$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d50e303a-6697-4780-b749-2eb970425fe8.roa File: d50e303a-6697-4780-b749-2eb970425fe8.roa (raw, json) Hash identifier: kFxVgMKxI8b1SroBjLQuj3W33gYrTvfFvemLTxrssGw= Subject key identifier: D7:35:3F:B2:23:DC:CF:FF:0D:2D:4E:0B:A7:9C:9F:DC:31:98:F0:C9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 393E8F015974C0F001E909D5D110C65B4CC72622 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d50e303a-6697-4780-b749-2eb970425fe8.roa Signing time: Wed 08 Oct 2025 00:00:35 +0000 ROA not before: Wed 08 Oct 2025 00:00:35 +0000 ROA not after: Wed 12 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:7000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:3e:8f:01:59:74:c0:f0:01:e9:09:d5:d1:10:c6:5b:4c:c7:26:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 8 00:00:35 2025 GMT Not After : Nov 12 23:59:59 2025 GMT Subject: serialNumber=38739defe1100f6d3c787d8af0f81f2838297b2ec71f8789369c9d5656922cbb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:90:bd:86:7d:1a:3a:17:f6:a0:a0:e1:93:88: 21:f4:7d:eb:a3:ad:5c:0f:a6:dd:28:d7:34:5a:02: 44:92:62:31:22:dd:37:2b:b0:da:8b:70:c2:4c:b4: d8:25:9b:56:a2:1b:e3:a1:4f:d5:30:45:47:a7:4a: bf:7f:99:a2:d5:3b:f4:a1:69:32:33:7e:4f:c1:86: 06:55:43:35:48:8d:cf:c8:a2:db:78:06:fc:e9:93: 4d:23:7f:14:13:87:7a:60:b0:b8:cf:7d:b9:c5:1f: 36:53:b9:68:d3:46:f7:90:34:01:39:7e:20:14:14: 77:05:3e:7b:94:19:09:e6:c2:8c:63:f6:ae:12:ac: 2d:81:ed:ab:d3:8b:1d:77:1f:d0:28:bd:e8:6d:70: 4e:13:83:36:64:ef:f0:f4:18:49:72:5c:bc:55:b5: fb:ef:50:fd:65:ec:22:f7:2c:dc:13:c0:42:b2:3b: 4e:db:1f:d1:de:15:ba:34:30:2d:9f:a2:e3:9e:08: 53:12:1a:a5:e1:2c:88:8e:e1:1b:a3:ec:13:17:ca: 8d:f8:9a:8e:20:9c:23:01:7d:ec:bc:37:64:31:32: 82:75:8f:f7:dd:76:ae:a9:b5:39:71:e6:7c:57:4b: bb:8d:ee:82:a4:29:07:db:fe:3c:5b:4f:2f:cb:a6: 17:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:35:3F:B2:23:DC:CF:FF:0D:2D:4E:0B:A7:9C:9F:DC:31:98:F0:C9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d50e303a-6697-4780-b749-2eb970425fe8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:7000::/40 Signature Algorithm: sha256WithRSAEncryption 04:b2:b2:4e:e9:4c:9c:36:12:40:55:75:89:ea:5a:56:1b:47: d0:b8:17:23:9f:b7:ee:6e:84:fa:e3:42:78:10:5d:08:47:68: 90:10:69:c8:2f:6f:2a:21:34:08:af:f9:6e:b1:d7:18:63:ce: 7e:7e:4b:b1:9f:be:8c:8f:cb:13:1a:c8:9d:0e:67:8b:db:88: 66:44:f0:c8:27:aa:94:fa:6e:db:fc:7b:69:e6:a6:f4:75:27: 77:7b:38:e0:b2:13:06:93:d1:2b:9a:a3:dc:a8:bb:44:3b:6e: 13:1e:c0:0a:c6:cb:39:80:1b:d6:c1:1d:c2:80:e3:77:07:22: a9:27:9e:28:44:a8:2f:ec:3c:df:f4:bd:a6:fa:a6:65:8e:cc: a7:3f:39:1b:a9:21:fd:98:e8:1d:2c:1a:15:87:86:db:46:aa: b3:71:20:ac:35:f8:8d:e3:72:a8:bc:c9:bc:75:19:8a:b6:13: d6:77:17:6c:1d:59:c0:ec:38:4c:86:c6:4e:96:89:5d:cf:43: 4f:73:96:b2:b6:f0:f5:04:c7:59:59:e1:19:28:e9:f6:d2:03: aa:0e:e1:a8:c1:4c:20:3d:47:36:7e:f1:86:32:73:aa:b6:bc: af:cc:ab:60:00:cb:ae:8d:6b:80:35:2f:49:3f:40:f1:31:76: b1:99:fc:6e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOT6PAVl0wPAB6QnV0RDGW0zHJiIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwODAwMDAzNVoX DTI1MTExMjIzNTk1OVowejFJMEcGA1UEBRNAMzg3MzlkZWZlMTEwMGY2ZDNjNzg3 ZDhhZjBmODFmMjgzODI5N2IyZWM3MWY4Nzg5MzY5YzlkNTY1NjkyMmNiYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJC9hn0aOhf2oKDhk4gh9H3ro61c D6bdKNc0WgJEkmIxIt03K7Dai3DCTLTYJZtWohvjoU/VMEVHp0q/f5mi1Tv0oWky M35PwYYGVUM1SI3PyKLbeAb86ZNNI38UE4d6YLC4z325xR82U7lo00b3kDQBOX4g FBR3BT57lBkJ5sKMY/auEqwtge2r04sddx/QKL3obXBOE4M2ZO/w9BhJcly8VbX7 71D9Zewi9yzcE8BCsjtO2x/R3hW6NDAtn6LjnghTEhql4SyIjuEbo+wTF8qN+JqO IJwjAX3svDdkMTKCdY/33XauqbU5ceZ8V0u7je6CpCkH2/48W08vy6YX4QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNc1P7Ij3M//DS1OC6ecn9wxmPDJMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q1MGUzMDNhLTY2OTctNDc4MC1iNzQ5LTJlYjk3MDQyNWZlOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9nAwDQYJKoZIhvcNAQELBQADggEBAASysk7pTJw2EkBVdYnq WlYbR9C4FyOft+5uhPrjQngQXQhHaJAQacgvbyohNAiv+W6x1xhjzn5+S7GfvoyP yxMayJ0OZ4vbiGZE8MgnqpT6btv8e2nmpvR1J3d7OOCyEwaT0Suao9you0Q7bhMe wArGyzmAG9bBHcKA43cHIqknnihEqC/sPN/0vab6pmWOzKc/ORupIf2Y6B0sGhWH httGqrNxIKw1+I3jcqi8ybx1GYq2E9Z3F2wdWcDsOEyGxk6WiV3PQ09zlrK28PUE x1lZ4Rko6fbSA6oO4ajBTCA9RzZ+8YYyc6q2vK/Mq2AAy66Na4A1L0k/QPExdrGZ /G4= -----END CERTIFICATE-----Generated at Mon Oct 20 23:34:37 2025 by rpki-client