$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ce6343d9-4647-4201-b1a6-8ca7ee4cc6b4.roa File: ce6343d9-4647-4201-b1a6-8ca7ee4cc6b4.roa (raw, json) Hash identifier: WZlexC57ZP7GKebvstgClhj9rVEKNEu+fpa1ehtJTss= Subject key identifier: 2F:76:DE:BD:8E:AC:4C:9F:A5:83:55:0E:A8:B9:A7:18:A4:52:8D:CD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 42AB52899D3D8D5D1FD3CCADD9F0C173ECD2F8C6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ce6343d9-4647-4201-b1a6-8ca7ee4cc6b4.roa Signing time: Fri 10 Oct 2025 00:00:52 +0000 ROA not before: Fri 10 Oct 2025 00:00:52 +0000 ROA not after: Fri 14 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:f000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:ab:52:89:9d:3d:8d:5d:1f:d3:cc:ad:d9:f0:c1:73:ec:d2:f8:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 10 00:00:52 2025 GMT Not After : Nov 14 23:59:59 2025 GMT Subject: serialNumber=82f7fd34c79278f9c6171f0616e0e513b3650ab8dbd49749d9eb8437e920750e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:ec:ed:40:bd:21:ec:07:c2:72:80:f2:9b:fd: b6:49:7f:91:87:5a:14:4c:2e:0f:e7:a0:8d:d5:2a: ed:06:91:8b:cd:28:1b:0c:ea:e3:25:2b:5e:c3:d2: 72:6e:1c:c2:6e:09:d2:f7:7b:8c:12:48:66:ea:e3: 3a:3c:9d:15:bc:90:92:84:24:d1:29:7e:00:d6:5c: b1:1a:69:b4:8c:9f:47:36:45:7d:08:5e:69:fb:ca: b0:c3:ad:93:08:f3:15:29:58:44:22:c5:75:db:d3: f5:e3:a4:0d:a6:83:9c:a9:d8:69:1f:a4:5a:36:a8: 52:e5:69:7e:71:9e:7e:50:10:dd:93:3c:8b:74:3c: 35:d5:58:4d:d0:f6:32:30:75:f2:aa:cf:45:fa:b9: 60:e8:23:c0:66:c4:6f:a1:7b:b5:75:1a:d4:5a:b7: 92:c0:04:73:8f:d8:4b:10:25:6e:d9:ec:71:b7:39: e3:c7:77:4e:af:12:fb:14:b3:37:a0:cd:28:7e:ae: 7a:67:15:b3:57:13:68:80:f3:95:26:ca:51:21:17: a1:d2:b3:f5:f7:46:d6:49:0a:95:5e:97:ad:1d:c9: 6e:d1:1f:43:b9:a3:37:46:42:eb:5f:3f:54:68:62: 8c:89:7e:72:8f:bf:df:98:81:5a:b8:69:4f:c5:cf: 6c:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:76:DE:BD:8E:AC:4C:9F:A5:83:55:0E:A8:B9:A7:18:A4:52:8D:CD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ce6343d9-4647-4201-b1a6-8ca7ee4cc6b4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:f000::/48 Signature Algorithm: sha256WithRSAEncryption a5:50:26:99:34:66:17:34:2d:34:8a:a6:db:d4:a8:73:f7:19: 04:00:5c:24:9b:f4:82:d4:ac:1b:38:67:5c:ce:66:aa:d1:c7: e3:a3:70:db:d5:48:e0:a9:8d:a4:04:49:81:56:16:31:73:51: 14:ae:44:12:fe:91:7c:4a:41:c9:41:38:59:50:2c:5b:4f:51: af:54:b4:60:20:f0:7f:32:db:71:93:ea:2b:d6:12:05:ac:ab: 68:f8:44:10:44:b4:04:53:b9:0d:52:5d:11:29:33:04:cd:a9: 46:27:7a:99:33:62:65:66:61:ae:63:68:2e:49:f3:78:7f:fc: 2a:ad:33:c6:37:c1:b6:f4:18:43:e8:5e:25:e1:e8:1b:b6:c7: 16:dd:4f:a5:14:23:6e:b3:9a:c7:ad:26:30:b4:84:ae:a2:0c: e9:60:e9:04:a2:64:97:58:d9:b5:21:29:b3:7a:bc:4c:19:dc: d2:7f:fb:00:4e:8f:60:88:f7:62:4a:6d:fe:8b:c7:7c:50:ef: 3c:96:57:d7:95:02:5c:3e:4a:ab:e4:5e:a1:7c:a9:df:b0:7f: d6:1f:37:27:67:23:f6:72:53:b4:9b:b4:b7:90:9b:7b:a9:ad: 92:ce:ab:b7:c4:d9:df:0a:09:95:e4:11:aa:69:09:c5:3e:b9: 24:43:d0:04 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUQqtSiZ09jV0f08yt2fDBc+zS+MYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMDAwMDA1MloX DTI1MTExNDIzNTk1OVowejFJMEcGA1UEBRNAODJmN2ZkMzRjNzkyNzhmOWM2MTcx ZjA2MTZlMGU1MTNiMzY1MGFiOGRiZDQ5NzQ5ZDllYjg0MzdlOTIwNzUwZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0uztQL0h7AfCcoDym/22SX+Rh1oU TC4P56CN1SrtBpGLzSgbDOrjJStew9JybhzCbgnS93uMEkhm6uM6PJ0VvJCShCTR KX4A1lyxGmm0jJ9HNkV9CF5p+8qww62TCPMVKVhEIsV129P146QNpoOcqdhpH6Ra NqhS5Wl+cZ5+UBDdkzyLdDw11VhN0PYyMHXyqs9F+rlg6CPAZsRvoXu1dRrUWreS wARzj9hLECVu2exxtznjx3dOrxL7FLM3oM0ofq56ZxWzVxNogPOVJspRIReh0rP1 90bWSQqVXpetHclu0R9DuaM3RkLrXz9UaGKMiX5yj7/fmIFauGlPxc9spwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFC923r2OrEyfpYNVDqi5pxikUo3NMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NlNjM0M2Q5LTQ2NDctNDIwMS1iMWE2LThjYTdlZTRjYzZiNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9vAAMA0GCSqGSIb3DQEBCwUAA4IBAQClUCaZNGYXNC00iqbb 1Khz9xkEAFwkm/SC1KwbOGdczmaq0cfjo3Db1UjgqY2kBEmBVhYxc1EUrkQS/pF8 SkHJQThZUCxbT1GvVLRgIPB/Mttxk+or1hIFrKto+EQQRLQEU7kNUl0RKTMEzalG J3qZM2JlZmGuY2guSfN4f/wqrTPGN8G29BhD6F4l4egbtscW3U+lFCNus5rHrSYw tISuogzpYOkEomSXWNm1ISmzerxMGdzSf/sATo9giPdiSm3+i8d8UO88llfXlQJc Pkqr5F6hfKnfsH/WHzcnZyP2clO0m7S3kJt7qa2Szqu3xNnfCgmV5BGqaQnFPrkk Q9AE -----END CERTIFICATE-----Generated at Mon Oct 20 20:16:49 2025 by rpki-client