$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ac8aea04-9afb-482f-82f7-e5e61b79d804.roa File: ac8aea04-9afb-482f-82f7-e5e61b79d804.roa (raw, json) Hash identifier: j/Dm+2NS666hCU4a6BXIbmXr5uR5X9/mCoBTydNJ9Og= Subject key identifier: ED:83:98:A0:12:57:58:4B:0F:50:1A:00:E2:7F:BA:21:3C:5E:AF:7A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 55F4F73CF988C40F9BBC07F1A2E573933604A887 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ac8aea04-9afb-482f-82f7-e5e61b79d804.roa Signing time: Tue 14 Oct 2025 00:10:44 +0000 ROA not before: Tue 14 Oct 2025 00:10:44 +0000 ROA not after: Tue 18 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:a800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:f4:f7:3c:f9:88:c4:0f:9b:bc:07:f1:a2:e5:73:93:36:04:a8:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 14 00:10:44 2025 GMT Not After : Nov 18 23:59:59 2025 GMT Subject: serialNumber=e311f6d07763ee8129058d73aef53730f1209d6bf20514dba159707b66cee6fb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:a0:e3:4b:33:8b:4c:fa:74:30:73:c8:e0:0b: 2e:39:99:8b:1e:61:d4:d3:f9:00:9f:9f:f9:91:b9: 6f:c5:46:8c:91:b9:ab:4a:72:ee:84:49:ac:e4:45: 0e:02:6c:ad:6b:5b:5e:44:04:b2:aa:d7:38:f8:7c: b0:75:8a:99:c5:1b:d3:f7:e8:44:d2:5c:55:81:bf: e7:41:1b:fe:c9:50:25:68:cc:f8:fc:95:be:bb:7e: 20:ec:11:26:7f:89:e7:96:bb:94:d3:fb:e9:1b:fd: a0:ba:d0:43:ab:c0:50:8b:92:e8:d6:23:77:7f:02: 60:62:a9:28:8c:bf:bf:14:24:75:47:be:a9:ca:35: 79:5a:92:53:ef:5f:e4:81:7f:de:7e:8e:25:f0:0b: 75:64:97:aa:b9:e0:08:03:00:12:36:b7:27:07:98: fc:31:41:7b:95:40:1a:46:c3:6b:13:a6:40:9a:ee: 45:2d:a4:0b:16:1d:77:2a:2a:48:c4:3a:b4:cf:0c: d3:74:5c:d0:07:3a:75:68:24:a9:27:d3:c8:b3:50: 62:66:87:74:ee:6e:07:ff:c3:35:1d:6f:d0:59:b8: 4b:3e:11:aa:0a:18:b7:ea:7b:77:67:8f:88:22:e7: 4e:b5:ec:18:9b:41:4c:85:32:8c:4d:ac:fa:3e:3a: fc:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:83:98:A0:12:57:58:4B:0F:50:1A:00:E2:7F:BA:21:3C:5E:AF:7A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ac8aea04-9afb-482f-82f7-e5e61b79d804.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:a800::/40 Signature Algorithm: sha256WithRSAEncryption 61:4e:10:23:8e:ac:3e:80:b5:c0:23:2a:44:ab:d6:1b:4f:b0: 91:1b:f2:7b:1c:ea:2a:5f:72:2f:9c:49:e4:89:c7:fd:1a:81: 18:46:9f:00:e5:5e:f6:da:86:71:01:39:d1:8a:82:29:b6:1b: f4:70:bd:90:74:c2:e6:dd:09:d6:6a:2b:4f:c2:b1:af:4f:71: 2b:91:3b:17:0d:1e:27:a4:ea:35:01:ec:c1:2c:3a:57:b2:6d: 8d:fd:e6:88:3e:5b:1f:94:13:71:f8:5a:76:bd:a1:49:53:9c: 0c:9d:e1:05:17:50:d2:20:77:89:ac:22:9d:85:6a:77:b4:66: d5:07:0d:a2:36:3c:ce:7b:db:f2:21:07:19:0e:3c:db:fd:c6: 78:ed:e3:80:09:54:ca:76:c9:97:f2:17:a8:16:5e:da:58:ab: 48:78:86:35:66:2e:a7:83:97:2d:d7:4b:20:65:b2:77:74:4c: 0e:64:57:c7:80:cb:4c:f7:39:a4:8d:45:e1:fc:1f:a0:b2:5f: 85:54:d4:f6:88:c0:4a:1b:60:02:c6:93:59:87:17:6c:28:51: fa:c4:f3:20:c6:d0:40:9a:12:cd:12:70:d2:66:e5:d2:5e:50: 64:4c:c5:6c:d8:14:ce:25:71:bd:0a:dc:f2:0a:3c:28:c6:0d: e3:ea:89:1c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVfT3PPmIxA+bvAfxouVzkzYEqIcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNDAwMTA0NFoX DTI1MTExODIzNTk1OVowejFJMEcGA1UEBRNAZTMxMWY2ZDA3NzYzZWU4MTI5MDU4 ZDczYWVmNTM3MzBmMTIwOWQ2YmYyMDUxNGRiYTE1OTcwN2I2NmNlZTZmYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKDjSzOLTPp0MHPI4AsuOZmLHmHU 0/kAn5/5kblvxUaMkbmrSnLuhEms5EUOAmyta1teRASyqtc4+HywdYqZxRvT9+hE 0lxVgb/nQRv+yVAlaMz4/JW+u34g7BEmf4nnlruU0/vpG/2gutBDq8BQi5Lo1iN3 fwJgYqkojL+/FCR1R76pyjV5WpJT71/kgX/efo4l8At1ZJequeAIAwASNrcnB5j8 MUF7lUAaRsNrE6ZAmu5FLaQLFh13KipIxDq0zwzTdFzQBzp1aCSpJ9PIs1BiZod0 7m4H/8M1HW/QWbhLPhGqChi36nt3Z4+IIudOtewYm0FMhTKMTaz6Pjr8+QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFO2DmKASV1hLD1AaAOJ/uiE8Xq96MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FjOGFlYTA0LTlhZmItNDgyZi04MmY3LWU1ZTYxYjc5ZDgwNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoKgwDQYJKoZIhvcNAQELBQADggEBAGFOECOOrD6AtcAjKkSr 1htPsJEb8nsc6ipfci+cSeSJx/0agRhGnwDlXvbahnEBOdGKgim2G/RwvZB0wubd CdZqK0/Csa9PcSuROxcNHiek6jUB7MEsOleybY395og+Wx+UE3H4Wna9oUlTnAyd 4QUXUNIgd4msIp2Fane0ZtUHDaI2PM572/IhBxkOPNv9xnjt44AJVMp2yZfyF6gW XtpYq0h4hjVmLqeDly3XSyBlsnd0TA5kV8eAy0z3OaSNReH8H6CyX4VU1PaIwEob YALGk1mHF2woUfrE8yDG0ECaEs0ScNJm5dJeUGRMxWzYFM4lcb0K3PIKPCjGDePq iRw= -----END CERTIFICATE-----Generated at Mon Oct 20 14:52:37 2025 by rpki-client