$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af3e8a2e-2999-462f-aabd-2ff72d325f5c.roa File: af3e8a2e-2999-462f-aabd-2ff72d325f5c.roa (raw, json) Hash identifier: MMZFmGtZ38gufVOupPamiUqTPOVhhMMvEr8qM5tkr/w= Subject key identifier: 67:44:0A:9D:08:F8:73:B6:57:DC:70:F8:C0:70:9F:84:2A:B7:F4:49 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3400C1FEB8A64D3E7E74737DB7532249F8EE0EB4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af3e8a2e-2999-462f-aabd-2ff72d325f5c.roa Signing time: Sat 11 Oct 2025 00:10:54 +0000 ROA not before: Sat 11 Oct 2025 00:10:54 +0000 ROA not after: Sat 15 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:e040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:00:c1:fe:b8:a6:4d:3e:7e:74:73:7d:b7:53:22:49:f8:ee:0e:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 11 00:10:54 2025 GMT Not After : Nov 15 23:59:59 2025 GMT Subject: serialNumber=19e994bc607c9a0d7f8878ca88ed3cfe7f7537924173397aaebe929698be0ee1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:b0:a9:1c:d1:39:a3:58:8d:a6:2f:11:a2:55: 46:e6:25:cd:d3:6b:21:f5:41:a5:4e:f7:76:43:18: 82:2a:66:a1:15:6e:26:69:7c:a2:91:7c:73:57:23: 1a:b8:ad:3d:9e:25:d6:f1:ab:c3:eb:f8:23:96:9d: 3b:77:90:d4:7f:e8:70:5d:04:80:f6:cc:23:39:e4: 8c:e4:86:ec:ed:76:da:b7:6e:34:f1:b6:71:2b:9c: aa:83:78:25:57:79:7c:92:c9:43:b2:66:14:75:f3: 96:d7:0c:4b:9c:d3:80:75:2c:7a:c0:60:c5:8a:45: 2f:a0:7e:6d:02:c4:03:34:7e:8a:a6:8d:c0:82:26: e9:ac:c5:e2:3c:5a:0e:be:ee:af:d3:ca:5f:6f:63: 93:65:06:df:cd:3a:67:9b:ac:de:05:b2:37:fb:e8: 51:57:3c:bf:05:42:0f:cf:d3:c1:ff:ed:7f:09:93: 94:6b:69:f9:52:c1:05:da:90:9b:21:f9:49:7f:aa: c0:97:1d:69:6a:98:5f:e5:7f:7a:c0:ca:3b:db:34: e4:7b:52:40:29:0d:cb:7b:cb:8c:21:c5:77:49:9b: c2:ad:1e:96:3f:df:98:bc:81:51:2f:67:3e:b7:0c: 50:19:15:7d:9c:cd:43:0c:88:f8:ce:da:70:8b:09: 7a:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:44:0A:9D:08:F8:73:B6:57:DC:70:F8:C0:70:9F:84:2A:B7:F4:49 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af3e8a2e-2999-462f-aabd-2ff72d325f5c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:e040::/48 Signature Algorithm: sha256WithRSAEncryption 64:4b:9d:bc:7e:b6:2e:68:eb:3d:af:83:95:7b:f1:c6:21:76: 4f:bd:3f:74:5b:79:e5:f1:66:b5:b7:73:64:38:43:50:f6:9f: 2a:2a:f1:9f:b5:6d:2a:a8:cb:bf:dd:2a:97:46:13:bd:ed:cf: 8d:84:64:96:7c:63:e6:1e:75:6c:58:38:af:a5:76:6e:47:0e: c4:66:dd:11:04:2d:f5:9d:c8:56:79:91:70:81:f2:6c:fd:27: e7:3a:8f:6c:6d:eb:21:e7:49:ef:a7:f0:c8:73:77:0a:72:32: 48:ae:c8:59:54:b3:30:94:a1:81:1f:96:f0:f2:3e:1b:c3:d7: c2:ea:f4:d4:ae:43:f5:24:7b:80:0d:7e:99:a3:c5:55:17:39: 4d:1f:00:5a:f3:8f:ad:b8:1d:4a:83:ae:4b:a3:c7:bd:4a:fc: 2c:d9:ac:8e:81:53:b4:9f:42:1d:5f:5b:cc:4f:04:86:b8:fe: de:ae:a9:f2:0b:e0:81:5c:ec:43:27:5d:cb:22:a6:91:bd:b5: 4a:31:14:2c:af:e3:90:36:05:2d:d4:14:7f:44:39:8f:5f:d9: 4a:58:f3:25:ae:e2:84:1f:58:b3:62:7c:6b:85:57:83:88:cd: c2:cf:ab:b4:91:2d:1e:64:c2:3d:51:c2:17:22:54:fa:e6:c4: dc:f5:78:3d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUNADB/rimTT5+dHN9t1MiSfjuDrQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMTAwMTA1NFoX DTI1MTExNTIzNTk1OVowejFJMEcGA1UEBRNAMTllOTk0YmM2MDdjOWEwZDdmODg3 OGNhODhlZDNjZmU3Zjc1Mzc5MjQxNzMzOTdhYWViZTkyOTY5OGJlMGVlMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7CpHNE5o1iNpi8RolVG5iXN02sh 9UGlTvd2QxiCKmahFW4maXyikXxzVyMauK09niXW8avD6/gjlp07d5DUf+hwXQSA 9swjOeSM5Ibs7Xbat2408bZxK5yqg3glV3l8kslDsmYUdfOW1wxLnNOAdSx6wGDF ikUvoH5tAsQDNH6Kpo3AgibprMXiPFoOvu6v08pfb2OTZQbfzTpnm6zeBbI3++hR Vzy/BUIPz9PB/+1/CZOUa2n5UsEF2pCbIflJf6rAlx1paphf5X96wMo72zTke1JA KQ3Le8uMIcV3SZvCrR6WP9+YvIFRL2c+twxQGRV9nM1DDIj4ztpwiwl6RQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGdECp0I+HO2V9xw+MBwn4Qqt/RJMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FmM2U4YTJlLTI5OTktNDYyZi1hYWJkLTJmZjcyZDMyNWY1Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYeBAMA0GCSqGSIb3DQEBCwUAA4IBAQBkS528frYuaOs9r4OV e/HGIXZPvT90W3nl8Wa1t3NkOENQ9p8qKvGftW0qqMu/3SqXRhO97c+NhGSWfGPm HnVsWDivpXZuRw7EZt0RBC31nchWeZFwgfJs/SfnOo9sbesh50nvp/DIc3cKcjJI rshZVLMwlKGBH5bw8j4bw9fC6vTUrkP1JHuADX6Zo8VVFzlNHwBa84+tuB1Kg65L o8e9Svws2ayOgVO0n0IdX1vMTwSGuP7erqnyC+CBXOxDJ13LIqaRvbVKMRQsr+OQ NgUt1BR/RDmPX9lKWPMlruKEH1izYnxrhVeDiM3Cz6u0kS0eZMI9UcIXIlT65sTc 9Xg9 -----END CERTIFICATE-----Generated at Mon Oct 20 07:27:33 2025 by rpki-client