$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa File: 4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa (raw, json) Hash identifier: P4qw+Mmkffavw07nZJTFlw0le/GnTxJKJL4Smzf/jk8= Subject key identifier: 1B:DE:07:B6:15:02:95:5D:9D:53:DB:2D:74:37:D7:91:15:72:30:7F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1CFC83277F69426A18F70673212B4DEEAEA029DB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa Signing time: Fri 17 Oct 2025 00:01:58 +0000 ROA not before: Fri 17 Oct 2025 00:01:58 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafa:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:fc:83:27:7f:69:42:6a:18:f7:06:73:21:2b:4d:ee:ae:a0:29:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 17 00:01:58 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=f12c1b5c37cf7de2fc6cedf6fb05ad2a5a9774665f55f022e082794e6015c04b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:6b:dd:c0:ef:c3:3a:80:8d:14:b2:4d:d4:ab: 60:55:b8:22:5d:d5:36:97:ad:09:31:89:28:e7:8a: 09:41:a9:f0:2e:83:b6:2a:3a:24:e8:b9:df:1f:01: 77:b5:69:8c:81:ad:1f:89:9a:e6:17:e9:0a:43:22: 1c:8d:fe:a3:93:f5:ae:b8:4b:f5:6b:ab:80:95:83: 4c:fc:4f:04:4e:10:d5:dd:6d:a0:4c:a4:2a:99:7a: 5c:7f:79:27:94:b1:63:cb:13:8a:92:36:2a:5e:4f: 27:c6:04:48:b5:b2:74:36:42:9a:cb:ce:7c:85:eb: 23:c1:8e:26:5b:73:66:01:e5:fa:8e:89:ce:fc:ba: 36:68:6a:2b:46:00:00:14:e1:7b:0f:4a:29:e5:f4: 33:a4:67:41:33:30:a3:9e:08:94:d8:9c:bb:53:9b: 6b:b3:0d:16:4c:ec:72:35:45:18:45:ea:1f:16:7a: 89:b0:bc:3d:1c:e0:33:9e:21:6e:50:08:f1:d4:01: 98:21:31:96:a0:79:15:09:81:f8:ab:b6:fb:ec:35: 91:f2:0f:a6:8e:4e:95:92:64:75:23:73:8e:43:ba: 8b:ac:88:b5:67:b3:b6:a4:f5:e8:e4:bf:64:ce:d2: e2:d7:fd:3d:8a:53:ba:34:30:90:3d:19:17:46:94: f9:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:DE:07:B6:15:02:95:5D:9D:53:DB:2D:74:37:D7:91:15:72:30:7F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafa:4000::/40 Signature Algorithm: sha256WithRSAEncryption 38:80:1e:26:08:86:9d:71:13:8d:6c:00:5e:2c:6d:fb:6a:ee: 4d:d6:c2:fa:8c:da:da:1a:74:d0:a5:de:41:fe:93:76:56:e2: 0c:5d:6d:d1:bf:d1:89:2c:52:ae:67:57:43:e9:12:36:04:15: 3f:4c:92:96:51:40:44:fb:aa:be:e6:fd:10:5c:bc:71:a0:ce: a4:bb:b7:6c:cb:b2:94:fb:be:1a:4d:e8:e5:b2:64:af:72:de: 5d:8b:b3:ab:ca:50:c1:2a:99:10:d7:f6:5f:55:ad:69:d8:da: 77:7b:76:ae:42:35:3d:52:13:58:f5:78:63:29:9e:46:b1:a9: 54:3c:1e:d0:5d:8f:1e:14:76:c4:b5:01:c3:f8:46:41:60:44: 1a:0c:64:f1:f7:14:42:0e:39:ad:95:28:d5:af:cb:41:83:73: b3:5c:f2:6e:a8:bc:0c:1b:47:d9:e2:fa:99:db:b3:16:98:9f: 04:6a:f4:8b:1c:c8:42:f1:72:28:d4:a9:29:e0:c0:26:c1:29: be:b5:c4:32:c9:20:07:d5:3f:ae:a9:21:e9:7b:4b:f4:df:96: ff:ba:3a:e3:7b:f0:f0:ae:f7:ff:21:4a:c3:f2:d8:c2:2a:d2: 6f:58:22:4d:96:a4:b0:b3:34:42:40:38:f5:41:de:03:d3:23: 97:40:41:cb -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUHPyDJ39pQmoY9wZzIStN7q6gKdswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNzAwMDE1OFoX DTI1MTEyMTIzNTk1OVowejFJMEcGA1UEBRNAZjEyYzFiNWMzN2NmN2RlMmZjNmNl ZGY2ZmIwNWFkMmE1YTk3NzQ2NjVmNTVmMDIyZTA4Mjc5NGU2MDE1YzA0YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmvdwO/DOoCNFLJN1KtgVbgiXdU2 l60JMYko54oJQanwLoO2Kjok6LnfHwF3tWmMga0fiZrmF+kKQyIcjf6jk/WuuEv1 a6uAlYNM/E8EThDV3W2gTKQqmXpcf3knlLFjyxOKkjYqXk8nxgRItbJ0NkKay858 hesjwY4mW3NmAeX6jonO/Lo2aGorRgAAFOF7D0op5fQzpGdBMzCjngiU2Jy7U5tr sw0WTOxyNUUYReofFnqJsLw9HOAzniFuUAjx1AGYITGWoHkVCYH4q7b77DWR8g+m jk6VkmR1I3OOQ7qLrIi1Z7O2pPXo5L9kztLi1/09ilO6NDCQPRkXRpT51QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBveB7YVApVdnVPbLXQ315EVcjB/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRkNWE4NTEzLTIxZTUtNGFmNy1iMWI5LWU4NWJjOGUxNmViOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+kAwDQYJKoZIhvcNAQELBQADggEBADiAHiYIhp1xE41sAF4s bftq7k3WwvqM2toadNCl3kH+k3ZW4gxdbdG/0YksUq5nV0PpEjYEFT9MkpZRQET7 qr7m/RBcvHGgzqS7t2zLspT7vhpN6OWyZK9y3l2Ls6vKUMEqmRDX9l9VrWnY2nd7 dq5CNT1SE1j1eGMpnkaxqVQ8HtBdjx4UdsS1AcP4RkFgRBoMZPH3FEIOOa2VKNWv y0GDc7Nc8m6ovAwbR9ni+pnbsxaYnwRq9IscyELxcijUqSngwCbBKb61xDLJIAfV P66pIel7S/Tflv+6OuN78PCu9/8hSsPy2MIq0m9YIk2WpLCzNEJAOPVB3gPTI5dA Qcs= -----END CERTIFICATE-----Generated at Wed Nov 5 07:43:46 2025 by rpki-client