$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1ee0ca6-4099-4f84-8e05-ff02d67a580a.roa File: e1ee0ca6-4099-4f84-8e05-ff02d67a580a.roa (raw, json) Hash identifier: WnjZ6hKuHGIZgGKJwOjBEp0gjTY28OQSFQnWnsE2ozw= Subject key identifier: 65:CB:1A:1D:73:D8:C4:93:C0:AC:79:D5:CB:98:29:29:8C:84:09:8B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 21D5E991D47519002FC2EC26449F2383B5D11A3D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1ee0ca6-4099-4f84-8e05-ff02d67a580a.roa Signing time: Mon 13 Oct 2025 15:39:14 +0000 ROA not before: Mon 13 Oct 2025 15:39:14 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:2800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:d5:e9:91:d4:75:19:00:2f:c2:ec:26:44:9f:23:83:b5:d1:1a:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:39:14 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=07f9c0bd338d71a79835e0b65588078ea38f316dbb87c962cf70730ca23cfe87, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:b1:ec:5b:7a:6c:28:d2:42:4e:c6:b2:eb:a2: 9d:fa:c1:00:a9:cb:8e:9e:a4:68:ee:f3:bc:8e:e3: 67:81:00:72:a0:25:db:5f:fb:06:fd:32:b4:00:d2: 33:f9:07:33:1a:68:b0:90:0a:59:6e:2e:6f:0c:89: 24:18:7e:67:22:de:88:9d:21:b7:4b:02:4f:8f:85: a3:f3:cd:fd:30:62:70:ba:96:c7:2a:f0:9e:17:31: 7f:16:ed:d8:05:99:ec:f6:eb:76:5d:06:83:c1:ad: a6:cc:c2:8f:44:44:2c:dc:b4:a5:0c:e2:32:52:ff: 17:2c:aa:31:26:f4:39:5c:28:37:d0:d8:7b:87:f7: d5:10:01:75:4f:f0:24:02:aa:04:68:58:dd:e1:82: fa:40:69:38:75:59:6f:f8:10:40:81:85:9b:b7:72: 64:28:3b:38:91:62:ae:6b:68:bd:7e:d4:c2:60:f9: 38:2b:b7:21:9d:87:aa:27:d8:a1:cd:e5:0a:ed:c0: 3b:90:98:54:c0:46:17:35:d9:3b:1a:f5:76:be:f5: 03:20:70:78:78:06:e9:01:f3:b7:b6:92:78:26:51: 16:77:f7:e2:b3:7e:f9:de:90:76:3e:a8:6d:a7:c2: 29:c3:b7:e9:85:8c:90:36:aa:71:ed:02:e9:46:06: aa:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:CB:1A:1D:73:D8:C4:93:C0:AC:79:D5:CB:98:29:29:8C:84:09:8B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1ee0ca6-4099-4f84-8e05-ff02d67a580a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:2800::/40 Signature Algorithm: sha256WithRSAEncryption 66:0a:f4:bb:27:77:e2:9a:9c:66:f7:ad:3a:48:9d:50:91:2b: 1b:6b:94:45:0a:9a:c7:33:a4:bc:f2:e8:99:05:a0:94:41:ed: f1:07:46:85:dc:ac:09:24:ce:1c:b7:76:a6:8b:96:2a:b2:62: a0:74:05:a8:c6:e3:a2:79:a4:e0:83:7f:58:38:04:ff:44:11: 9c:a6:c5:22:bf:92:e9:25:fe:ab:8f:5d:33:73:9e:c5:4f:37: 64:58:03:30:d7:b3:de:f0:4b:bd:24:6b:80:b6:27:df:f8:05: 18:ac:47:b6:6d:2b:40:4e:a5:45:fc:49:b1:7e:37:5c:80:44: 9e:70:90:0c:39:fe:5b:fa:10:30:17:a8:dd:c4:67:51:39:e7: a7:20:6f:84:5b:7e:72:2c:8e:13:30:7f:43:40:62:a8:52:30: 4d:97:2e:f1:e6:a8:1a:bc:13:7c:19:a2:0e:9b:71:6f:fc:ba: 09:f8:3c:25:bb:1a:8c:32:5f:34:11:14:67:06:5a:9f:70:e5: f9:f1:b2:3f:c8:17:59:46:39:7b:22:c7:a0:61:77:bd:1a:de: 86:60:8b:69:e5:56:9d:68:ba:c8:1a:c5:d0:29:28:39:09:e5: 8a:a3:a7:96:8d:81:52:5b:fd:45:cf:f8:7b:23:3e:1d:94:c8: 28:6f:0f:8a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIdXpkdR1GQAvwuwmRJ8jg7XRGj0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1MzkxNFoX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNAMDdmOWMwYmQzMzhkNzFhNzk4MzVl MGI2NTU4ODA3OGVhMzhmMzE2ZGJiODdjOTYyY2Y3MDczMGNhMjNjZmU4NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA67HsW3psKNJCTsay66Kd+sEAqcuO nqRo7vO8juNngQByoCXbX/sG/TK0ANIz+QczGmiwkApZbi5vDIkkGH5nIt6InSG3 SwJPj4Wj8839MGJwupbHKvCeFzF/Fu3YBZns9ut2XQaDwa2mzMKPREQs3LSlDOIy Uv8XLKoxJvQ5XCg30Nh7h/fVEAF1T/AkAqoEaFjd4YL6QGk4dVlv+BBAgYWbt3Jk KDs4kWKua2i9ftTCYPk4K7chnYeqJ9ihzeUK7cA7kJhUwEYXNdk7GvV2vvUDIHB4 eAbpAfO3tpJ4JlEWd/fis3753pB2Pqhtp8Ipw7fphYyQNqpx7QLpRgaqeQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGXLGh1z2MSTwKx51cuYKSmMhAmLMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UxZWUwY2E2LTQwOTktNGY4NC04ZTA1LWZmMDJkNjdhNTgwYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8igwDQYJKoZIhvcNAQELBQADggEBAGYK9Lsnd+KanGb3rTpI nVCRKxtrlEUKmsczpLzy6JkFoJRB7fEHRoXcrAkkzhy3dqaLliqyYqB0BajG46J5 pOCDf1g4BP9EEZymxSK/kukl/quPXTNznsVPN2RYAzDXs97wS70ka4C2J9/4BRis R7ZtK0BOpUX8SbF+N1yARJ5wkAw5/lv6EDAXqN3EZ1E556cgb4RbfnIsjhMwf0NA YqhSME2XLvHmqBq8E3wZog6bcW/8ugn4PCW7GowyXzQRFGcGWp9w5fnxsj/IF1lG OXsix6Bhd70a3oZgi2nlVp1ousgaxdApKDkJ5Yqjp5aNgVJb/UXP+HsjPh2UyChv D4o= -----END CERTIFICATE-----Generated at Mon Oct 20 07:27:06 2025 by rpki-client