1ODI4MmRkNDA5 NzUzN2QzOTFiYjA3ZWU2ODFkODIzZGI3NmM4NzE5MDgxZmUwNmUwNTRkNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKSeslF1ET4rIIRNa2n2OPhOSfKV o3wtdE0pOvZJMISdrCySxd310gZL8ujqes3n8l2IgbVcEDfO59rvELHjj0cAXdwG HqBHRm1hBCB22X4WVSi3RmD3K/LDyre++u8k+s+4OPIyQtkkhXjAiKdqe+xpZn0z yovOnl6tKSpLhrdG9LQh4mPGJIwwRUPKXbMwh09uwpXlMGtSALZlTDKGljfsWr2H 2hf1tJN5bvvV19WOgRi5yyF1i4Sih79zahpvkOlSVbVxiVlcjFTTu17azz40u5HX YRIQewcn4miQQgCUIe0AZyHXXdmt+4MZhmPIAcQUNDo98iOk8C9N2TwipwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHGz0BChg03sRii9zH0NIVQVx5JKMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E2YmZmMTZmLTQxNTktNDhiNy1iYzgwLWE0MzUzZWRkNzNlZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaFIAwDQYJKoZIhvcNAQELBQADggEBAECSaoBWdSqSu7kWx0dI mit029+ZhH6YRXTsc9f6EzAIM/TC1OcK8FXORUGfvjiPh/x0pzQ862+hw9HEGoUJ Swyunviv1zho8+RALA6lV4mPhV7FeuB0VsahyvZ9Zm4TOumBqOgSN4oPGZVmvss7 Z6na1rU0zyEUuR6Q6hugaNZtsY324hasOo2M2SJrDUWClN3TBF+KfFWobVVWr6Mj R8zO+Mq2+ONdagRaJV8YLMGF+r+Dfdn9J7GXldB/tdt6HUMtfLXzDJbM2jEvOqSC ACp8F4/B26QSwO0QncDvQVBxyu8pqQYDCWP4B9KFiMtSCx6sUi6iPitA2OwQuLT/ mkg= -----END CERTIFICATE-----Generated at Mon Oct 20 07:27:17 2025 by rpki-client