$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc3a69bc-0d8b-4438-9290-7f41f5935e42.roa File: dc3a69bc-0d8b-4438-9290-7f41f5935e42.roa (raw, json) Hash identifier: C+lBWM/Nee4H4GW0XoDz5ulMRG7Uuhhh86Jj/VAhN1A= Subject key identifier: 50:EF:7B:B3:D6:7D:1B:99:54:69:72:25:59:68:F7:5C:B2:76:0D:08 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3D92E1F27E11C1C435DFB1707905BC982B578615 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc3a69bc-0d8b-4438-9290-7f41f5935e42.roa Signing time: Wed 15 Oct 2025 00:01:03 +0000 ROA not before: Wed 15 Oct 2025 00:01:03 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:92:e1:f2:7e:11:c1:c4:35:df:b1:70:79:05:bc:98:2b:57:86:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:01:03 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=dd718eee061ab10efecc769fba0f58ee34dfe2ca07c3e018763ff8c6093e7356, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:f2:43:7e:21:8d:22:f4:71:15:1b:4f:04:ad: 56:ec:2d:56:ee:ad:82:b3:5f:2a:dc:e2:b4:be:d4: e7:13:19:85:8f:17:b2:17:1c:45:ae:d1:3b:81:5d: 02:44:ce:0a:48:ce:a1:ec:68:eb:67:4d:7b:62:7a: 10:c7:61:a7:b4:7a:61:c0:67:ab:71:e8:b5:2b:e1: 72:eb:0a:ce:cb:1e:9a:79:f1:2f:08:9e:e2:4f:e0: 0f:d1:1f:88:f9:ac:e3:71:b9:37:d9:f9:f0:02:80: dc:6b:e7:7a:2e:a6:f4:83:cf:e8:79:5c:e0:f2:46: 4a:21:2d:09:a8:e6:6c:a7:09:18:dc:31:bf:55:fc: a8:bd:b1:6e:af:b9:23:d4:45:18:6f:58:8a:87:c3: 5e:8d:76:51:66:25:67:a3:41:f7:9b:6a:67:c5:1a: 7a:46:d5:4a:13:79:21:57:e4:bf:62:58:f5:f4:c2: 22:1e:46:b7:21:d5:dd:b3:46:0a:64:ad:30:58:37: 59:34:ba:98:b7:e6:b7:c5:fc:22:34:b1:f4:0b:31: fd:ef:41:15:be:d9:1e:7b:c5:96:56:9d:07:45:7d: 51:3e:56:93:fe:40:02:6e:ce:54:cd:64:29:00:e3: d9:fe:77:98:4f:c2:b0:ce:9a:0d:49:40:a1:22:48: 1f:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:EF:7B:B3:D6:7D:1B:99:54:69:72:25:59:68:F7:5C:B2:76:0D:08 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc3a69bc-0d8b-4438-9290-7f41f5935e42.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:b000::/40 Signature Algorithm: sha256WithRSAEncryption 7e:82:5e:07:2b:24:b4:45:67:d9:04:73:36:28:8c:19:66:a9: a6:48:12:06:99:5a:5b:71:16:1b:73:05:a8:0d:36:e7:b6:3e: 75:3d:87:97:96:10:0f:a8:7f:4a:83:92:b3:d3:b6:c9:a2:89: d1:7e:f1:48:d9:67:a6:03:fe:6d:ba:e4:47:dd:77:ab:e9:a8: 8c:aa:5c:69:c7:4c:e4:a0:96:f7:a9:7a:ef:65:f6:66:cd:96: 23:c7:1f:5a:4f:e1:3b:70:b1:57:f4:17:b3:79:7a:1f:9a:a4: 08:c7:6f:e4:c7:24:90:2a:ba:a7:93:0a:d4:47:98:3e:0e:8a: b0:48:91:4f:8f:cb:f4:28:2d:b0:64:32:a0:e7:54:47:fd:55: b7:c9:9a:37:6e:26:08:53:5a:4e:be:91:9c:94:5a:83:25:85: 89:73:0f:0c:66:92:8e:31:98:20:15:57:56:b7:aa:9a:86:2b: c2:a4:a0:31:a5:4f:d1:f2:a4:ea:8e:36:05:14:31:bb:c1:5d: e2:c8:65:9b:4e:b5:84:e5:dc:de:ec:b6:58:6b:ed:8a:9e:ea: 7f:b9:cd:31:80:9c:91:a7:1c:e0:85:8a:45:a7:aa:36:40:2b: 97:e1:fc:51:ea:a2:61:23:bf:a3:12:55:71:8c:c5:c5:78:f7: cf:69:ab:35 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPZLh8n4RwcQ137FweQW8mCtXhhUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwMDEwM1oX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNAZGQ3MThlZWUwNjFhYjEwZWZlY2M3 NjlmYmEwZjU4ZWUzNGRmZTJjYTA3YzNlMDE4NzYzZmY4YzYwOTNlNzM1NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfJDfiGNIvRxFRtPBK1W7C1W7q2C s18q3OK0vtTnExmFjxeyFxxFrtE7gV0CRM4KSM6h7GjrZ017YnoQx2GntHphwGer cei1K+Fy6wrOyx6aefEvCJ7iT+AP0R+I+azjcbk32fnwAoDca+d6Lqb0g8/oeVzg 8kZKIS0JqOZspwkY3DG/VfyovbFur7kj1EUYb1iKh8NejXZRZiVno0H3m2pnxRp6 RtVKE3khV+S/Ylj19MIiHka3IdXds0YKZK0wWDdZNLqYt+a3xfwiNLH0CzH970EV vtkee8WWVp0HRX1RPlaT/kACbs5UzWQpAOPZ/neYT8KwzpoNSUChIkgftQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFDve7PWfRuZVGlyJVlo91yydg0IMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RjM2E2OWJjLTBkOGItNDQzOC05MjkwLTdmNDFmNTkzNWU0Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+LAwDQYJKoZIhvcNAQELBQADggEBAH6CXgcrJLRFZ9kEczYo jBlmqaZIEgaZWltxFhtzBagNNue2PnU9h5eWEA+of0qDkrPTtsmiidF+8UjZZ6YD /m265Efdd6vpqIyqXGnHTOSglvepeu9l9mbNliPHH1pP4TtwsVf0F7N5eh+apAjH b+THJJAquqeTCtRHmD4OirBIkU+Py/QoLbBkMqDnVEf9VbfJmjduJghTWk6+kZyU WoMlhYlzDwxmko4xmCAVV1a3qpqGK8KkoDGlT9HypOqONgUUMbvBXeLIZZtOtYTl 3N7stlhr7Yqe6n+5zTGAnJGnHOCFikWnqjZAK5fh/FHqomEjv6MSVXGMxcV4989p qzU= -----END CERTIFICATE-----Generated at Mon Oct 20 15:39:43 2025 by rpki-client