$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa File: c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa (raw, json) Hash identifier: yo1yFWEmMg5wGJ/KttLv/Qgy15TP0/EpCjaDgY7fEGc= Subject key identifier: E0:1D:A7:5C:00:12:B5:2F:DB:A5:8A:FC:FB:1B:70:C9:F0:B1:1D:1A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 08F370F6D215EFEF2EA51D96E445CC9617D66BA4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa Signing time: Sat 11 Oct 2025 00:10:33 +0000 ROA not before: Sat 11 Oct 2025 00:10:33 +0000 ROA not after: Sat 15 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:a040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:f3:70:f6:d2:15:ef:ef:2e:a5:1d:96:e4:45:cc:96:17:d6:6b:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 11 00:10:33 2025 GMT Not After : Nov 15 23:59:59 2025 GMT Subject: serialNumber=86014317ffdce34cbc9d430cf89a167289126141c21a13045bec04143ab7901a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:26:c4:b6:c8:dd:9d:94:ea:5e:81:bb:a9:d6: 00:4d:3d:10:48:1d:42:11:61:61:83:6a:e0:3a:cb: d2:01:63:c9:90:93:f5:23:f1:c6:11:89:70:d0:34: 14:50:87:5a:bb:7a:66:60:73:99:fd:0e:55:33:8a: cb:b2:01:66:aa:da:09:7a:e9:c4:44:d9:b8:8d:cf: ba:ad:b8:ae:04:11:6c:65:7a:23:ca:95:d8:55:3f: 32:99:62:70:16:a4:b9:da:a2:b9:0b:d5:ba:67:76: 29:ed:42:4a:8b:27:68:34:a0:2d:e4:cb:77:d5:ca: 76:20:21:14:e9:49:c5:31:44:d5:e3:69:9d:c7:4f: 5d:64:51:c9:0e:fc:95:6d:35:a1:7c:18:0c:04:2f: 17:00:76:d4:84:dc:85:ea:2d:2b:cf:a6:1e:91:a7: ac:f9:e0:ae:9e:36:aa:e3:e8:8c:b4:96:db:16:c6: 5f:d9:49:d9:1d:5b:c3:2a:0d:37:29:18:c9:12:45: b9:ea:4e:fa:ea:78:01:89:6d:51:4b:81:58:f7:b9: 7b:e5:b8:dd:4e:7a:29:d6:aa:ca:28:37:ab:12:5e: 8d:3a:81:a7:58:e7:9e:78:81:b2:0f:0a:3e:bb:80: 08:b8:f9:c4:63:e7:9d:99:56:cb:00:f9:12:31:41: 3a:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:1D:A7:5C:00:12:B5:2F:DB:A5:8A:FC:FB:1B:70:C9:F0:B1:1D:1A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:a040::/48 Signature Algorithm: sha256WithRSAEncryption 10:5b:dc:67:db:95:37:1e:cf:62:fc:9b:d2:cf:7a:d4:41:96: 37:e2:4d:c1:d6:37:73:76:cc:f2:f7:70:ae:e3:ee:05:89:e8: 01:c6:15:81:2a:65:ff:ab:19:1d:e4:4b:96:94:6e:90:5e:6d: 6a:97:d8:ed:f8:9f:50:7b:56:11:b0:57:44:7f:c8:99:9c:cb: 38:e9:9d:86:11:62:8b:0f:4a:78:06:c7:1b:fa:79:63:42:e9: af:9f:02:69:42:5f:70:9a:80:e7:73:2d:cc:78:8d:dd:10:d6: de:7e:d5:fa:6c:ad:9a:cb:e7:eb:5a:1d:fa:78:2b:07:5f:36: 6a:4e:b1:f9:64:7c:e8:81:0c:1b:5e:d3:bd:ea:bd:25:e9:01: 0c:27:32:3d:f9:a8:10:d6:54:c8:d0:2f:6a:10:15:ce:69:d7: 3f:23:74:6a:47:27:93:67:79:6b:c7:ff:da:07:bf:28:5a:ac: a1:4e:a9:df:8e:b5:64:42:c7:3d:6c:e2:db:89:ce:1f:60:0b: 11:b6:c0:67:5d:88:3e:4b:d8:6a:5b:6e:d9:9f:98:e6:84:07: 4c:e1:e8:28:d6:89:25:c6:1f:b1:f4:a5:e9:62:3a:8b:6e:b7: d4:4e:3b:41:ec:5e:18:97:e6:d3:63:d1:e8:84:a8:35:34:21: 72:1b:e8:2c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUCPNw9tIV7+8upR2W5EXMlhfWa6QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMTAwMTAzM1oX DTI1MTExNTIzNTk1OVowejFJMEcGA1UEBRNAODYwMTQzMTdmZmRjZTM0Y2JjOWQ0 MzBjZjg5YTE2NzI4OTEyNjE0MWMyMWExMzA0NWJlYzA0MTQzYWI3OTAxYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArybEtsjdnZTqXoG7qdYATT0QSB1C EWFhg2rgOsvSAWPJkJP1I/HGEYlw0DQUUIdau3pmYHOZ/Q5VM4rLsgFmqtoJeunE RNm4jc+6rbiuBBFsZXojypXYVT8ymWJwFqS52qK5C9W6Z3Yp7UJKiydoNKAt5Mt3 1cp2ICEU6UnFMUTV42mdx09dZFHJDvyVbTWhfBgMBC8XAHbUhNyF6i0rz6Yekaes +eCunjaq4+iMtJbbFsZf2UnZHVvDKg03KRjJEkW56k766ngBiW1RS4FY97l75bjd Tnop1qrKKDerEl6NOoGnWOeeeIGyDwo+u4AIuPnEY+edmVbLAPkSMUE6uQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOAdp1wAErUv26WK/PsbcMnwsR0aMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M3YTFhM2ViLTQ2ZmItNDM0OS1iZWI0LWRiYWRlZjkwN2UyYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAKBAMA0GCSqGSIb3DQEBCwUAA4IBAQAQW9xn25U3Hs9i/JvS z3rUQZY34k3B1jdzdszy93Cu4+4FiegBxhWBKmX/qxkd5EuWlG6QXm1ql9jt+J9Q e1YRsFdEf8iZnMs46Z2GEWKLD0p4Bscb+nljQumvnwJpQl9wmoDncy3MeI3dENbe ftX6bK2ay+frWh36eCsHXzZqTrH5ZHzogQwbXtO96r0l6QEMJzI9+agQ1lTI0C9q EBXOadc/I3RqRyeTZ3lrx//aB78oWqyhTqnfjrVkQsc9bOLbic4fYAsRtsBnXYg+ S9hqW27Zn5jmhAdM4ego1oklxh+x9KXpYjqLbrfUTjtB7F4Yl+bTY9HohKg1NCFy G+gs -----END CERTIFICATE-----Generated at Mon Oct 20 07:19:05 2025 by rpki-client