$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c3fc267f-2e5e-4424-a92f-f9d2ef6bbb7d.roa File: c3fc267f-2e5e-4424-a92f-f9d2ef6bbb7d.roa (raw, json) Hash identifier: gW7S04C0qBmNftKVN0eecICI15ocqiQ4BIu8CoJbUFg= Subject key identifier: 17:09:06:97:00:5E:95:80:D5:58:06:BE:73:08:F0:06:5D:9E:0D:58 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5CBDEEE8491FD8F595210658DD189F3A43725109 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c3fc267f-2e5e-4424-a92f-f9d2ef6bbb7d.roa Signing time: Sun 19 Oct 2025 00:00:06 +0000 ROA not before: Sun 19 Oct 2025 00:00:06 +0000 ROA not after: Sun 23 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daed:4800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:bd:ee:e8:49:1f:d8:f5:95:21:06:58:dd:18:9f:3a:43:72:51:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 19 00:00:06 2025 GMT Not After : Nov 23 23:59:59 2025 GMT Subject: serialNumber=104c98cf5f5cbc1073b1da957081cf54e5206e19be86a4223c20813bcf22465e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:5a:a6:4f:35:71:a3:ee:54:37:f4:01:b6:53: 0e:70:77:09:27:73:c7:b5:44:15:d8:88:34:23:a0: d3:d6:33:8d:f8:c5:11:c3:e0:f2:e0:3d:ce:e3:32: 76:de:fd:c3:de:be:57:54:ad:7e:7c:9d:df:45:4e: 5b:bb:60:d1:ca:a0:a6:41:c0:68:06:19:c6:5c:54: 64:38:a9:5d:43:55:e6:02:fc:4d:62:c4:21:bc:4f: ff:53:91:55:b4:aa:d9:61:60:ca:39:2c:24:16:55: b4:a5:db:9c:5d:8f:45:af:84:b8:fa:3a:16:41:0a: 57:5d:25:ed:3c:91:13:d2:5c:8b:b4:2b:1f:91:2b: b6:6c:22:59:3f:a3:f6:af:b9:f9:88:64:3b:30:48: ef:f2:e7:1b:65:62:d5:81:fb:66:5c:f6:1a:07:71: 6b:b2:e1:c5:9c:81:82:70:a1:fb:45:b2:8e:8e:92: e4:62:e9:e7:8d:0c:36:60:cb:04:bd:f5:8a:65:2c: f2:8d:d9:6b:43:41:47:3c:ff:23:81:d0:4e:bd:8e: f5:83:86:61:5a:68:b0:33:6e:b5:67:06:96:b1:0f: 22:fc:c9:64:e5:a1:4a:60:8b:2c:78:7e:74:48:3d: 9f:23:72:e4:3e:df:25:73:8d:84:33:30:c5:9e:b6: c1:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:09:06:97:00:5E:95:80:D5:58:06:BE:73:08:F0:06:5D:9E:0D:58 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c3fc267f-2e5e-4424-a92f-f9d2ef6bbb7d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daed:4800::/40 Signature Algorithm: sha256WithRSAEncryption 6f:62:fe:17:5e:68:4b:bb:14:dc:b3:c7:11:a9:b6:34:af:73: d7:1e:a8:fe:69:fd:08:cf:8d:6e:16:3b:6f:ea:1c:5b:75:29: e9:24:e2:7c:fb:80:5c:ed:32:65:15:08:d8:18:04:2f:49:c7: 57:1d:30:ee:5b:00:36:0a:1e:16:dc:a6:f3:8f:df:f2:f8:8e: 77:21:33:72:fe:a1:12:1c:fc:83:0a:00:7c:01:92:b5:e4:b6: da:4f:fa:cd:8d:d7:34:7e:79:bc:74:32:df:0c:3e:04:51:e3: 75:f8:1b:ce:36:c0:1a:0a:00:3f:aa:44:01:3c:4b:36:10:fd: 24:af:d5:69:d2:1d:50:9f:40:54:93:91:8b:34:97:d7:58:99: fa:82:30:33:84:f9:43:70:64:d4:6b:2c:45:ab:06:4c:c8:c1: d7:dd:0b:a4:9e:e5:a4:0d:ce:08:cc:5e:dd:e4:c2:4e:53:96: d9:98:05:0b:11:82:b2:55:89:db:fd:61:fc:58:4a:9c:51:c0: 09:a7:d5:63:2c:1a:23:18:f9:34:21:9f:d3:7d:83:fa:77:b7: be:48:58:b3:4d:b4:bc:e2:d8:09:8e:63:96:e2:61:ea:86:4a: aa:1f:3f:a4:16:6f:7f:83:e9:a7:8a:75:73:39:b4:6f:a6:5e: f2:bc:9e:fe -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXL3u6Ekf2PWVIQZY3RifOkNyUQkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxOTAwMDAwNloX DTI1MTEyMzIzNTk1OVowejFJMEcGA1UEBRNAMTA0Yzk4Y2Y1ZjVjYmMxMDczYjFk YTk1NzA4MWNmNTRlNTIwNmUxOWJlODZhNDIyM2MyMDgxM2JjZjIyNDY1ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlqmTzVxo+5UN/QBtlMOcHcJJ3PH tUQV2Ig0I6DT1jON+MURw+Dy4D3O4zJ23v3D3r5XVK1+fJ3fRU5bu2DRyqCmQcBo BhnGXFRkOKldQ1XmAvxNYsQhvE//U5FVtKrZYWDKOSwkFlW0pducXY9Fr4S4+joW QQpXXSXtPJET0lyLtCsfkSu2bCJZP6P2r7n5iGQ7MEjv8ucbZWLVgftmXPYaB3Fr suHFnIGCcKH7RbKOjpLkYunnjQw2YMsEvfWKZSzyjdlrQ0FHPP8jgdBOvY71g4Zh WmiwM261ZwaWsQ8i/Mlk5aFKYIsseH50SD2fI3LkPt8lc42EMzDFnrbBFQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBcJBpcAXpWA1VgGvnMI8AZdng1YMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MzZmMyNjdmLTJlNWUtNDQyNC1hOTJmLWY5ZDJlZjZiYmI3ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7UgwDQYJKoZIhvcNAQELBQADggEBAG9i/hdeaEu7FNyzxxGp tjSvc9ceqP5p/QjPjW4WO2/qHFt1Kekk4nz7gFztMmUVCNgYBC9Jx1cdMO5bADYK HhbcpvOP3/L4jnchM3L+oRIc/IMKAHwBkrXkttpP+s2N1zR+ebx0Mt8MPgRR43X4 G842wBoKAD+qRAE8SzYQ/SSv1WnSHVCfQFSTkYs0l9dYmfqCMDOE+UNwZNRrLEWr BkzIwdfdC6Se5aQNzgjMXt3kwk5TltmYBQsRgrJVidv9YfxYSpxRwAmn1WMsGiMY +TQhn9N9g/p3t75IWLNNtLzi2AmOY5biYeqGSqofP6QWb3+D6aeKdXM5tG+mXvK8 nv4= -----END CERTIFICATE-----Generated at Mon Oct 20 09:49:42 2025 by rpki-client