$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa File: bffbf7d3-f229-458a-8400-7dc848730d21.roa (raw, json) Hash identifier: R43DfdlI8nxtMA2GeYH43wjrYSmwhVL8JTNGCA36Wm0= Subject key identifier: 06:0D:C1:E5:B2:A2:A5:BD:FF:DF:82:EE:D4:8F:89:5D:F3:45:89:6E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7A772E601EB587BDD1F3E3472E0378B357534C29 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa Signing time: Sat 11 Oct 2025 00:00:57 +0000 ROA not before: Sat 11 Oct 2025 00:00:57 +0000 ROA not after: Sat 15 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:c080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:77:2e:60:1e:b5:87:bd:d1:f3:e3:47:2e:03:78:b3:57:53:4c:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 11 00:00:57 2025 GMT Not After : Nov 15 23:59:59 2025 GMT Subject: serialNumber=58e3fa0fb4d642618afda2b601fd6afafbf6aded0999b4fb0ac78e8ed2f4f610, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:30:50:4e:da:f2:5b:42:38:e6:7f:2c:dd:c5: 2d:f1:28:a7:72:dc:e6:81:d5:a6:b7:0a:6a:82:7c: 64:1a:a1:0f:70:11:1d:c2:6b:6b:d9:69:40:43:c9: fd:cc:fd:99:e8:c3:a2:23:bb:0b:e1:b3:2c:c2:26: 64:7c:ae:dc:cb:f9:9e:68:b8:83:06:02:20:45:c3: 31:1a:24:1d:8b:32:99:bd:9c:c9:b2:a7:5a:b3:83: c5:bf:dc:de:46:95:92:76:32:56:ad:46:91:e7:61: f2:76:f3:60:f3:47:29:aa:11:66:3b:be:4e:d8:9b: c8:82:2d:41:4f:74:48:39:7b:30:bb:71:5d:cd:a6: 0f:eb:44:97:c5:62:a7:12:8b:07:93:3c:f3:20:8d: 51:42:17:3d:a1:5b:f3:72:ac:9b:39:80:4d:86:99: 93:dc:be:a0:62:04:a5:b3:c9:e7:7d:d2:75:0d:f6: 97:d4:91:41:30:5c:e4:11:62:f7:5d:2d:00:0d:22: 40:fb:f7:c7:c7:38:57:e1:51:4b:ca:a4:e4:a6:20: 00:89:e2:b8:02:db:98:05:fc:1e:1d:c4:8e:12:91: c0:5b:64:65:0c:60:44:4d:14:a8:a3:a9:d0:3b:2d: 14:45:7b:96:b6:9e:ab:ff:ea:da:1e:a0:1e:62:82: 3d:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:0D:C1:E5:B2:A2:A5:BD:FF:DF:82:EE:D4:8F:89:5D:F3:45:89:6E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:c080::/48 Signature Algorithm: sha256WithRSAEncryption 02:4c:f9:fe:2a:b5:ee:63:21:41:76:75:c9:9f:3d:ed:e0:fc: 74:91:9d:9b:fa:49:34:a1:27:b5:05:48:03:ec:b3:15:78:c2: ce:7f:18:09:fd:37:a9:41:96:b9:6c:27:cf:c9:03:2d:a6:80: a0:53:05:12:27:a4:7c:6c:5d:2c:77:ee:04:b9:df:54:db:00: 88:87:25:89:e2:29:e1:20:89:d5:1b:ce:e6:39:0c:82:c7:e8: 02:3f:64:d1:c4:ef:db:9b:05:2d:ed:25:c7:39:3c:40:0c:a9: 4d:37:55:e3:77:ee:82:8a:0b:de:55:61:63:98:f3:64:6e:57: 0f:a7:31:51:f6:41:15:b6:b3:7e:9a:61:0d:82:62:b8:83:60: d1:ff:e0:61:ec:53:c8:97:a3:43:82:65:b0:fa:26:1e:6a:8c: 93:8b:68:16:07:29:3a:96:4f:5c:46:d4:4e:71:43:ab:0b:97: 79:d6:02:3f:13:e3:5c:0e:3b:4a:b7:48:34:43:a1:ba:f9:6b: 27:a4:90:ca:4d:aa:21:5d:ae:54:ae:f8:af:ec:f4:8c:6e:19: 2a:a4:3a:fc:1b:bf:e4:34:e8:84:51:4c:a6:63:e0:5c:b2:14: 48:2f:51:4c:c9:15:4c:75:fb:e7:12:c7:98:71:54:15:79:d6: 24:00:0b:dd -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUencuYB61h73R8+NHLgN4s1dTTCkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMTAwMDA1N1oX DTI1MTExNTIzNTk1OVowejFJMEcGA1UEBRNANThlM2ZhMGZiNGQ2NDI2MThhZmRh MmI2MDFmZDZhZmFmYmY2YWRlZDA5OTliNGZiMGFjNzhlOGVkMmY0ZjYxMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjBQTtryW0I45n8s3cUt8Sinctzm gdWmtwpqgnxkGqEPcBEdwmtr2WlAQ8n9zP2Z6MOiI7sL4bMswiZkfK7cy/meaLiD BgIgRcMxGiQdizKZvZzJsqdas4PFv9zeRpWSdjJWrUaR52HydvNg80cpqhFmO75O 2JvIgi1BT3RIOXswu3FdzaYP60SXxWKnEosHkzzzII1RQhc9oVvzcqybOYBNhpmT 3L6gYgSls8nnfdJ1DfaX1JFBMFzkEWL3XS0ADSJA+/fHxzhX4VFLyqTkpiAAieK4 AtuYBfweHcSOEpHAW2RlDGBETRSoo6nQOy0URXuWtp6r/+raHqAeYoI9DwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAYNweWyoqW9/9+C7tSPiV3zRYluMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JmZmJmN2QzLWYyMjktNDU4YS04NDAwLTdkYzg0ODczMGQyMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8sCAMA0GCSqGSIb3DQEBCwUAA4IBAQACTPn+KrXuYyFBdnXJ nz3t4Px0kZ2b+kk0oSe1BUgD7LMVeMLOfxgJ/TepQZa5bCfPyQMtpoCgUwUSJ6R8 bF0sd+4Eud9U2wCIhyWJ4inhIInVG87mOQyCx+gCP2TRxO/bmwUt7SXHOTxADKlN N1Xjd+6CigveVWFjmPNkblcPpzFR9kEVtrN+mmENgmK4g2DR/+Bh7FPIl6NDgmWw +iYeaoyTi2gWByk6lk9cRtROcUOrC5d51gI/E+NcDjtKt0g0Q6G6+WsnpJDKTaoh Xa5Urviv7PSMbhkqpDr8G7/kNOiEUUymY+BcshRIL1FMyRVMdfvnEseYcVQVedYk AAvd -----END CERTIFICATE-----Generated at Mon Oct 20 10:41:41 2025 by rpki-client