$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c5a1a1a0-4f4f-473d-bfac-fd46ff826004.roa File: c5a1a1a0-4f4f-473d-bfac-fd46ff826004.roa (raw, json) Hash identifier: ihT9rsejWrToPGO99KoEiXCEqn52cOOEjNyyAJdyQ4M= Subject key identifier: 34:2B:73:15:1E:33:56:9A:52:7F:63:1C:E3:91:31:F6:DE:D4:AE:61 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 283E3D004709732EA639F1449464ACFB29A574E1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c5a1a1a0-4f4f-473d-bfac-fd46ff826004.roa Signing time: Wed 15 Oct 2025 00:40:37 +0000 ROA not before: Wed 15 Oct 2025 00:40:37 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da12:8400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:3e:3d:00:47:09:73:2e:a6:39:f1:44:94:64:ac:fb:29:a5:74:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:40:37 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=551b4861c829b7031368307aa63eb57bcfcf4d097d9081fb8c14019faf3185dd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:8b:c4:e5:e3:e4:0b:35:2f:8d:45:3b:93:a4: e6:8b:cf:c7:91:91:3f:9e:7a:88:83:d4:a3:0e:59: ad:b3:04:9d:2a:f8:0b:33:8b:6c:fd:61:2e:f3:00: 89:a0:38:e8:90:61:df:af:50:1f:7f:4a:7c:4a:04: 7a:d2:60:9a:81:b2:43:8b:55:bf:a8:3d:9b:27:08: fb:7e:4e:96:a5:3f:40:32:cf:5b:c8:42:68:a9:5b: b4:58:92:e2:cf:5c:cd:87:b2:01:99:d8:a9:5f:a0: 24:f8:ba:1f:db:cb:27:90:93:bb:de:4e:f5:be:36: ba:48:24:e6:ff:ca:4c:8d:9a:d6:1c:49:61:48:b4: bc:4f:26:a4:9f:f9:73:75:ba:0b:d3:e4:3d:0c:62: aa:da:3a:ba:91:99:be:69:0e:7d:a6:d9:5e:b4:56: df:e1:de:1d:f3:ca:90:d1:79:9e:2f:d3:6f:be:68: ad:cd:cb:42:78:a1:c5:1c:2e:fc:54:0f:b7:bb:fd: ef:47:35:70:67:95:26:e6:09:92:3d:4a:ba:4f:22: 45:58:d6:ed:a7:a4:48:e9:24:f3:7d:59:3c:8a:b1: fe:3f:c6:c6:75:4b:81:f5:0f:ea:36:cd:7c:7f:04: 3e:4f:0a:ea:df:28:44:61:cc:18:a4:ac:b3:74:75: 24:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:2B:73:15:1E:33:56:9A:52:7F:63:1C:E3:91:31:F6:DE:D4:AE:61 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c5a1a1a0-4f4f-473d-bfac-fd46ff826004.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da12:8400::/38 Signature Algorithm: sha256WithRSAEncryption c6:83:ff:d6:de:8c:a4:0e:82:de:e1:9c:a5:ed:be:a2:f9:c5: 96:ed:6c:41:67:e2:65:a2:38:71:75:82:b6:5c:c4:db:da:55: 2f:e9:08:95:c3:17:e8:b9:6f:bd:a8:c3:bb:3b:b5:a4:c1:7e: 20:2e:c0:20:75:54:c3:7d:cd:e3:a5:f9:8c:40:02:df:1b:15: 0b:60:f9:06:8b:b1:fd:7d:72:bb:15:9a:8c:12:ba:03:c5:32: 91:50:0c:63:f3:5b:34:0f:92:71:45:15:66:3a:fd:9e:cd:68: b1:00:cd:f4:d7:53:0e:a3:4e:99:30:0a:73:2f:70:9f:2e:67: ef:42:58:f4:ae:46:7d:2e:34:d2:b3:37:2a:42:41:e7:47:01: c3:9f:ba:80:59:be:2f:ba:72:3c:69:1e:ad:a2:35:0a:75:17: f9:a8:fe:b9:bf:5d:c2:83:90:9a:4b:25:76:dc:0a:83:77:37: 6b:e2:fe:37:eb:d7:1c:1a:bb:32:3c:6c:2f:a7:0d:95:dd:9e: 8f:53:91:a2:1d:82:e7:83:50:ee:e4:50:db:04:a7:24:9a:d5: 99:24:64:33:88:e5:86:86:63:01:75:92:0a:1a:86:0f:50:76: b7:c6:74:d6:3a:c0:8a:88:a1:7e:97:54:c2:95:bf:74:ae:bd: 9f:7f:49:92 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKD49AEcJcy6mOfFElGSs+ymldOEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwNDAzN1oX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNANTUxYjQ4NjFjODI5YjcwMzEzNjgz MDdhYTYzZWI1N2JjZmNmNGQwOTdkOTA4MWZiOGMxNDAxOWZhZjMxODVkZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ovE5ePkCzUvjUU7k6Tmi8/HkZE/ nnqIg9SjDlmtswSdKvgLM4ts/WEu8wCJoDjokGHfr1Aff0p8SgR60mCagbJDi1W/ qD2bJwj7fk6WpT9AMs9byEJoqVu0WJLiz1zNh7IBmdipX6Ak+Lof28snkJO73k71 vja6SCTm/8pMjZrWHElhSLS8Tyakn/lzdboL0+Q9DGKq2jq6kZm+aQ59ptletFbf 4d4d88qQ0XmeL9NvvmitzctCeKHFHC78VA+3u/3vRzVwZ5Um5gmSPUq6TyJFWNbt p6RI6STzfVk8irH+P8bGdUuB9Q/qNs18fwQ+Twrq3yhEYcwYpKyzdHUkYQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDQrcxUeM1aaUn9jHOORMfbe1K5hMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M1YTFhMWEwLTRmNGYtNDczZC1iZmFjLWZkNDZmZjgyNjAwNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaEoQwDQYJKoZIhvcNAQELBQADggEBAMaD/9bejKQOgt7hnKXt vqL5xZbtbEFn4mWiOHF1grZcxNvaVS/pCJXDF+i5b72ow7s7taTBfiAuwCB1VMN9 zeOl+YxAAt8bFQtg+QaLsf19crsVmowSugPFMpFQDGPzWzQPknFFFWY6/Z7NaLEA zfTXUw6jTpkwCnMvcJ8uZ+9CWPSuRn0uNNKzNypCQedHAcOfuoBZvi+6cjxpHq2i NQp1F/mo/rm/XcKDkJpLJXbcCoN3N2vi/jfr1xwauzI8bC+nDZXdno9TkaIdgueD UO7kUNsEpySa1ZkkZDOI5YaGYwF1kgoahg9QdrfGdNY6wIqIoX6XVMKVv3SuvZ9/ SZI= -----END CERTIFICATE-----Generated at Mon Oct 20 09:49:45 2025 by rpki-client