$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fc689091-d3fb-4957-9d14-30d4c91bcec9.roa File: fc689091-d3fb-4957-9d14-30d4c91bcec9.roa (raw, json) Hash identifier: F4KAqKW1KpQRrUqPrwYx8shrxeQJnguU6c6doETsBO8= Subject key identifier: 0F:57:FD:3B:58:24:1A:B1:B0:6A:B7:20:66:56:2F:95:34:95:60:1E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5D30492C32D2E78D40FAA53533891568D4EB2251 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fc689091-d3fb-4957-9d14-30d4c91bcec9.roa Signing time: Wed 15 Oct 2025 00:40:54 +0000 ROA not before: Wed 15 Oct 2025 00:40:54 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1f::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:30:49:2c:32:d2:e7:8d:40:fa:a5:35:33:89:15:68:d4:eb:22:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:40:54 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=ee5d7954e0f81f249c6fa971a27f425e32694ef423f888bc205e99fbd9c714f8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:1b:a4:a2:8c:b0:57:29:e1:eb:62:14:a3:31: 47:6b:72:48:0c:7f:3f:e8:a9:ba:da:df:28:f8:f4: 9c:76:f9:91:9d:e2:d9:cd:30:33:f7:25:58:02:c8: 56:6a:6e:21:5b:a8:a5:70:3a:d5:21:36:1f:d1:67: 45:22:c6:ef:35:21:65:60:af:6f:66:66:27:13:4d: c2:d5:c5:dc:12:32:ad:79:f4:ff:82:0b:21:6e:28: 64:ac:7f:3c:0c:09:db:f9:e9:e3:7e:63:f3:17:d8: c7:b4:a7:27:7e:a3:4b:27:c0:92:63:69:8e:6a:74: 3f:cf:22:15:ba:57:85:46:06:87:56:14:4c:2f:05: f4:f3:43:09:60:4a:e4:9c:6f:b6:98:bb:6b:5e:10: 3e:fd:bb:fc:7e:b1:ee:65:2e:07:a6:9e:9c:cd:0e: fb:6e:a8:1a:8e:01:94:13:1c:00:cd:46:37:55:31: 6d:c9:97:00:53:cf:79:57:d1:9b:5f:be:97:5c:bb: 03:3c:6d:89:cc:54:58:5a:72:7e:72:73:28:3f:da: 06:2b:c2:78:c9:20:34:5e:be:c6:45:bc:99:9c:21: a5:24:2a:72:6c:3b:ab:18:22:7c:dd:b2:4d:4f:e8: 77:d8:bd:8a:cf:94:c5:bf:1f:10:3b:a4:81:69:69: 51:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:57:FD:3B:58:24:1A:B1:B0:6A:B7:20:66:56:2F:95:34:95:60:1E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fc689091-d3fb-4957-9d14-30d4c91bcec9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1f::/36 Signature Algorithm: sha256WithRSAEncryption 3e:77:33:fc:07:f7:33:6b:8a:30:c1:7f:e2:b8:34:87:5e:c2: bd:d1:5a:8a:4e:82:b5:19:d5:a2:2d:ed:4e:8d:f8:58:8a:41: dc:f0:1a:f5:d6:e5:c7:0d:21:fb:fd:8a:25:db:5e:ae:86:ab: bd:88:be:83:18:76:cf:7a:38:7b:75:52:de:c0:25:4d:86:50: ee:28:9c:f5:ac:61:77:be:72:91:d7:a0:54:ab:65:2a:51:ad: 7d:8b:16:3c:1f:4e:9c:4d:eb:de:20:fb:f3:f3:30:3f:45:e1: 6e:9e:da:2e:27:18:bb:65:99:21:80:7b:40:26:c2:71:40:7a: f6:b9:9d:c2:43:11:5f:e6:d2:36:fb:5b:e9:97:1e:52:88:65: 8e:9e:cc:83:4d:56:b5:3d:4d:cc:50:6b:7a:7d:bc:be:56:cd: 14:19:b3:69:b6:93:83:ad:05:ef:70:74:66:ed:27:a3:08:e4: 98:53:06:27:7f:27:94:8d:07:ba:88:c9:0e:94:44:14:14:50: fb:01:cf:fe:63:ea:e6:70:59:0a:f7:88:1c:a9:38:e0:ae:ce: 53:f9:df:35:08:fb:a8:aa:99:27:3b:f8:10:8d:fb:35:18:1e: 2a:bf:ff:64:22:68:7d:ac:86:02:2d:53:6d:a5:f6:77:ce:0d: b9:f8:af:cc -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXTBJLDLS541A+qU1M4kVaNTrIlEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwNDA1NFoX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNAZWU1ZDc5NTRlMGY4MWYyNDljNmZh OTcxYTI3ZjQyNWUzMjY5NGVmNDIzZjg4OGJjMjA1ZTk5ZmJkOWM3MTRmODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxukooywVynh62IUozFHa3JIDH8/ 6Km62t8o+PScdvmRneLZzTAz9yVYAshWam4hW6ilcDrVITYf0WdFIsbvNSFlYK9v ZmYnE03C1cXcEjKtefT/ggshbihkrH88DAnb+enjfmPzF9jHtKcnfqNLJ8CSY2mO anQ/zyIVuleFRgaHVhRMLwX080MJYErknG+2mLtrXhA+/bv8frHuZS4Hpp6czQ77 bqgajgGUExwAzUY3VTFtyZcAU895V9GbX76XXLsDPG2JzFRYWnJ+cnMoP9oGK8J4 ySA0Xr7GRbyZnCGlJCpybDurGCJ83bJNT+h32L2Kz5TFvx8QO6SBaWlRxwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFA9X/TtYJBqxsGq3IGZWL5U0lWAeMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZjNjg5MDkxLWQzZmItNDk1Ny05ZDE0LTMwZDRjOTFiY2VjOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaHwAwDQYJKoZIhvcNAQELBQADggEBAD53M/wH9zNrijDBf+K4 NIdewr3RWopOgrUZ1aIt7U6N+FiKQdzwGvXW5ccNIfv9iiXbXq6Gq72IvoMYds96 OHt1Ut7AJU2GUO4onPWsYXe+cpHXoFSrZSpRrX2LFjwfTpxN694g+/PzMD9F4W6e 2i4nGLtlmSGAe0AmwnFAeva5ncJDEV/m0jb7W+mXHlKIZY6ezINNVrU9TcxQa3p9 vL5WzRQZs2m2k4OtBe9wdGbtJ6MI5JhTBid/J5SNB7qIyQ6URBQUUPsBz/5j6uZw WQr3iBypOOCuzlP53zUI+6iqmSc7+BCN+zUYHiq//2QiaH2shgItU22l9nfODbn4 r8w= -----END CERTIFICATE-----Generated at Mon Oct 20 07:20:46 2025 by rpki-client