$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/710ed6f2-597f-48a7-930b-32584c274e6f.roa File: 710ed6f2-597f-48a7-930b-32584c274e6f.roa (raw, json) Hash identifier: R51U4mHht5/dZbLCOgZ6rv9SJ4Npq17TiZhGaMTSwY4= Subject key identifier: C2:3C:C9:F2:FF:20:46:55:9F:A3:BB:89:E5:EE:65:F4:38:3E:90:DE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 510CF503B175F67DD774CAE593E00B6C7F498FEE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/710ed6f2-597f-48a7-930b-32584c274e6f.roa Signing time: Tue 21 Oct 2025 00:00:08 +0000 ROA not before: Tue 21 Oct 2025 00:00:08 +0000 ROA not after: Tue 25 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daef:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:0c:f5:03:b1:75:f6:7d:d7:74:ca:e5:93:e0:0b:6c:7f:49:8f:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 21 00:00:08 2025 GMT Not After : Nov 25 23:59:59 2025 GMT Subject: serialNumber=585c5d4a8920c70168cfc8b516a3f1bf19d32c66cce27e64915143f99c81f23d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:28:6d:ed:f6:e1:7e:d3:c9:3d:74:97:83:56: ad:1e:5a:96:cd:47:81:cc:da:cc:4d:c5:12:5f:8a: 86:eb:95:11:96:92:2f:73:6f:20:4f:40:68:41:f8: 5a:9f:b6:92:63:86:eb:50:83:c9:d6:cf:d4:f2:ba: 76:aa:df:b9:60:b4:c9:37:08:e0:be:e9:30:98:c0: 65:af:94:1b:dc:ee:fc:1c:1c:ac:82:be:4e:ad:a2: 74:1d:c1:2f:2b:a3:c1:b2:ac:7b:9a:94:ad:2b:f2: 04:fd:7b:f5:c5:00:bf:73:a9:3e:ca:40:ca:81:e5: ea:bb:24:86:1c:44:32:d7:45:0f:84:45:c6:27:35: c3:17:2a:5b:8a:78:f5:82:28:d0:26:76:25:dd:7e: 61:ad:09:db:02:dd:5e:9e:3d:72:2d:24:b5:84:ff: 35:6a:ba:ba:af:55:94:e1:ba:9c:92:c6:05:ba:f2: 7d:e8:f8:3b:44:5b:b0:01:a6:8c:36:da:80:7d:41: be:06:5d:54:7f:51:3a:11:7d:57:4b:ec:53:f4:ed: d1:28:94:d0:5a:1e:59:1d:ca:0a:03:3f:40:1b:ab: 7d:d0:ff:2b:52:0d:a8:d8:c5:23:6b:8d:f6:d8:43: 64:28:b2:82:78:05:d7:16:7b:f1:81:cd:43:2c:bb: 9c:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:3C:C9:F2:FF:20:46:55:9F:A3:BB:89:E5:EE:65:F4:38:3E:90:DE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/710ed6f2-597f-48a7-930b-32584c274e6f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:8000::/40 Signature Algorithm: sha256WithRSAEncryption c7:4f:36:04:5d:70:2c:2a:09:11:4b:e1:12:b2:55:13:c7:1a: ff:f9:5c:06:61:db:f7:6a:62:f4:a2:71:af:e6:e5:06:96:0c: 06:34:41:ed:17:d3:bf:f1:92:88:d9:41:58:6f:77:e6:0d:f3: 09:5a:87:48:24:c9:7a:23:41:d3:6c:4a:4d:40:e3:ab:6d:54: 46:0a:06:1c:0d:a0:f8:ed:2c:74:d6:f8:d7:4d:cd:b8:bc:68: 59:e0:d3:f2:dd:05:e5:5d:be:94:8a:22:58:a8:b4:b2:6c:69: 46:84:ed:65:0a:5c:bd:33:12:c3:f6:e6:53:25:96:43:87:09: f6:da:03:8d:da:6b:f7:43:41:76:76:26:ba:a0:1d:72:db:5b: 32:67:f7:7e:52:21:31:8b:56:44:fc:38:d5:1a:61:88:26:9c: 78:a4:56:1c:ff:1c:a4:22:3e:16:66:bc:36:21:4e:91:09:c2: a4:b2:3f:47:5d:42:74:fb:bd:9e:3d:cb:06:32:17:cc:61:3a: 8d:28:6c:8c:e8:0c:00:2e:6b:f0:96:4f:a9:8a:69:c3:e4:6e: d1:76:11:52:aa:be:28:32:68:9a:f1:60:58:9f:1e:08:68:c5: 6b:3d:20:d9:17:73:75:b0:f9:aa:a4:36:15:c7:87:94:e6:eb: 54:e1:58:45 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUUQz1A7F19n3XdMrlk+ALbH9Jj+4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyMTAwMDAwOFoX DTI1MTEyNTIzNTk1OVowejFJMEcGA1UEBRNANTg1YzVkNGE4OTIwYzcwMTY4Y2Zj OGI1MTZhM2YxYmYxOWQzMmM2NmNjZTI3ZTY0OTE1MTQzZjk5YzgxZjIzZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCht7fbhftPJPXSXg1atHlqWzUeB zNrMTcUSX4qG65URlpIvc28gT0BoQfhan7aSY4brUIPJ1s/U8rp2qt+5YLTJNwjg vukwmMBlr5Qb3O78HBysgr5OraJ0HcEvK6PBsqx7mpStK/IE/Xv1xQC/c6k+ykDK geXquySGHEQy10UPhEXGJzXDFypbinj1gijQJnYl3X5hrQnbAt1enj1yLSS1hP81 arq6r1WU4bqcksYFuvJ96Pg7RFuwAaaMNtqAfUG+Bl1Uf1E6EX1XS+xT9O3RKJTQ Wh5ZHcoKAz9AG6t90P8rUg2o2MUja4322ENkKLKCeAXXFnvxgc1DLLucGwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMI8yfL/IEZVn6O7ieXuZfQ4PpDeMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcxMGVkNmYyLTU5N2YtNDhhNy05MzBiLTMyNTg0YzI3NGU2Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba74AwDQYJKoZIhvcNAQELBQADggEBAMdPNgRdcCwqCRFL4RKy VRPHGv/5XAZh2/dqYvSica/m5QaWDAY0Qe0X07/xkojZQVhvd+YN8wlah0gkyXoj QdNsSk1A46ttVEYKBhwNoPjtLHTW+NdNzbi8aFng0/LdBeVdvpSKIliotLJsaUaE 7WUKXL0zEsP25lMllkOHCfbaA43aa/dDQXZ2JrqgHXLbWzJn935SITGLVkT8ONUa YYgmnHikVhz/HKQiPhZmvDYhTpEJwqSyP0ddQnT7vZ49ywYyF8xhOo0obIzoDAAu a/CWT6mKacPkbtF2EVKqvigyaJrxYFifHghoxWs9INkXc3Ww+aqkNhXHh5Tm61Th WEU= -----END CERTIFICATE-----Generated at Wed Nov 5 05:42:05 2025 by rpki-client