$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf7dfcf8-ba0c-47e9-8ddb-6a6d8ec70412.roa File: bf7dfcf8-ba0c-47e9-8ddb-6a6d8ec70412.roa (raw, json) Hash identifier: jxRa4L/ancCNpgC+PAIPBnoFl4sCUFIJrpvUlMB/Pkw= Subject key identifier: 1A:CA:1B:D2:07:B8:37:54:93:E2:89:E9:E8:80:20:C3:34:FA:C9:7C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7B60C3AE682F69270A966DB7449EF8975D2B499C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf7dfcf8-ba0c-47e9-8ddb-6a6d8ec70412.roa Signing time: Sat 04 Oct 2025 00:20:05 +0000 ROA not before: Sat 04 Oct 2025 00:20:05 +0000 ROA not after: Sat 08 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:60:c3:ae:68:2f:69:27:0a:96:6d:b7:44:9e:f8:97:5d:2b:49:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 4 00:20:05 2025 GMT Not After : Nov 8 23:59:59 2025 GMT Subject: serialNumber=b01a34850574479fa39105d619107f2c73707f51da71dfef3c8af40e5a191304, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:93:28:78:4b:af:a1:49:9e:5e:dd:11:31:5a: 20:c2:4a:5c:03:95:c1:5d:64:29:48:60:ac:d1:5c: 98:b7:3a:a8:c1:59:f5:a0:a7:57:5a:1a:22:1e:2e: 18:a9:47:6b:3e:3b:6a:28:60:e1:07:4e:6c:b7:30: b5:24:b8:62:bc:b2:43:38:d1:ef:9c:03:b9:f2:87: a0:09:9a:26:73:f2:7d:8e:69:fb:28:f3:92:4b:15: 81:f9:f6:a1:f4:bb:d9:9d:ff:bc:c6:2a:4d:1b:ba: c9:f5:67:54:e8:b1:05:8a:6f:6c:61:f9:c0:c7:58: 48:72:26:ed:dd:7d:cf:77:04:32:97:eb:66:9c:35: 62:ba:1b:17:9e:05:42:73:0e:ec:f2:c3:63:b1:53: 0a:4d:7a:73:22:4a:e7:dc:5e:8e:16:ef:03:3d:a9: a2:6e:2f:27:2b:f8:74:1a:93:17:8e:ed:06:9d:f5: fe:4c:fc:4d:cf:4e:4e:03:73:53:da:05:0c:13:f9: 55:b5:3f:0e:2d:4d:8e:3b:45:67:8d:f4:01:1c:71: 8d:63:65:71:25:8a:58:f1:e0:3e:06:f3:73:6d:b5: 61:3c:46:03:08:f5:e4:fd:28:4d:53:2a:b9:9f:0c: fa:b6:62:42:f1:03:07:d1:6f:c9:7b:4b:43:62:27: b0:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:CA:1B:D2:07:B8:37:54:93:E2:89:E9:E8:80:20:C3:34:FA:C9:7C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf7dfcf8-ba0c-47e9-8ddb-6a6d8ec70412.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:c800::/40 Signature Algorithm: sha256WithRSAEncryption 00:c5:7b:49:3f:2b:a6:ec:5b:22:85:28:4e:ab:3c:4b:d5:30: 45:76:b2:e1:32:61:41:53:9d:f7:43:01:db:52:73:99:5b:9f: 23:ec:e2:11:2c:ff:b7:3b:92:9d:dc:98:20:58:97:72:c6:36: ef:cc:3a:82:7e:bf:6f:ec:f6:16:ca:03:de:68:70:01:68:0f: 20:31:57:95:c2:6a:c4:11:14:50:0e:03:1a:30:e1:37:a6:d6: 0c:ee:3d:38:ea:20:7f:77:08:1e:46:6d:34:14:83:b8:7d:dd: 10:2e:12:6b:43:33:88:6e:d8:f0:17:84:9c:00:56:47:6b:a4: 3a:5d:f7:66:95:fb:3f:8e:b2:e6:7a:d2:33:fe:73:7f:e3:17: d9:50:4d:da:7e:fc:12:e8:f3:6e:36:84:44:51:df:43:6b:72: 6e:01:2e:08:2d:26:57:ca:b0:ae:b1:27:12:72:cc:64:bb:c4: 97:66:94:f4:0e:59:8c:f0:7e:ac:51:3e:07:5f:fc:09:13:2f: 93:36:51:69:02:75:9f:25:25:43:8e:71:99:8b:b8:95:58:cf: cb:b6:2a:45:89:dd:b9:e4:ef:0c:0c:ff:82:35:26:c6:b9:e4: db:66:f3:bd:24:c6:9a:b6:4a:67:05:8b:9c:d2:01:26:98:8e: 05:0c:7b:e7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUe2DDrmgvaScKlm23RJ74l10rSZwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNDAwMjAwNVoX DTI1MTEwODIzNTk1OVowejFJMEcGA1UEBRNAYjAxYTM0ODUwNTc0NDc5ZmEzOTEw NWQ2MTkxMDdmMmM3MzcwN2Y1MWRhNzFkZmVmM2M4YWY0MGU1YTE5MTMwNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZMoeEuvoUmeXt0RMVogwkpcA5XB XWQpSGCs0VyYtzqowVn1oKdXWhoiHi4YqUdrPjtqKGDhB05stzC1JLhivLJDONHv nAO58oegCZomc/J9jmn7KPOSSxWB+fah9LvZnf+8xipNG7rJ9WdU6LEFim9sYfnA x1hIcibt3X3PdwQyl+tmnDViuhsXngVCcw7s8sNjsVMKTXpzIkrn3F6OFu8DPami bi8nK/h0GpMXju0GnfX+TPxNz05OA3NT2gUME/lVtT8OLU2OO0VnjfQBHHGNY2Vx JYpY8eA+BvNzbbVhPEYDCPXk/ShNUyq5nwz6tmJC8QMH0W/Je0tDYiewmQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBrKG9IHuDdUk+KJ6eiAIMM0+sl8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JmN2RmY2Y4LWJhMGMtNDdlOS04ZGRiLTZhNmQ4ZWM3MDQxMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoMgwDQYJKoZIhvcNAQELBQADggEBAADFe0k/K6bsWyKFKE6r PEvVMEV2suEyYUFTnfdDAdtSc5lbnyPs4hEs/7c7kp3cmCBYl3LGNu/MOoJ+v2/s 9hbKA95ocAFoDyAxV5XCasQRFFAOAxow4Tem1gzuPTjqIH93CB5GbTQUg7h93RAu EmtDM4hu2PAXhJwAVkdrpDpd92aV+z+OsuZ60jP+c3/jF9lQTdp+/BLo8242hERR 30Nrcm4BLggtJlfKsK6xJxJyzGS7xJdmlPQOWYzwfqxRPgdf/AkTL5M2UWkCdZ8l JUOOcZmLuJVYz8u2KkWJ3bnk7wwM/4I1Jsa55Ntm870kxpq2SmcFi5zSASaYjgUM e+c= -----END CERTIFICATE-----Generated at Mon Oct 20 18:16:23 2025 by rpki-client