$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f0c7d8f-32e4-429a-818c-c680fe972a02.roa File: 5f0c7d8f-32e4-429a-818c-c680fe972a02.roa (raw, json) Hash identifier: lSJB0TLT12pD2KVq5OlW6HIUYgOeT5n5QUiLahahtww= Subject key identifier: 6D:C9:64:A7:F2:07:6F:69:D2:2D:AA:C2:E7:8F:94:A7:92:34:19:9E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 70CCE8094078807D602803C5EAAD378385AA933A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f0c7d8f-32e4-429a-818c-c680fe972a02.roa Signing time: Sat 01 Nov 2025 00:00:47 +0000 ROA not before: Sat 01 Nov 2025 00:00:47 +0000 ROA not after: Sat 06 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:cc:e8:09:40:78:80:7d:60:28:03:c5:ea:ad:37:83:85:aa:93:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 1 00:00:47 2025 GMT Not After : Dec 6 23:59:59 2025 GMT Subject: serialNumber=806f4a1d42d1b94fddc005d94c5c2e02990e90156312e3a7add1973e84177838, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:fa:09:ad:3f:4c:e5:22:13:80:cd:2d:fd:72: fa:6e:c8:95:e8:8e:f1:91:f0:62:79:9d:1e:ba:99: d7:26:90:71:9a:c0:77:28:99:12:8a:0c:5b:a0:d4: 2b:f9:1d:9e:01:b6:f5:34:1f:21:25:64:4c:3e:33: 46:01:f5:55:e6:86:2f:af:87:e9:f8:b8:dc:6c:a2: 24:70:b7:dc:2c:f9:0a:69:c0:ac:98:9e:14:a1:6c: 85:00:16:27:78:98:20:78:ef:87:60:0a:72:43:4b: 73:37:75:22:53:40:25:ba:e1:e0:af:2e:bb:fc:e3: 93:fd:4d:ff:4e:be:3d:7b:33:6b:b8:66:b5:0b:7a: af:87:ff:a1:97:c4:fd:b0:72:5b:92:1b:37:83:8a: 93:8e:ed:51:94:db:6e:78:ae:a1:68:55:a1:9f:6d: a8:51:28:9f:8e:d1:0f:84:f9:3a:e7:dd:9e:b9:a6: 7c:eb:c8:04:79:0d:f8:30:61:35:15:7c:83:96:95: e1:c6:1d:c8:c7:ff:38:f5:86:b8:05:a1:c7:0a:33: 71:6a:71:c7:05:f7:dc:72:4d:d4:20:89:0a:b1:d0: 90:42:61:32:c9:22:87:5a:1f:c1:c5:0e:74:9d:65: 22:9d:03:77:73:1a:3c:93:3f:73:b6:4e:83:d6:6c: 25:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:C9:64:A7:F2:07:6F:69:D2:2D:AA:C2:E7:8F:94:A7:92:34:19:9E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f0c7d8f-32e4-429a-818c-c680fe972a02.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:f000::/40 Signature Algorithm: sha256WithRSAEncryption 78:8e:a3:26:b2:99:f5:7f:e2:58:96:f2:02:bc:45:73:cf:d8: d8:24:be:7d:72:85:5f:af:da:8d:69:2d:d9:ae:8d:9f:1d:8a: 1d:6c:50:74:d9:14:ba:e6:eb:68:f2:5d:d4:93:fb:27:e2:99: 07:28:52:d0:0b:e5:f7:f9:e9:4f:84:8e:5a:e6:7a:f0:bf:b9: f0:35:2d:af:c9:8f:ad:e2:9b:6e:7b:af:75:76:c5:0a:38:39: 76:cc:43:fa:2e:f3:85:fd:b6:05:86:f2:98:ba:0b:4a:23:da: e6:a7:c6:1c:ae:11:13:6d:d2:db:0c:98:53:0d:07:2e:fb:c6: 00:9f:42:11:d1:16:9f:d4:37:58:3a:5c:a6:9f:b7:80:3d:e1: 8a:01:90:3e:ba:b3:c8:a9:3e:b6:82:6b:cf:2e:7e:a8:dd:47: 62:83:f2:b6:f2:3e:76:6a:2d:c4:83:7d:0a:28:e5:1e:e6:fa: 8f:51:c9:6b:d0:ca:44:93:0d:ba:ca:3d:ac:ea:5e:c6:23:ed: 01:8f:2b:79:d8:14:57:f1:99:4e:db:87:09:f1:06:8f:f5:89: 73:7c:25:72:99:4d:28:e7:ac:87:a5:62:ea:f3:5e:6e:90:17: d1:f9:88:40:23:fb:79:a0:93:a3:9f:76:6e:7f:41:02:3d:8e: 0a:09:5e:4d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcMzoCUB4gH1gKAPF6q03g4WqkzowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwMTAwMDA0N1oX DTI1MTIwNjIzNTk1OVowejFJMEcGA1UEBRNAODA2ZjRhMWQ0MmQxYjk0ZmRkYzAw NWQ5NGM1YzJlMDI5OTBlOTAxNTYzMTJlM2E3YWRkMTk3M2U4NDE3NzgzODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufoJrT9M5SITgM0t/XL6bsiV6I7x kfBieZ0eupnXJpBxmsB3KJkSigxboNQr+R2eAbb1NB8hJWRMPjNGAfVV5oYvr4fp +LjcbKIkcLfcLPkKacCsmJ4UoWyFABYneJggeO+HYApyQ0tzN3UiU0AluuHgry67 /OOT/U3/Tr49ezNruGa1C3qvh/+hl8T9sHJbkhs3g4qTju1RlNtueK6haFWhn22o USifjtEPhPk6592euaZ868gEeQ34MGE1FXyDlpXhxh3Ix/849Ya4BaHHCjNxanHH Bffcck3UIIkKsdCQQmEyySKHWh/BxQ50nWUinQN3cxo8kz9ztk6D1mwlaQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG3JZKfyB29p0i2qwuePlKeSNBmeMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVmMGM3ZDhmLTMyZTQtNDI5YS04MThjLWM2ODBmZTk3MmEwMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9PAwDQYJKoZIhvcNAQELBQADggEBAHiOoyaymfV/4liW8gK8 RXPP2Ngkvn1yhV+v2o1pLdmujZ8dih1sUHTZFLrm62jyXdST+yfimQcoUtAL5ff5 6U+EjlrmevC/ufA1La/Jj63im257r3V2xQo4OXbMQ/ou84X9tgWG8pi6C0oj2uan xhyuERNt0tsMmFMNBy77xgCfQhHRFp/UN1g6XKaft4A94YoBkD66s8ipPraCa88u fqjdR2KD8rbyPnZqLcSDfQoo5R7m+o9RyWvQykSTDbrKPazqXsYj7QGPK3nYFFfx mU7bhwnxBo/1iXN8JXKZTSjnrIelYurzXm6QF9H5iEAj+3mgk6Ofdm5/QQI9jgoJ Xk0= -----END CERTIFICATE-----Generated at Wed Nov 5 07:43:22 2025 by rpki-client