$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa File: f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa (raw, json) Hash identifier: 61RH722yeWXb9r4EKow/hQDMrwc7t2B0NfxBxYUKIqw= Subject key identifier: 3B:B1:46:37:66:63:83:83:EE:09:CA:5C:F6:F0:4B:8B:F8:89:48:B7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1EEA83F65FA6926660DC73B6F40A59BB0572A0B5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa Signing time: Mon 13 Oct 2025 15:38:15 +0000 ROA not before: Mon 13 Oct 2025 15:38:15 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:2020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:ea:83:f6:5f:a6:92:66:60:dc:73:b6:f4:0a:59:bb:05:72:a0:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 13 15:38:15 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=d1420287c91b3d56bcb4ccaa5184c8464314f957bb92787c5ea800d6cf3af731, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:34:b9:73:be:00:cc:7c:08:59:f7:9e:dd:a3: af:15:fb:c1:fd:c7:f2:39:05:39:60:1a:b9:35:0c: 96:4d:24:e7:28:af:67:68:ab:c1:ef:1d:04:c8:56: 02:05:d6:0f:93:48:f9:a8:97:5b:a2:ae:cf:21:6a: 3e:0b:c1:46:68:10:bb:80:7b:03:9e:e3:13:b4:bb: 80:57:db:04:3d:53:08:4d:6c:25:5c:4d:bd:f8:79: d2:5a:1a:11:a8:dd:be:5b:95:69:fa:56:3d:42:a9: db:74:13:28:fa:72:9f:67:05:08:ba:fd:03:13:77: 1a:9e:18:55:56:75:40:ee:32:03:06:0a:2f:ad:c5: 0d:60:60:59:81:c7:2f:33:99:be:41:46:7a:a0:6e: b2:4b:f2:3b:f5:a0:2f:dd:76:19:6e:9d:03:99:fe: 63:1b:1d:4d:62:bc:92:a0:38:bf:90:8e:ea:de:28: c8:f0:86:50:ea:f9:70:9d:cf:25:c1:2e:26:3d:15: ab:8e:8f:b0:7a:24:1d:8e:d0:66:4b:ed:0b:95:f6: 60:23:f0:74:fd:52:26:7c:db:9e:b7:b5:5d:b6:4e: 7a:8e:e6:83:f6:35:62:9d:10:10:3a:8c:e0:05:3b: 96:c8:a1:2a:af:32:cc:49:d6:b7:0d:bf:b0:d9:13: 19:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:B1:46:37:66:63:83:83:EE:09:CA:5C:F6:F0:4B:8B:F8:89:48:B7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:2020::/48 Signature Algorithm: sha256WithRSAEncryption 3d:83:c3:c2:b7:de:3d:a2:a3:dc:08:1c:45:c8:9a:5c:0c:00: c6:55:df:4c:41:84:33:2d:d7:ce:fa:fe:4a:7d:85:d2:6b:80: a0:87:42:40:f1:56:60:bc:8c:8d:da:4c:3c:3a:31:08:1b:09: d7:e7:a7:38:b8:8f:0d:a4:25:ab:f3:de:8f:23:45:1f:e0:46: f4:d4:58:db:1d:48:8c:ab:2a:f5:01:b7:55:8c:ea:85:be:cb: 66:7d:53:5a:cb:e7:5b:43:09:90:c7:dd:14:a5:17:c9:fc:75: 1b:2b:75:a7:72:a3:a5:f7:6b:6e:94:07:8d:1f:73:1c:ee:1a: b4:26:36:23:31:4d:8a:1a:31:37:19:07:ed:45:d2:90:b0:04: 39:7f:db:d3:dd:2f:72:04:78:a9:31:97:86:66:21:7b:5f:e8: 28:b8:5b:9a:5a:21:63:75:f6:14:93:6a:f8:ec:08:32:1b:c9: f8:54:86:35:d9:f0:9d:b0:03:31:65:c0:77:b8:21:ac:f9:d9: ad:a0:37:da:c9:d5:c3:03:74:a5:cd:2f:95:64:a9:d1:39:7a: 9e:a4:5b:1e:b5:f4:6e:8c:97:0c:5a:b3:15:28:77:9a:58:45: 86:f7:d7:e9:62:9c:40:58:5a:88:a9:3e:df:04:d8:5d:6e:c9: 2e:e6:4d:44 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUHuqD9l+mkmZg3HO29ApZuwVyoLUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMzE1MzgxNVoX DTI1MTExNzIzNTk1OVowejFJMEcGA1UEBRNAZDE0MjAyODdjOTFiM2Q1NmJjYjRj Y2FhNTE4NGM4NDY0MzE0Zjk1N2JiOTI3ODdjNWVhODAwZDZjZjNhZjczMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTS5c74AzHwIWfee3aOvFfvB/cfy OQU5YBq5NQyWTSTnKK9naKvB7x0EyFYCBdYPk0j5qJdboq7PIWo+C8FGaBC7gHsD nuMTtLuAV9sEPVMITWwlXE29+HnSWhoRqN2+W5Vp+lY9QqnbdBMo+nKfZwUIuv0D E3canhhVVnVA7jIDBgovrcUNYGBZgccvM5m+QUZ6oG6yS/I79aAv3XYZbp0Dmf5j Gx1NYrySoDi/kI7q3ijI8IZQ6vlwnc8lwS4mPRWrjo+weiQdjtBmS+0LlfZgI/B0 /VImfNuet7Vdtk56juaD9jVinRAQOozgBTuWyKEqrzLMSda3Db+w2RMZ5QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDuxRjdmY4OD7gnKXPbwS4v4iUi3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YzYmEzMjUxLWE1MDItNGNmOC05YmM1LTQ0OWIxMzc2YmUwZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYSAgMA0GCSqGSIb3DQEBCwUAA4IBAQA9g8PCt949oqPcCBxF yJpcDADGVd9MQYQzLdfO+v5KfYXSa4Cgh0JA8VZgvIyN2kw8OjEIGwnX56c4uI8N pCWr896PI0Uf4Eb01FjbHUiMqyr1AbdVjOqFvstmfVNay+dbQwmQx90UpRfJ/HUb K3WncqOl92tulAeNH3Mc7hq0JjYjMU2KGjE3GQftRdKQsAQ5f9vT3S9yBHipMZeG ZiF7X+gouFuaWiFjdfYUk2r47AgyG8n4VIY12fCdsAMxZcB3uCGs+dmtoDfaydXD A3SlzS+VZKnROXqepFsetfRujJcMWrMVKHeaWEWG99fpYpxAWFqIqT7fBNhdbsku 5k1E -----END CERTIFICATE-----Generated at Mon Oct 20 07:26:16 2025 by rpki-client