$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af6b0407-66be-4076-87b3-370d845449ef.roa File: af6b0407-66be-4076-87b3-370d845449ef.roa (raw, json) Hash identifier: lcueeRntxxxWE+6lHFlmiX/EtwGv922qglQiFC1kskY= Subject key identifier: 7B:25:B3:A6:B7:08:18:8F:0B:CE:8E:86:3A:49:59:7D:EA:F1:0A:45 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 610662C470EB841BAF00A4BD6331D22C967A2385 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af6b0407-66be-4076-87b3-370d845449ef.roa Signing time: Sat 11 Oct 2025 00:10:13 +0000 ROA not before: Sat 11 Oct 2025 00:10:13 +0000 ROA not after: Sat 15 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:6040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:06:62:c4:70:eb:84:1b:af:00:a4:bd:63:31:d2:2c:96:7a:23:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 11 00:10:13 2025 GMT Not After : Nov 15 23:59:59 2025 GMT Subject: serialNumber=0c447528d8eb809e5cea2c305f37d765784c23ccfc1b1b928098f3b4fce56a85, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:8b:fe:53:25:3a:ef:24:91:e8:c0:8a:17:05: c5:3d:b1:30:2a:16:83:0a:2d:32:c8:d3:9d:e2:a6: c5:c7:c5:f7:9d:d1:48:f5:e0:9a:6e:db:79:1a:c9: 0f:06:32:3e:11:9d:ff:ca:71:30:de:4d:be:75:79: 63:73:5a:5d:1d:d2:bf:44:09:19:dd:d1:ad:1c:98: da:2e:eb:46:7a:c6:51:c4:39:38:c0:b7:6d:f3:24: 22:54:bd:4f:10:c1:69:28:1d:c1:df:37:01:ee:14: b4:04:b0:3f:4d:e3:e0:4f:9b:78:e0:35:ed:a7:ee: ba:92:a4:8a:41:eb:fd:1c:04:46:64:73:a0:26:f9: f4:7e:33:2a:b5:f1:8e:e1:e9:21:4c:b8:77:42:40: fd:d9:5f:5f:b1:f0:8f:92:46:21:e3:5e:1b:0f:40: f4:35:1f:5c:66:13:11:0c:46:51:00:6f:9c:bf:fb: be:6b:6e:7c:76:75:dc:ee:61:91:dd:4c:d1:45:96: 1d:8b:95:cc:d9:6e:e6:b9:ac:41:20:e6:11:3e:34: ad:b8:c0:eb:dc:b5:1d:b2:77:83:d8:84:d8:4e:84: e0:75:49:f9:d3:49:d5:22:81:59:a1:34:89:d8:bc: 13:3e:a7:a0:81:83:f8:9a:12:8d:22:c7:b9:6b:c4: 33:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:25:B3:A6:B7:08:18:8F:0B:CE:8E:86:3A:49:59:7D:EA:F1:0A:45 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af6b0407-66be-4076-87b3-370d845449ef.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:6040::/48 Signature Algorithm: sha256WithRSAEncryption bd:8f:18:3b:06:cf:b9:0c:96:24:ac:73:f6:19:c2:51:92:64: d8:9f:4a:37:0c:21:23:c0:ae:4c:db:86:83:74:7f:d2:cf:f1: 41:88:65:ab:87:52:4a:17:4d:e8:a3:92:52:28:b1:d1:af:be: 3d:d1:fd:e7:1a:a9:e6:02:a1:a7:ff:60:98:95:b8:cb:90:02: a4:5d:ca:ab:da:fc:62:f6:63:c7:18:51:50:a8:91:88:ea:62: a1:8f:87:af:29:7e:5f:2a:08:d0:a9:08:4d:ff:b5:89:26:8b: 60:84:04:10:61:30:65:71:c1:e2:1f:92:65:d6:af:cf:0e:f9: 69:49:09:7c:c4:e1:43:6a:03:a3:eb:fc:2f:0b:d3:47:33:72: a1:a2:2c:9c:14:bf:db:57:01:09:f2:72:a9:0f:70:a7:7b:0e: aa:4a:a9:57:25:47:bc:ea:e6:eb:21:d2:99:a7:b2:96:d3:ee: 71:16:a8:25:72:a7:e4:81:1f:70:9f:94:12:7d:5c:af:47:de: 38:ad:0f:85:f9:b8:3c:84:5c:84:7b:48:fe:94:78:a6:27:ea: 65:97:07:7a:92:02:68:5a:19:70:00:8a:3e:cc:b5:19:85:46: 4b:31:c3:50:3f:1e:60:de:75:10:5e:d9:ea:99:d0:44:91:9f: 5f:5f:c8:0b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYQZixHDrhBuvAKS9YzHSLJZ6I4UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMTAwMTAxM1oX DTI1MTExNTIzNTk1OVowejFJMEcGA1UEBRNAMGM0NDc1MjhkOGViODA5ZTVjZWEy YzMwNWYzN2Q3NjU3ODRjMjNjY2ZjMWIxYjkyODA5OGYzYjRmY2U1NmE4NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyov+UyU67ySR6MCKFwXFPbEwKhaD Ci0yyNOd4qbFx8X3ndFI9eCabtt5GskPBjI+EZ3/ynEw3k2+dXljc1pdHdK/RAkZ 3dGtHJjaLutGesZRxDk4wLdt8yQiVL1PEMFpKB3B3zcB7hS0BLA/TePgT5t44DXt p+66kqSKQev9HARGZHOgJvn0fjMqtfGO4ekhTLh3QkD92V9fsfCPkkYh414bD0D0 NR9cZhMRDEZRAG+cv/u+a258dnXc7mGR3UzRRZYdi5XM2W7muaxBIOYRPjStuMDr 3LUdsneD2ITYToTgdUn500nVIoFZoTSJ2LwTPqeggYP4mhKNIse5a8QznQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHsls6a3CBiPC86OhjpJWX3q8QpFMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FmNmIwNDA3LTY2YmUtNDA3Ni04N2IzLTM3MGQ4NDU0NDllZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8mBAMA0GCSqGSIb3DQEBCwUAA4IBAQC9jxg7Bs+5DJYkrHP2 GcJRkmTYn0o3DCEjwK5M24aDdH/Sz/FBiGWrh1JKF03oo5JSKLHRr7490f3nGqnm AqGn/2CYlbjLkAKkXcqr2vxi9mPHGFFQqJGI6mKhj4evKX5fKgjQqQhN/7WJJotg hAQQYTBlccHiH5Jl1q/PDvlpSQl8xOFDagOj6/wvC9NHM3KhoiycFL/bVwEJ8nKp D3Cnew6qSqlXJUe86ubrIdKZp7KW0+5xFqglcqfkgR9wn5QSfVyvR944rQ+F+bg8 hFyEe0j+lHimJ+pllwd6kgJoWhlwAIo+zLUZhUZLMcNQPx5g3nUQXtnqmdBEkZ9f X8gL -----END CERTIFICATE-----Generated at Mon Oct 20 13:10:49 2025 by rpki-client