$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b04ab6cc-e646-42b2-b8a0-75a22e4744ea.roa File: b04ab6cc-e646-42b2-b8a0-75a22e4744ea.roa (raw, json) Hash identifier: D+jo/byxU4bXEk9qnFBUH/Y6QYg0kNTkXES39KAmUzk= Subject key identifier: FA:93:ED:28:7C:D9:E0:26:BF:80:56:B8:1C:CF:F0:C3:64:4B:2B:B9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6C2473BD190F2C0C58DDD6E57E7B09E91BF91259 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b04ab6cc-e646-42b2-b8a0-75a22e4744ea.roa Signing time: Fri 03 Oct 2025 00:00:06 +0000 ROA not before: Fri 03 Oct 2025 00:00:06 +0000 ROA not after: Fri 07 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:24:73:bd:19:0f:2c:0c:58:dd:d6:e5:7e:7b:09:e9:1b:f9:12:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 3 00:00:06 2025 GMT Not After : Nov 7 23:59:59 2025 GMT Subject: serialNumber=42ad9d6d327b1d2b2cb348db4725a8d78bbfd5cc1303f544ef4ddab754c48bea, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:34:4e:69:75:6e:af:6e:c2:cb:fb:f6:eb:09: 80:10:e4:97:49:c1:01:22:00:45:27:5c:83:d2:3e: 43:6a:89:d6:bb:fe:3c:b1:3f:3e:da:0b:4e:09:3b: 61:04:17:58:ae:73:c0:de:f9:26:3b:fc:dd:89:a8: e6:da:63:87:4a:e7:d3:be:e2:3a:7e:90:1e:4e:0b: f7:23:82:b6:36:2b:33:5a:92:79:f3:62:99:c7:6b: b2:e3:a2:fa:55:60:76:5b:6d:dd:64:41:a9:fd:70: 85:cd:53:e9:d9:6e:fa:f6:ba:62:19:c0:d6:eb:13: 8b:c7:37:2d:40:b0:fe:60:2d:f9:55:cd:08:3d:5d: c6:d7:7f:73:cd:bc:c6:af:22:c5:21:94:ff:d0:27: 1f:24:a7:02:c6:18:d7:24:de:3e:09:4f:94:de:e5: 16:f5:cd:a2:91:31:94:e6:23:9b:cf:3b:71:c7:d9: 7b:48:24:1f:30:ea:bb:aa:54:f4:b8:3e:b2:8b:a2: d8:a0:eb:d7:a9:6c:ea:d8:32:5b:15:9c:0d:89:03: 09:39:bb:a1:c6:87:2c:d3:d8:d0:f7:ea:86:69:5d: bb:3c:10:a3:28:25:07:71:0e:87:0e:25:fa:15:ec: a5:79:79:e2:b3:5f:9a:bb:23:e9:ff:f7:28:32:4e: a8:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:93:ED:28:7C:D9:E0:26:BF:80:56:B8:1C:CF:F0:C3:64:4B:2B:B9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b04ab6cc-e646-42b2-b8a0-75a22e4744ea.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:1000::/40 Signature Algorithm: sha256WithRSAEncryption 30:d0:02:30:46:60:cf:1c:1c:9f:78:87:95:18:6d:42:c7:20: 8b:40:45:7c:42:c7:d5:3d:38:ae:dd:4b:ed:86:dd:bd:47:a1: 71:8c:8a:36:58:4d:b0:40:5b:78:e9:6a:88:7b:ab:a6:b3:7b: 64:fb:a2:42:e4:ce:b7:f1:3b:91:fe:b7:7a:0a:c2:35:24:c1: 8f:d5:49:21:d8:ba:b9:94:dd:fd:6e:b6:08:f1:7b:86:2a:0c: ab:bf:c9:ae:dd:76:a4:bc:67:54:23:fe:7b:60:3e:55:d2:f9: 6e:af:6a:44:5f:c0:bb:c7:ed:16:bb:e5:aa:e4:62:d7:33:5e: bc:ac:5c:30:c9:64:f7:8e:33:23:6e:d0:2d:6d:23:82:05:bc: df:42:29:1d:43:81:73:b5:a5:93:a0:bc:98:7b:6a:ed:6f:bb: bf:2c:b0:23:72:30:a6:ae:99:d5:f9:da:24:fa:01:e7:bf:65: 8c:71:16:eb:22:30:a5:3c:fd:ee:11:d2:d7:bf:5c:ff:0e:2a: bf:b9:94:8c:44:1c:68:98:5f:41:6c:12:a4:2a:2e:ee:89:a4: d8:3c:20:5b:48:3d:37:9b:84:0c:8e:0b:d4:45:a8:7b:87:3d: 97:d8:d2:06:c3:4b:3b:9e:c4:f9:89:79:c5:db:ee:b8:30:c1: 05:d5:c7:89 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbCRzvRkPLAxY3dblfnsJ6Rv5ElkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwMzAwMDAwNloX DTI1MTEwNzIzNTk1OVowejFJMEcGA1UEBRNANDJhZDlkNmQzMjdiMWQyYjJjYjM0 OGRiNDcyNWE4ZDc4YmJmZDVjYzEzMDNmNTQ0ZWY0ZGRhYjc1NGM0OGJlYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6DROaXVur27Cy/v26wmAEOSXScEB IgBFJ1yD0j5DaonWu/48sT8+2gtOCTthBBdYrnPA3vkmO/zdiajm2mOHSufTvuI6 fpAeTgv3I4K2NiszWpJ582KZx2uy46L6VWB2W23dZEGp/XCFzVPp2W769rpiGcDW 6xOLxzctQLD+YC35Vc0IPV3G139zzbzGryLFIZT/0CcfJKcCxhjXJN4+CU+U3uUW 9c2ikTGU5iObzztxx9l7SCQfMOq7qlT0uD6yi6LYoOvXqWzq2DJbFZwNiQMJObuh xocs09jQ9+qGaV27PBCjKCUHcQ6HDiX6FeyleXnis1+auyPp//coMk6o5QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPqT7Sh82eAmv4BWuBzP8MNkSyu5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IwNGFiNmNjLWU2NDYtNDJiMi1iOGEwLTc1YTIyZTQ3NDRlYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMhAwDQYJKoZIhvcNAQELBQADggEBADDQAjBGYM8cHJ94h5UY bULHIItARXxCx9U9OK7dS+2G3b1HoXGMijZYTbBAW3jpaoh7q6aze2T7okLkzrfx O5H+t3oKwjUkwY/VSSHYurmU3f1utgjxe4YqDKu/ya7ddqS8Z1Qj/ntgPlXS+W6v akRfwLvH7Ra75arkYtczXrysXDDJZPeOMyNu0C1tI4IFvN9CKR1DgXO1pZOgvJh7 au1vu78ssCNyMKaumdX52iT6Aee/ZYxxFusiMKU8/e4R0te/XP8OKr+5lIxEHGiY X0FsEqQqLu6JpNg8IFtIPTebhAyOC9RFqHuHPZfY0gbDSzuexPmJecXb7rgwwQXV x4k= -----END CERTIFICATE-----Generated at Mon Oct 20 07:27:54 2025 by rpki-client