$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f308a076-0e58-4b45-b7b0-474f5484be2e.roa File: f308a076-0e58-4b45-b7b0-474f5484be2e.roa (raw, json) Hash identifier: 5s0oQp5SUuixZBHgyMwHkibuCwQt2qxOE3o5MsMbCx4= Subject key identifier: F7:46:C3:88:C7:8A:19:4E:1D:C5:E0:59:E0:FF:DA:C3:EB:C4:DA:D2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6FF68F1F78244EFE20914B9097AF6B06611EF525 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f308a076-0e58-4b45-b7b0-474f5484be2e.roa Signing time: Tue 14 Oct 2025 00:00:12 +0000 ROA not before: Tue 14 Oct 2025 00:00:12 +0000 ROA not after: Tue 18 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daec:1000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:f6:8f:1f:78:24:4e:fe:20:91:4b:90:97:af:6b:06:61:1e:f5:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 14 00:00:12 2025 GMT Not After : Nov 18 23:59:59 2025 GMT Subject: serialNumber=9c2b6154a82078e541bb497c7ae048b0b91ea51c687d92d5fb46a6544f4bd536, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:f0:ca:15:51:f9:44:db:7f:ce:6c:3b:8d:2a: b9:b1:ad:59:a6:57:9c:8d:dd:c5:b1:73:b1:38:ab: a2:63:39:fa:7b:94:f3:2f:83:61:fd:df:e6:7c:5a: b6:bb:a4:66:b2:1d:f7:8a:00:93:54:05:98:57:65: fd:6a:de:1a:e3:04:bc:9d:06:69:55:c3:94:2b:f0: 43:ed:2e:49:f7:9d:51:1e:d1:fc:24:24:ae:48:50: 91:8f:21:e5:96:9c:a8:8f:b0:09:1b:00:40:eb:9d: 9a:85:5d:cc:2a:e4:fe:00:bc:37:2d:6b:b2:13:2f: 06:ad:07:43:57:41:81:c7:3b:5e:7a:27:de:a9:f7: da:46:a3:a5:f6:b8:fe:d9:79:26:cf:35:f7:90:b4: 90:69:59:10:b1:5a:9a:af:2d:83:eb:ac:a3:58:11: e7:a5:b7:08:70:c4:88:ea:71:8a:77:a6:15:e7:32: 82:d4:e1:b4:c7:6f:a6:7f:44:a9:b8:85:34:36:b0: 67:62:28:06:e8:60:0b:f3:02:df:0f:96:cb:c5:1f: 3c:62:d5:d0:3c:4c:8e:f2:b0:65:dc:37:a9:46:6f: b3:33:a9:bb:69:40:1d:c2:4c:e0:b0:73:dd:79:0d: 12:61:5e:b1:c6:da:a6:3b:5f:c7:a0:ae:d1:e6:78: fd:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:46:C3:88:C7:8A:19:4E:1D:C5:E0:59:E0:FF:DA:C3:EB:C4:DA:D2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f308a076-0e58-4b45-b7b0-474f5484be2e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daec:1000::/48 Signature Algorithm: sha256WithRSAEncryption a6:52:14:9f:0d:70:68:77:18:ed:05:51:18:50:02:ca:a2:7f: cc:62:8f:af:c4:0e:3a:99:dd:45:b7:da:b0:30:5b:29:71:64: 9c:76:40:65:e1:65:c3:a4:4f:0a:0c:4a:af:4e:06:bf:7d:d6: d2:7a:dc:44:6d:f8:e8:d5:ab:40:17:57:9f:d1:d0:0e:84:82: 6a:0a:ff:c0:45:f7:21:9b:27:be:fa:47:01:25:1f:3c:67:ba: 99:bd:c0:1f:b2:c3:f6:5c:c5:8c:10:c4:b4:a1:66:1b:db:25: ab:74:52:c0:e4:3d:9d:e3:fb:15:7d:e8:ae:d8:ff:18:af:6a: ed:b5:70:3f:58:28:98:d0:93:f3:49:d0:ba:d6:54:bc:30:73: b1:a0:17:df:1f:8e:d6:09:b2:5f:a5:3f:ca:a5:86:77:d1:b5: 38:36:04:77:00:87:a6:89:65:19:01:f7:66:9d:81:19:5c:0e: d3:3f:98:ee:cd:1a:47:34:f4:9b:2d:7d:ff:9c:c4:b7:bb:8e: 8e:77:68:4c:ae:6c:fe:30:0f:e2:4e:5d:3a:45:30:d9:64:b6: 4d:f1:9a:69:32:ad:6f:b5:a3:dc:cc:c6:10:8d:77:3e:c0:c4: 49:4c:c5:31:6a:fe:84:3f:18:eb:3e:48:2d:54:3f:09:3e:07: 9b:3d:8e:53 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUb/aPH3gkTv4gkUuQl69rBmEe9SUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNDAwMDAxMloX DTI1MTExODIzNTk1OVowejFJMEcGA1UEBRNAOWMyYjYxNTRhODIwNzhlNTQxYmI0 OTdjN2FlMDQ4YjBiOTFlYTUxYzY4N2Q5MmQ1ZmI0NmE2NTQ0ZjRiZDUzNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5vDKFVH5RNt/zmw7jSq5sa1Zplec jd3FsXOxOKuiYzn6e5TzL4Nh/d/mfFq2u6Rmsh33igCTVAWYV2X9at4a4wS8nQZp VcOUK/BD7S5J951RHtH8JCSuSFCRjyHllpyoj7AJGwBA652ahV3MKuT+ALw3LWuy Ey8GrQdDV0GBxzteeifeqffaRqOl9rj+2XkmzzX3kLSQaVkQsVqary2D66yjWBHn pbcIcMSI6nGKd6YV5zKC1OG0x2+mf0SpuIU0NrBnYigG6GAL8wLfD5bLxR88YtXQ PEyO8rBl3DepRm+zM6m7aUAdwkzgsHPdeQ0SYV6xxtqmO1/HoK7R5nj9/wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPdGw4jHihlOHcXgWeD/2sPrxNrSMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YzMDhhMDc2LTBlNTgtNGI0NS1iN2IwLTQ3NGY1NDg0YmUyZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba7BAAMA0GCSqGSIb3DQEBCwUAA4IBAQCmUhSfDXBodxjtBVEY UALKon/MYo+vxA46md1Ft9qwMFspcWScdkBl4WXDpE8KDEqvTga/fdbSetxEbfjo 1atAF1ef0dAOhIJqCv/ARfchmye++kcBJR88Z7qZvcAfssP2XMWMEMS0oWYb2yWr dFLA5D2d4/sVfeiu2P8Yr2rttXA/WCiY0JPzSdC61lS8MHOxoBffH47WCbJfpT/K pYZ30bU4NgR3AIemiWUZAfdmnYEZXA7TP5juzRpHNPSbLX3/nMS3u46Od2hMrmz+ MA/iTl06RTDZZLZN8ZppMq1vtaPczMYQjXc+wMRJTMUxav6EPxjrPkgtVD8JPgeb PY5T -----END CERTIFICATE-----Generated at Mon Oct 20 14:53:01 2025 by rpki-client