$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af674e28-8a6b-4881-bc24-1bd1d459637c.roa File: af674e28-8a6b-4881-bc24-1bd1d459637c.roa (raw, json) Hash identifier: PW2oexDojiceokUILnwXUjak1HOKyIogVbBfY++25lU= Subject key identifier: 33:0B:2C:84:9D:35:C9:1E:11:7E:0D:D6:56:FC:D2:30:41:50:A5:F5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 68E32F081ACC3DABB7F2A2F3429DECF34211B00A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af674e28-8a6b-4881-bc24-1bd1d459637c.roa Signing time: Wed 15 Oct 2025 00:01:07 +0000 ROA not before: Wed 15 Oct 2025 00:01:07 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:e3:2f:08:1a:cc:3d:ab:b7:f2:a2:f3:42:9d:ec:f3:42:11:b0:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:01:07 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=743f2965c5ebb43f595c5c296ea4812b5fa712ef5b04b1bebb717f1c572f4f24, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:9c:b7:b2:e0:e7:fa:07:59:51:53:6e:59:b3: b5:fd:be:02:b2:aa:91:c8:41:44:60:a4:b1:90:a1: 3d:10:76:33:d5:b7:6e:8a:27:27:2c:5f:57:1b:80: dc:a4:eb:56:ee:43:79:2a:e5:37:d0:22:e9:30:0e: e3:50:07:a6:b9:ab:4f:0f:f3:c1:d0:5b:f9:ae:46: 5b:fc:bb:bf:03:a5:32:d3:91:30:1e:33:fb:04:7b: 7c:2f:16:2e:d1:f5:9a:3d:14:82:67:8b:ee:6a:0d: 04:ab:00:97:f1:4e:dc:2b:a7:69:be:d5:48:e9:74: 52:14:7b:96:7b:a6:35:b2:08:e2:6d:b0:69:38:98: 13:e1:7d:75:c4:3a:a3:c7:39:0e:b1:49:27:43:06: 35:16:94:3e:33:af:6b:48:c5:c7:11:f2:d3:e9:d2: f4:10:88:31:c4:b3:d1:58:f0:8e:cc:d5:2f:7f:60: f2:5d:65:c0:be:b0:48:62:80:12:ec:fd:b1:0f:a2: 6e:61:56:93:2e:c0:ea:b6:0e:cd:40:2f:97:2b:df: d7:5a:67:a7:c0:52:a9:ca:bc:33:4b:38:e5:a6:f6: a4:96:fa:ec:40:e5:6d:d5:5d:e1:6c:b7:a7:2f:f1: c0:b7:3d:7e:95:37:8b:ba:b3:5a:af:51:e7:8b:e6: d9:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:0B:2C:84:9D:35:C9:1E:11:7E:0D:D6:56:FC:D2:30:41:50:A5:F5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af674e28-8a6b-4881-bc24-1bd1d459637c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:a000::/40 Signature Algorithm: sha256WithRSAEncryption 83:71:f9:b1:ab:61:78:6a:4a:b1:0c:a5:5b:55:eb:81:2f:bd: a1:b7:56:31:43:13:4f:1b:9a:f6:3e:79:74:6f:ec:6c:d7:23: 41:52:03:67:07:2e:95:fb:0c:0c:ff:83:16:cb:ad:11:d5:1c: a8:c9:a1:f1:bb:aa:e7:98:e7:e3:d6:d8:9f:eb:45:25:40:b8: 67:84:52:7a:16:41:3a:09:4d:a7:a7:eb:35:bb:37:11:f2:ab: 2a:b4:1d:eb:32:1c:01:39:8c:b3:cc:87:fb:63:1d:76:41:26: dc:76:7e:28:0b:92:54:2b:9d:89:27:b9:87:09:f3:17:a8:fe: 3a:0c:72:b6:d9:89:47:da:c6:e8:a4:70:42:50:de:e2:94:c3: 19:20:cf:69:c8:b8:b1:cf:84:c2:a8:8c:d5:79:9a:b6:40:8c: 91:5d:c2:d5:21:8c:b4:ad:74:ef:d4:24:68:74:13:94:4f:ba: 9e:4d:66:08:81:85:3f:2f:a7:0b:af:e8:6b:9f:40:41:3f:15: 3e:e9:12:5d:23:15:c7:ba:61:fb:35:36:52:32:b4:c7:f4:f8: 4d:05:46:88:50:4e:98:7a:2f:bd:60:df:8f:50:7c:25:01:c7: d7:95:12:ee:5b:35:3c:2c:4d:cb:0b:12:7c:46:ca:f3:c7:9d: ac:53:03:60 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUaOMvCBrMPau38qLzQp3s80IRsAowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwMDEwN1oX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNANzQzZjI5NjVjNWViYjQzZjU5NWM1 YzI5NmVhNDgxMmI1ZmE3MTJlZjViMDRiMWJlYmI3MTdmMWM1NzJmNGYyNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJy3suDn+gdZUVNuWbO1/b4CsqqR yEFEYKSxkKE9EHYz1bduiicnLF9XG4DcpOtW7kN5KuU30CLpMA7jUAemuatPD/PB 0Fv5rkZb/Lu/A6Uy05EwHjP7BHt8LxYu0fWaPRSCZ4vuag0EqwCX8U7cK6dpvtVI 6XRSFHuWe6Y1sgjibbBpOJgT4X11xDqjxzkOsUknQwY1FpQ+M69rSMXHEfLT6dL0 EIgxxLPRWPCOzNUvf2DyXWXAvrBIYoAS7P2xD6JuYVaTLsDqtg7NQC+XK9/XWmen wFKpyrwzSzjlpvaklvrsQOVt1V3hbLenL/HAtz1+lTeLurNar1Hni+bZDQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDMLLISdNckeEX4N1lb80jBBUKX1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FmNjc0ZTI4LThhNmItNDg4MS1iYzI0LTFiZDFkNDU5NjM3Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoKAwDQYJKoZIhvcNAQELBQADggEBAINx+bGrYXhqSrEMpVtV 64EvvaG3VjFDE08bmvY+eXRv7GzXI0FSA2cHLpX7DAz/gxbLrRHVHKjJofG7queY 5+PW2J/rRSVAuGeEUnoWQToJTaen6zW7NxHyqyq0HesyHAE5jLPMh/tjHXZBJtx2 figLklQrnYknuYcJ8xeo/joMcrbZiUfaxuikcEJQ3uKUwxkgz2nIuLHPhMKojNV5 mrZAjJFdwtUhjLStdO/UJGh0E5RPup5NZgiBhT8vpwuv6GufQEE/FT7pEl0jFce6 Yfs1NlIytMf0+E0FRohQTph6L71g349QfCUBx9eVEu5bNTwsTcsLEnxGyvPHnaxT A2A= -----END CERTIFICATE-----Generated at Mon Oct 20 07:26:54 2025 by rpki-client