$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc6018c2-5114-40b5-8a1b-8a6f01680f9e.roa File: dc6018c2-5114-40b5-8a1b-8a6f01680f9e.roa (raw, json) Hash identifier: 5dAbudYcyA3a0fOia0Xvh4rxp4cKSIvpLnWUxOMVftE= Subject key identifier: BD:B7:30:E0:0F:8A:FD:59:6B:25:79:B4:71:18:38:D9:82:37:50:1A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 221D5924C70E26DD186B26EB5B37976D376E1C76 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc6018c2-5114-40b5-8a1b-8a6f01680f9e.roa Signing time: Tue 14 Oct 2025 00:00:11 +0000 ROA not before: Tue 14 Oct 2025 00:00:11 +0000 ROA not after: Tue 18 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daec:f000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:1d:59:24:c7:0e:26:dd:18:6b:26:eb:5b:37:97:6d:37:6e:1c:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 14 00:00:11 2025 GMT Not After : Nov 18 23:59:59 2025 GMT Subject: serialNumber=e186fc24a9883ccccdf58a29e6b440ca8dcb0d2743291797b47179aaf14d4dc2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:bf:1e:e0:fa:ad:4c:dd:e3:41:b9:4e:f6:ee: 7a:c2:63:97:5f:70:df:50:0b:52:5b:b0:9d:a2:5d: a9:db:a5:88:bb:94:f3:ce:72:11:e2:98:5e:37:6a: 96:8e:9e:bf:ee:d8:7d:4a:cf:4e:b9:68:bb:d8:11: 84:ba:6f:73:20:71:be:fd:3e:56:14:75:7e:86:a1: c4:4f:aa:7b:cc:cc:7a:b8:84:7c:0a:e6:56:8f:cc: f9:6c:94:c5:1d:59:b4:ca:92:5a:a5:58:bc:ad:b7: ab:73:fc:7c:bb:31:fa:c0:f8:8e:a3:d9:7c:91:4e: b8:52:fb:e5:5e:f9:1f:f5:31:90:95:52:c3:01:68: 82:0f:d8:9a:8a:02:0f:f8:4a:14:bb:ad:85:9d:24: 66:50:aa:b4:a7:f4:bd:36:ea:85:f1:c4:76:76:6e: 68:d1:ff:b0:b5:a9:48:b0:56:e5:24:be:f6:5f:df: a9:97:c1:3a:50:5e:73:ac:95:82:1e:15:8d:0b:02: 45:38:69:0f:60:b0:62:10:c4:0f:65:28:5d:f4:38: 14:ec:3e:b5:62:49:8a:ad:9f:3e:17:ae:63:a8:9b: 07:2c:4e:de:a6:5c:74:cf:7f:74:cd:7e:d9:27:e5: d5:61:1f:69:ce:8b:b2:25:79:aa:d6:41:5f:af:66: 1b:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:B7:30:E0:0F:8A:FD:59:6B:25:79:B4:71:18:38:D9:82:37:50:1A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc6018c2-5114-40b5-8a1b-8a6f01680f9e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daec:f000::/48 Signature Algorithm: sha256WithRSAEncryption 6a:be:f6:78:02:96:ca:0d:6f:42:75:4b:52:5e:6b:b7:6d:44: 9c:da:6b:83:5e:e6:9b:00:65:04:03:3e:ba:bc:8f:8c:f0:5f: 30:d0:5c:cd:55:6d:92:65:b5:e4:27:d4:e2:54:a6:5a:be:ca: b1:d2:9a:27:19:b1:e0:8f:76:0b:c9:0a:54:c7:ca:1c:1a:cd: 64:2e:df:50:19:d0:5a:3a:68:d5:fc:37:13:f4:db:83:e0:78: 03:c7:8b:08:31:5b:12:b9:3c:46:19:05:06:3a:10:2c:33:79: f3:60:be:f3:0d:80:b3:0d:9d:a0:6d:21:7c:b0:09:7c:e3:2a: 38:d2:3d:03:e0:84:f6:28:db:6a:dc:c4:55:90:31:0c:39:86: 10:41:48:07:07:27:cb:16:03:f3:91:f8:b0:eb:11:76:4d:97: df:69:0c:cc:82:3d:15:89:63:0a:4f:e4:74:e2:63:02:20:91: 2a:52:11:78:72:83:4f:3a:75:18:e6:0f:c6:8d:53:38:34:10: 47:c5:b0:65:c5:5d:cd:b4:09:f9:bb:55:89:f8:5f:72:30:7e: aa:36:1f:ed:ce:b9:49:fa:b9:e3:2e:6e:15:9d:57:4b:6e:09: ee:98:f4:34:47:2e:02:db:2d:b4:b6:30:8e:15:f5:81:f9:85: 13:d0:f1:5a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUIh1ZJMcOJt0YaybrWzeXbTduHHYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNDAwMDAxMVoX DTI1MTExODIzNTk1OVowejFJMEcGA1UEBRNAZTE4NmZjMjRhOTg4M2NjY2NkZjU4 YTI5ZTZiNDQwY2E4ZGNiMGQyNzQzMjkxNzk3YjQ3MTc5YWFmMTRkNGRjMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt78e4PqtTN3jQblO9u56wmOXX3Df UAtSW7Cdol2p26WIu5TzznIR4pheN2qWjp6/7th9Ss9OuWi72BGEum9zIHG+/T5W FHV+hqHET6p7zMx6uIR8CuZWj8z5bJTFHVm0ypJapVi8rberc/x8uzH6wPiOo9l8 kU64UvvlXvkf9TGQlVLDAWiCD9iaigIP+EoUu62FnSRmUKq0p/S9NuqF8cR2dm5o 0f+wtalIsFblJL72X9+pl8E6UF5zrJWCHhWNCwJFOGkPYLBiEMQPZShd9DgU7D61 YkmKrZ8+F65jqJsHLE7eplx0z390zX7ZJ+XVYR9pzouyJXmq1kFfr2YbWwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFL23MOAPiv1ZayV5tHEYONmCN1AaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RjNjAxOGMyLTUxMTQtNDBiNS04YTFiLThhNmYwMTY4MGY5ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba7PAAMA0GCSqGSIb3DQEBCwUAA4IBAQBqvvZ4ApbKDW9CdUtS Xmu3bUSc2muDXuabAGUEAz66vI+M8F8w0FzNVW2SZbXkJ9TiVKZavsqx0ponGbHg j3YLyQpUx8ocGs1kLt9QGdBaOmjV/DcT9NuD4HgDx4sIMVsSuTxGGQUGOhAsM3nz YL7zDYCzDZ2gbSF8sAl84yo40j0D4IT2KNtq3MRVkDEMOYYQQUgHByfLFgPzkfiw 6xF2TZffaQzMgj0ViWMKT+R04mMCIJEqUhF4coNPOnUY5g/GjVM4NBBHxbBlxV3N tAn5u1WJ+F9yMH6qNh/tzrlJ+rnjLm4VnVdLbgnumPQ0Ry4C2y20tjCOFfWB+YUT 0PFa -----END CERTIFICATE-----Generated at Mon Oct 20 10:00:35 2025 by rpki-client