$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf6f6e75-6bab-4bc1-8822-1b7ec1fc148d.roa File: cf6f6e75-6bab-4bc1-8822-1b7ec1fc148d.roa (raw, json) Hash identifier: IouXB71jmE4vjNVVB24NTI75gL1oaKnyPeqcTrpGhtY= Subject key identifier: 48:F0:D5:AA:60:21:E5:20:B1:CA:83:63:39:1A:BC:10:DE:F7:9D:2A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 74B55351FA30A801CAFBE56793B273099EA4C674 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf6f6e75-6bab-4bc1-8822-1b7ec1fc148d.roa Signing time: Sat 11 Oct 2025 00:00:33 +0000 ROA not before: Sat 11 Oct 2025 00:00:33 +0000 ROA not after: Sat 15 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:60c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:b5:53:51:fa:30:a8:01:ca:fb:e5:67:93:b2:73:09:9e:a4:c6:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 11 00:00:33 2025 GMT Not After : Nov 15 23:59:59 2025 GMT Subject: serialNumber=b33d32a53b43e2d97012cc4afb1b7c7f8296337b7e484ad3deca08c8ef4f034a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:95:73:2c:3c:df:f6:a3:39:96:02:1f:85:e1: 9e:4a:a8:25:40:cf:85:aa:a8:d5:82:5c:ad:7f:d4: 77:e5:9b:af:36:f2:f7:7b:48:89:7c:b1:37:66:03: 29:64:d6:ba:d3:4e:d2:5a:9a:62:f0:62:3d:c3:1b: d3:2f:10:c8:ce:cb:97:49:58:0c:d4:3c:41:3e:fd: 93:ec:d1:fd:0c:2f:0e:b0:d3:0d:9a:33:18:35:a2: d8:20:76:f6:42:62:0a:b8:b0:90:d3:fc:3f:5b:bb: 32:fe:b9:c3:71:6c:5b:cf:f2:5b:2f:67:5b:f3:9d: 48:d8:01:18:81:6d:17:35:f0:52:6a:9f:64:b3:d4: 00:3d:f0:0b:65:64:c1:c3:c1:a4:c2:9a:f5:a2:f8: 77:6d:9d:e2:d6:07:41:b9:29:6c:21:c1:60:0b:8e: ca:fb:23:fa:3e:00:b8:7f:a8:d9:c5:f2:c4:e4:12: eb:44:a8:a3:1f:09:8c:d2:12:f6:35:d5:ba:41:fc: 09:ed:28:50:56:b7:44:fd:16:cb:8b:0f:14:25:30: 50:39:fc:b7:5b:a9:f1:84:5a:ec:fd:a2:9a:bd:65: ad:cd:b0:92:cd:b2:e4:f8:ae:a6:6c:49:e2:f6:fc: fa:7e:77:27:91:db:d7:c2:34:e1:59:39:44:89:04: 07:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:F0:D5:AA:60:21:E5:20:B1:CA:83:63:39:1A:BC:10:DE:F7:9D:2A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf6f6e75-6bab-4bc1-8822-1b7ec1fc148d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:60c0::/48 Signature Algorithm: sha256WithRSAEncryption 5c:07:49:69:6c:50:f7:38:0d:d7:04:c1:6d:bf:90:37:c7:ed: 0b:22:54:d1:08:aa:d2:17:cb:5d:45:51:de:74:e8:dc:ad:ff: 90:00:72:d6:a2:cc:30:fc:76:d6:d8:f7:4c:f9:9e:d4:0b:6e: de:80:34:6e:ee:c7:18:c0:4b:60:b1:0c:a2:20:97:c6:e1:e2: b7:2c:df:14:c1:30:a3:67:a2:38:aa:78:2a:4b:12:e5:20:ba: c9:97:a2:c9:fe:57:8b:83:52:a3:d9:32:51:85:db:04:37:41: c7:f4:b5:e3:3a:49:3a:65:ed:cb:f1:1f:e6:fb:ef:29:00:b6: fa:e7:97:fd:7e:c1:58:a9:c3:9f:37:60:6e:cc:5e:7d:b7:5b: 2c:a5:5f:a9:62:48:46:af:cb:a3:25:1b:2a:07:5f:a8:9f:0a: 0e:0c:bf:89:78:21:e8:d9:49:85:bf:4b:4c:61:e6:a7:34:ba: c8:1a:63:c3:a1:63:53:a6:3e:7a:99:d1:d9:2d:26:4b:e4:60: 12:7d:07:44:83:3d:ad:d7:98:0b:19:41:9f:94:8a:31:e1:45: 8c:e7:1f:4f:4f:ea:c9:81:6d:97:95:f1:c2:a7:ac:71:d3:d2: ed:cf:96:10:e8:ca:5f:7a:ac:88:be:44:e1:03:86:c0:10:1f: 5e:20:fd:f0 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUdLVTUfowqAHK++Vnk7JzCZ6kxnQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMTAwMDAzM1oX DTI1MTExNTIzNTk1OVowejFJMEcGA1UEBRNAYjMzZDMyYTUzYjQzZTJkOTcwMTJj YzRhZmIxYjdjN2Y4Mjk2MzM3YjdlNDg0YWQzZGVjYTA4YzhlZjRmMDM0YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZVzLDzf9qM5lgIfheGeSqglQM+F qqjVglytf9R35ZuvNvL3e0iJfLE3ZgMpZNa6007SWppi8GI9wxvTLxDIzsuXSVgM 1DxBPv2T7NH9DC8OsNMNmjMYNaLYIHb2QmIKuLCQ0/w/W7sy/rnDcWxbz/JbL2db 851I2AEYgW0XNfBSap9ks9QAPfALZWTBw8Gkwpr1ovh3bZ3i1gdBuSlsIcFgC47K +yP6PgC4f6jZxfLE5BLrRKijHwmM0hL2NdW6QfwJ7ShQVrdE/RbLiw8UJTBQOfy3 W6nxhFrs/aKavWWtzbCSzbLk+K6mbEni9vz6fncnkdvXwjThWTlEiQQHMwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEjw1apgIeUgscqDYzkavBDe950qMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NmNmY2ZTc1LTZiYWItNGJjMS04ODIyLTFiN2VjMWZjMTQ4ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8mDAMA0GCSqGSIb3DQEBCwUAA4IBAQBcB0lpbFD3OA3XBMFt v5A3x+0LIlTRCKrSF8tdRVHedOjcrf+QAHLWosww/HbW2PdM+Z7UC27egDRu7scY wEtgsQyiIJfG4eK3LN8UwTCjZ6I4qngqSxLlILrJl6LJ/leLg1Kj2TJRhdsEN0HH 9LXjOkk6Ze3L8R/m++8pALb655f9fsFYqcOfN2BuzF59t1sspV+pYkhGr8ujJRsq B1+onwoODL+JeCHo2UmFv0tMYeanNLrIGmPDoWNTpj56mdHZLSZL5GASfQdEgz2t 15gLGUGflIox4UWM5x9PT+rJgW2XlfHCp6xx09Ltz5YQ6MpfeqyIvkThA4bAEB9e IP3w -----END CERTIFICATE-----Generated at Mon Oct 20 09:56:57 2025 by rpki-client