$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbe92c8c-5b2e-4de3-8773-eb7468bed9de.roa File: cbe92c8c-5b2e-4de3-8773-eb7468bed9de.roa (raw, json) Hash identifier: e/hUU/GFJSfT7117w7LuJzdJsG8o9Cg6XmlBBz/rrYc= Subject key identifier: A8:19:6B:84:C1:F8:02:2D:38:1F:97:59:38:1A:09:FB:1E:9E:4E:48 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5C2A3066DE70027CF4B5619AB58BDDCE85AE3EDB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbe92c8c-5b2e-4de3-8773-eb7468bed9de.roa Signing time: Mon 06 Oct 2025 15:01:06 +0000 ROA not before: Mon 06 Oct 2025 15:01:06 +0000 ROA not after: Mon 10 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafd:10c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:2a:30:66:de:70:02:7c:f4:b5:61:9a:b5:8b:dd:ce:85:ae:3e:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 6 15:01:06 2025 GMT Not After : Nov 10 23:59:59 2025 GMT Subject: serialNumber=357d95e637b87822e094b9bdbd3a6de96f4ef0cc3e58d41f5c85615af2ac8dd7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:65:cc:11:be:5a:0e:4e:d3:b8:4f:43:1e:fb: af:08:f1:ae:9d:b3:22:07:f1:e9:30:1f:ff:3d:86: a4:a0:f8:22:e7:f8:be:50:4e:ca:57:dc:f4:5e:5f: 1c:d5:83:d4:4f:2e:38:26:4a:e9:df:29:5f:fe:13: 92:09:4b:0e:41:9e:d3:83:77:90:94:68:14:ac:0b: 3a:13:08:1c:5b:2d:1c:b3:47:56:17:15:8f:d2:34: f1:91:58:ac:35:29:e4:d8:22:4e:1a:8f:17:b0:21: ab:97:5a:8c:0e:4a:aa:8f:5c:b1:99:dc:8a:f3:3c: 62:05:a2:9f:8b:61:50:ab:bd:cf:8b:00:c0:85:e1: ba:7b:18:88:6a:29:17:ad:f6:ba:3d:37:3a:1a:f0: d3:47:2b:25:e9:7b:ad:c3:4e:04:f9:b5:d2:62:32: 40:28:94:81:74:9b:9c:25:31:bb:3c:88:39:02:7b: f1:06:a9:9c:fc:e9:b3:76:89:67:ca:d1:39:2e:6a: ba:c1:2a:12:8a:7a:39:b3:fb:63:18:89:33:c5:d8: 60:73:89:4f:44:aa:d5:8e:0d:fd:67:a6:f9:3c:4e: 31:0d:67:42:a5:21:3c:fd:38:40:3c:ab:98:92:89: 2f:6d:da:81:bd:3c:28:5c:5a:3d:5b:d0:a4:23:c9: 63:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:19:6B:84:C1:F8:02:2D:38:1F:97:59:38:1A:09:FB:1E:9E:4E:48 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbe92c8c-5b2e-4de3-8773-eb7468bed9de.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafd:10c0::/48 Signature Algorithm: sha256WithRSAEncryption 4d:f7:09:2f:85:35:ea:1a:c7:f8:2a:f8:ee:6a:ac:3b:c5:26: e3:6d:13:27:c0:93:12:7e:24:70:fa:90:5b:94:ec:83:0b:b1: e5:59:7f:48:f1:31:2b:38:02:49:d4:7b:82:39:53:5d:3f:82: b1:af:7c:43:f0:41:a2:81:ea:6a:44:03:6a:7c:a1:1a:e2:b5: 62:94:fc:e5:c9:a6:ef:78:95:4c:eb:cb:3a:12:1c:ee:b0:9e: e3:ba:2d:3d:ff:f4:b6:78:69:68:1c:67:ce:c8:0f:c5:d9:6d: de:6e:17:6c:6b:34:03:c1:41:76:a7:08:55:76:69:44:ff:b0: a1:c8:ab:c6:f1:9f:27:50:3a:e0:a1:55:36:09:58:40:ea:79: 74:b9:20:65:bd:2d:9e:cc:42:29:fe:6d:fe:42:ea:a9:a9:2f: 60:40:ab:7d:89:df:d6:63:2f:c0:e4:ea:c1:c7:38:72:76:ba: 10:5b:64:58:be:c2:62:7d:9f:8a:55:8e:7b:95:a0:a8:3d:89: d8:70:1d:8f:c8:08:9a:c5:ea:42:5d:1d:92:da:a4:1f:ca:3c: 67:bf:dd:a9:dd:be:62:df:44:e2:cf:aa:2c:4d:2d:e2:e2:4e: 95:8b:9b:d0:1b:62:c1:30:3d:cd:9d:6e:e8:cf:ac:a4:9c:cf: 93:5c:92:46 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUXCowZt5wAnz0tWGatYvdzoWuPtswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNjE1MDEwNloX DTI1MTExMDIzNTk1OVowejFJMEcGA1UEBRNAMzU3ZDk1ZTYzN2I4NzgyMmUwOTRi OWJkYmQzYTZkZTk2ZjRlZjBjYzNlNThkNDFmNWM4NTYxNWFmMmFjOGRkNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA52XMEb5aDk7TuE9DHvuvCPGunbMi B/HpMB//PYakoPgi5/i+UE7KV9z0Xl8c1YPUTy44Jkrp3ylf/hOSCUsOQZ7Tg3eQ lGgUrAs6EwgcWy0cs0dWFxWP0jTxkVisNSnk2CJOGo8XsCGrl1qMDkqqj1yxmdyK 8zxiBaKfi2FQq73PiwDAheG6exiIaikXrfa6PTc6GvDTRysl6Xutw04E+bXSYjJA KJSBdJucJTG7PIg5AnvxBqmc/OmzdolnytE5Lmq6wSoSino5s/tjGIkzxdhgc4lP RKrVjg39Z6b5PE4xDWdCpSE8/ThAPKuYkokvbdqBvTwoXFo9W9CkI8lj6QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKgZa4TB+AItOB+XWTgaCfsenk5IMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NiZTkyYzhjLTViMmUtNGRlMy04NzczLWViNzQ2OGJlZDlkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/RDAMA0GCSqGSIb3DQEBCwUAA4IBAQBN9wkvhTXqGsf4Kvju aqw7xSbjbRMnwJMSfiRw+pBblOyDC7HlWX9I8TErOAJJ1HuCOVNdP4Kxr3xD8EGi gepqRANqfKEa4rVilPzlyabveJVM68s6EhzusJ7jui09//S2eGloHGfOyA/F2W3e bhdsazQDwUF2pwhVdmlE/7ChyKvG8Z8nUDrgoVU2CVhA6nl0uSBlvS2ezEIp/m3+ QuqpqS9gQKt9id/WYy/A5OrBxzhydroQW2RYvsJifZ+KVY57laCoPYnYcB2PyAia xepCXR2S2qQfyjxnv92p3b5i30Tiz6osTS3i4k6Vi5vQG2LBMD3NnW7oz6yknM+T XJJG -----END CERTIFICATE-----Generated at Mon Oct 20 10:01:20 2025 by rpki-client