$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/08cfc748-a0fe-40b0-9306-6b4fecf097e6.roa File: 08cfc748-a0fe-40b0-9306-6b4fecf097e6.roa (raw, json) Hash identifier: vCIoeeLKIK8lkDm0XD5dB6V3DxiHSnoIxQFd3swtqMw= Subject key identifier: 36:87:9A:6E:BD:D4:18:F8:F7:25:EC:22:40:63:FB:0B:6C:DB:F7:72 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3C3FA2959360490C0B86DFDF657F37760DCFB423 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/08cfc748-a0fe-40b0-9306-6b4fecf097e6.roa Signing time: Tue 21 Oct 2025 00:00:42 +0000 ROA not before: Tue 21 Oct 2025 00:00:42 +0000 ROA not after: Tue 25 Nov 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:3f:a2:95:93:60:49:0c:0b:86:df:df:65:7f:37:76:0d:cf:b4:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 21 00:00:42 2025 GMT Not After : Nov 25 23:59:59 2025 GMT Subject: serialNumber=4682a62e549deb41b06093e8b1cb8227bd6ef56d9d8c002d1c21abdc11564720, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:db:bc:d4:15:61:67:a8:47:75:00:7c:58:b2: 19:fe:a5:26:55:88:9b:cc:10:bf:92:1f:49:8e:aa: da:e7:ea:e8:9d:34:0f:4d:46:af:a6:3d:3f:f8:69: 76:01:d4:9b:38:7a:5a:17:b2:8f:d6:e6:b1:20:cb: b8:ab:9d:95:01:21:d1:22:d2:1c:74:23:5a:c1:7e: d5:ed:95:29:b3:8c:27:a3:be:df:25:f3:8d:8e:26: ab:25:ed:d1:0e:53:3f:5c:6b:72:08:85:a1:67:3b: 01:47:c9:13:38:cb:a8:72:f7:90:25:77:fd:f4:bf: 26:93:55:30:d8:50:15:55:3c:f2:5e:a2:b9:3c:df: fa:24:d7:00:b4:e3:78:44:49:40:94:30:a7:b8:1a: 26:17:82:82:4c:5a:7c:44:31:4b:93:a1:f6:92:f6: 88:26:05:a6:f2:53:c6:81:84:53:55:1c:58:d5:6b: 8c:7f:55:a8:49:50:80:1f:f8:f8:8b:1d:a2:81:74: 30:e0:32:5b:90:c1:e4:60:0b:4d:ed:8b:01:c9:94: bc:6a:0b:1c:c6:0d:01:60:57:a3:18:bb:ef:9b:ab: 7d:b6:21:86:e2:2e:d8:21:90:74:e3:a2:bd:96:e9: 98:62:5e:33:8e:5c:c9:91:57:20:1f:dd:69:04:ce: 48:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:87:9A:6E:BD:D4:18:F8:F7:25:EC:22:40:63:FB:0B:6C:DB:F7:72 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/08cfc748-a0fe-40b0-9306-6b4fecf097e6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:2000::/40 Signature Algorithm: sha256WithRSAEncryption 56:73:93:42:c6:4f:83:9f:f0:17:a5:1b:74:a7:da:d9:b5:a9: e2:5b:0d:da:ff:9d:ea:c0:0b:f4:14:b8:4f:1b:3a:60:f1:2c: 27:d9:f9:8a:16:39:b9:1e:e7:19:b0:25:85:57:42:b3:44:77: f1:77:95:3c:a4:49:8f:57:a5:5a:d7:d7:ba:5a:9c:4b:4f:7d: 37:78:3f:06:e8:53:0a:12:6a:55:03:28:98:b3:20:6b:54:4a: 72:01:e3:b6:5f:8a:3c:cc:52:04:2b:05:3a:6f:d7:6f:c5:94: 91:f1:6f:ac:ce:d6:ee:95:58:ed:ab:d3:33:da:57:bb:1d:fd: af:fc:5f:36:c9:65:7a:db:32:6b:6f:b3:1f:5a:ab:61:26:a0: 76:3a:72:35:81:70:e8:35:91:cd:d4:99:a6:e4:69:f8:4f:6d: 6b:f1:97:28:77:3f:9f:a3:30:54:54:22:e6:69:55:02:13:0f: 67:86:d2:e2:4f:f5:a3:c9:62:df:8d:4c:7d:5c:b4:cc:1a:ed: ad:73:3c:35:51:39:89:64:2f:4a:e5:fd:96:8b:ff:f3:4a:45: 58:03:66:bb:7f:26:92:a3:f8:bd:ec:8f:70:22:01:11:d0:e3: 39:c6:e1:ff:af:f7:24:ff:eb:16:2d:a1:bf:b3:ee:e1:1e:98: 8a:68:74:6d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPD+ilZNgSQwLht/fZX83dg3PtCMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyMTAwMDA0MloX DTI1MTEyNTIzNTk1OVowejFJMEcGA1UEBRNANDY4MmE2MmU1NDlkZWI0MWIwNjA5 M2U4YjFjYjgyMjdiZDZlZjU2ZDlkOGMwMDJkMWMyMWFiZGMxMTU2NDcyMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNu81BVhZ6hHdQB8WLIZ/qUmVYib zBC/kh9Jjqra5+ronTQPTUavpj0/+Gl2AdSbOHpaF7KP1uaxIMu4q52VASHRItIc dCNawX7V7ZUps4wno77fJfONjiarJe3RDlM/XGtyCIWhZzsBR8kTOMuocveQJXf9 9L8mk1Uw2FAVVTzyXqK5PN/6JNcAtON4RElAlDCnuBomF4KCTFp8RDFLk6H2kvaI JgWm8lPGgYRTVRxY1WuMf1WoSVCAH/j4ix2igXQw4DJbkMHkYAtN7YsByZS8agsc xg0BYFejGLvvm6t9tiGG4i7YIZB046K9lumYYl4zjlzJkVcgH91pBM5ICwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDaHmm691Bj49yXsIkBj+wts2/dyMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA4Y2ZjNzQ4LWEwZmUtNDBiMC05MzA2LTZiNGZlY2YwOTdlNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7yAwDQYJKoZIhvcNAQELBQADggEBAFZzk0LGT4Of8BelG3Sn 2tm1qeJbDdr/nerAC/QUuE8bOmDxLCfZ+YoWObke5xmwJYVXQrNEd/F3lTykSY9X pVrX17panEtPfTd4PwboUwoSalUDKJizIGtUSnIB47ZfijzMUgQrBTpv12/FlJHx b6zO1u6VWO2r0zPaV7sd/a/8XzbJZXrbMmtvsx9aq2EmoHY6cjWBcOg1kc3Umabk afhPbWvxlyh3P5+jMFRUIuZpVQITD2eG0uJP9aPJYt+NTH1ctMwa7a1zPDVROYlk L0rl/ZaL//NKRVgDZrt/JpKj+L3sj3AiARHQ4znG4f+v9yT/6xYtob+z7uEemIpo dG0= -----END CERTIFICATE-----Generated at Wed Nov 5 09:49:27 2025 by rpki-client