$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c1530899-c9c5-47cf-9c3b-a974e1e0a898.roa File: c1530899-c9c5-47cf-9c3b-a974e1e0a898.roa (raw, json) Hash identifier: fm6sC9UMHWeup5+DPDhgwlHmpNCaSIn9A/xF4rA4W1Y= Subject key identifier: 2E:DF:7E:D4:EF:03:99:D0:C8:9D:09:13:D5:04:BC:F2:A1:70:68:74 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 698B8F41AF23ADC6C301E60192045F5EDE71AE5F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c1530899-c9c5-47cf-9c3b-a974e1e0a898.roa Signing time: Mon 06 Oct 2025 15:11:04 +0000 ROA not before: Mon 06 Oct 2025 15:11:04 +0000 ROA not after: Mon 10 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafd:b080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:8b:8f:41:af:23:ad:c6:c3:01:e6:01:92:04:5f:5e:de:71:ae:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 6 15:11:04 2025 GMT Not After : Nov 10 23:59:59 2025 GMT Subject: serialNumber=ceea102ed74af96a390479b04eaed40ae4e0b1f04491a2c090b430121d43e468, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:81:a8:94:2d:9b:1a:7f:25:97:d0:35:88:3b: 8c:a3:f5:45:28:94:ad:38:68:f9:1b:19:3a:dc:19: eb:7e:09:2a:9f:4d:68:10:f9:6b:8a:c4:5d:1f:a4: c5:b6:1c:9e:20:3e:d1:22:4b:48:d3:c3:08:a3:48: 32:75:42:96:98:57:0d:12:46:c9:2f:4e:e9:a8:84: 84:b8:22:06:09:75:30:24:b4:73:8d:12:47:e8:15: 25:d6:c2:1f:4d:ce:79:19:a5:0f:57:5b:25:f3:8b: ac:bd:57:17:73:a5:85:64:c0:d0:65:b7:d0:d3:6d: 5d:6f:0a:ad:87:a8:59:1f:51:80:63:e3:d6:41:3f: 2f:c0:c2:c2:9a:b7:6e:2c:6e:11:7d:e2:de:a6:f6: ab:0d:ab:82:ea:76:62:f7:1f:92:87:31:ab:86:7b: dd:eb:c9:be:79:4a:b2:dd:1c:d9:7d:34:ba:b0:fc: 06:d3:d1:36:89:6c:b2:40:26:d6:0b:68:07:6a:7a: 1c:f0:93:33:75:51:0f:93:4a:c3:5d:55:e0:78:aa: 29:7e:f1:fe:cc:80:b0:c1:a9:18:c3:e4:67:5a:5b: 3c:3b:17:9c:aa:fa:0c:89:26:aa:51:a8:e5:2b:d7: 9e:87:2b:e0:81:75:fb:c1:db:92:61:a0:70:1b:a2: 6f:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:DF:7E:D4:EF:03:99:D0:C8:9D:09:13:D5:04:BC:F2:A1:70:68:74 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c1530899-c9c5-47cf-9c3b-a974e1e0a898.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafd:b080::/48 Signature Algorithm: sha256WithRSAEncryption 7d:07:f0:0b:f2:e0:06:f0:76:12:ff:56:c0:80:8e:4e:80:d9: 1e:87:9d:4b:ae:b0:5d:91:d2:20:b8:2d:eb:42:93:63:49:e1: a4:05:4b:67:30:ca:7f:90:87:5f:31:ea:13:7d:dd:2c:46:d5: 2b:aa:13:24:f4:33:89:3a:8c:8e:18:0e:50:e8:cf:63:3f:36: 86:8c:31:2c:60:f5:36:d8:a3:24:d2:c5:49:6c:4d:df:60:af: 7d:33:11:40:7f:d4:9f:2c:ab:ae:a6:f2:4c:b9:ec:36:90:ab: 2e:fc:be:78:1a:d6:14:59:d5:a1:33:ce:b6:31:09:e8:44:20: 8d:54:50:45:15:47:d2:04:76:29:e3:21:79:36:bb:db:de:2a: 54:3a:08:9a:9b:6e:b5:81:54:55:2e:21:f2:a1:29:4a:88:a5: a0:32:35:a8:ef:37:d7:19:e8:0d:ff:26:3e:f0:b9:0f:ce:04: 6b:8b:71:95:8f:6c:17:fc:52:02:ba:64:98:3c:50:7c:72:1e: 4b:6b:aa:aa:48:55:50:b3:55:6a:2b:d9:55:f2:05:57:9f:87: c5:2c:ee:3b:a2:37:a1:b3:76:09:75:29:3f:e8:50:31:58:a1: 39:c3:77:09:e8:ad:1b:e1:32:94:85:c2:82:e6:fc:f6:65:ad: d0:71:ac:c4 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUaYuPQa8jrcbDAeYBkgRfXt5xrl8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNjE1MTEwNFoX DTI1MTExMDIzNTk1OVowejFJMEcGA1UEBRNAY2VlYTEwMmVkNzRhZjk2YTM5MDQ3 OWIwNGVhZWQ0MGFlNGUwYjFmMDQ0OTFhMmMwOTBiNDMwMTIxZDQzZTQ2ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2IGolC2bGn8ll9A1iDuMo/VFKJSt OGj5Gxk63Bnrfgkqn01oEPlrisRdH6TFthyeID7RIktI08MIo0gydUKWmFcNEkbJ L07pqISEuCIGCXUwJLRzjRJH6BUl1sIfTc55GaUPV1sl84usvVcXc6WFZMDQZbfQ 021dbwqth6hZH1GAY+PWQT8vwMLCmrduLG4RfeLepvarDauC6nZi9x+ShzGrhnvd 68m+eUqy3RzZfTS6sPwG09E2iWyyQCbWC2gHanoc8JMzdVEPk0rDXVXgeKopfvH+ zICwwakYw+RnWls8OxecqvoMiSaqUajlK9eehyvggXX7wduSYaBwG6JvSwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFC7fftTvA5nQyJ0JE9UEvPKhcGh0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MxNTMwODk5LWM5YzUtNDdjZi05YzNiLWE5NzRlMWUwYTg5OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/bCAMA0GCSqGSIb3DQEBCwUAA4IBAQB9B/AL8uAG8HYS/1bA gI5OgNkeh51LrrBdkdIguC3rQpNjSeGkBUtnMMp/kIdfMeoTfd0sRtUrqhMk9DOJ OoyOGA5Q6M9jPzaGjDEsYPU22KMk0sVJbE3fYK99MxFAf9SfLKuupvJMuew2kKsu /L54GtYUWdWhM862MQnoRCCNVFBFFUfSBHYp4yF5Nrvb3ipUOgiam261gVRVLiHy oSlKiKWgMjWo7zfXGegN/yY+8LkPzgRri3GVj2wX/FICumSYPFB8ch5La6qqSFVQ s1VqK9lV8gVXn4fFLO47ojehs3YJdSk/6FAxWKE5w3cJ6K0b4TKUhcKC5vz2Za3Q cazE -----END CERTIFICATE-----Generated at Mon Oct 20 12:20:29 2025 by rpki-client