$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bcf07491-4148-4ad5-82e1-58df8b2e226c.roa File: bcf07491-4148-4ad5-82e1-58df8b2e226c.roa (raw, json) Hash identifier: LeTtJNpdWxk7hLfaTnTj7T8e2jJ84vcN968OX9EvvOQ= Subject key identifier: 35:D0:08:80:BF:66:32:F5:E3:02:FB:8F:B2:82:16:AD:7A:3E:C3:66 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 242E750DEB4D761ED8FABAE906CE9621003817A5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bcf07491-4148-4ad5-82e1-58df8b2e226c.roa Signing time: Wed 29 Oct 2025 07:37:57 +0000 ROA not before: Wed 29 Oct 2025 07:37:57 +0000 ROA not after: Wed 03 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:40c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:2e:75:0d:eb:4d:76:1e:d8:fa:ba:e9:06:ce:96:21:00:38:17:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 29 07:37:57 2025 GMT Not After : Dec 3 23:59:59 2025 GMT Subject: serialNumber=69348c375c0b81737e57598d1063d18e404602c8413272d5faef49f1ea45acd2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:c0:af:6d:de:48:2b:ab:cf:86:eb:9f:8a:25: a1:94:c0:bc:f5:58:ed:cb:11:de:7d:60:36:18:0c: e4:4d:a1:01:9f:bd:f9:69:c3:0e:37:79:54:ce:0c: 84:6b:61:43:f9:57:ce:2a:a5:50:4c:74:be:b1:36: f4:5c:72:74:ad:e4:91:61:f5:91:7c:72:0d:0a:6d: 97:95:f0:27:95:ce:65:c2:4e:9a:d8:89:62:d7:38: 0f:5d:62:e3:34:14:e3:51:0a:63:9c:2b:49:83:4f: b1:42:d2:46:8a:1e:3f:40:88:5c:6e:93:08:22:81: 87:0d:c8:7a:2c:fe:2b:e8:d3:59:a1:0f:c4:99:1d: 8a:c7:d9:7d:0a:2d:3c:67:6a:48:27:88:3d:89:a1: 76:fc:f7:29:f7:49:75:2e:ff:98:a4:29:e2:43:ef: 74:42:bd:4f:df:72:8e:49:91:00:19:42:df:31:9a: 19:cd:74:c1:48:d0:fe:a9:b6:73:35:85:b4:dc:6c: 5d:ab:a9:07:99:56:9a:27:7a:2b:af:40:a2:ba:7c: 61:db:73:7d:a0:72:9b:5a:3d:8a:21:64:21:b4:46: 9d:ba:91:2e:1b:6d:80:93:8c:b1:a8:60:78:76:f4: ff:e0:56:06:ac:f7:73:d7:fe:95:47:ed:cf:11:f8: 51:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:D0:08:80:BF:66:32:F5:E3:02:FB:8F:B2:82:16:AD:7A:3E:C3:66 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bcf07491-4148-4ad5-82e1-58df8b2e226c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:40c0::/48 Signature Algorithm: sha256WithRSAEncryption a5:47:37:eb:33:28:63:63:ea:b5:c0:f5:69:06:9e:73:c0:ea: 5f:bd:55:ec:59:71:bb:2f:cf:e1:6f:4c:4f:9d:16:af:77:eb: 68:a1:bb:d5:6a:e0:f9:d1:47:ca:d1:9e:17:5f:f1:02:bb:50: 10:fa:80:72:4d:4d:1d:b6:62:72:da:c3:1d:22:ff:4b:de:ba: b5:95:3a:e9:4f:55:f9:fb:8c:b5:e6:59:cb:c3:4b:0c:2e:63: d1:56:fe:ea:17:12:df:10:ef:0d:8c:09:5b:3c:da:71:f7:95: 00:8b:f0:77:0b:87:3c:66:e0:8c:8c:1a:25:56:cc:7a:be:9a: 15:f8:ec:2c:ad:98:36:63:f8:f4:92:a0:ed:c7:2e:81:12:d8: fc:13:1c:45:f5:9b:36:4b:b8:b3:31:c8:07:39:3b:1f:06:66: ad:bb:8e:ba:6d:0f:36:e4:11:7c:0a:da:7d:44:14:ca:e1:6b: c1:fd:07:3b:bf:de:f9:c5:bf:5a:bb:fe:f6:49:fd:e4:53:87: 67:35:26:b1:46:af:53:8f:2a:54:42:0a:85:54:ad:f6:52:e6: e1:db:29:55:ef:a8:eb:f1:93:b5:18:ae:1b:d3:e0:4b:8f:7e: 32:7c:23:d3:11:04:39:08:58:5d:04:f8:f5:c4:d7:d3:f9:9f: 6c:a3:ef:f0 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUJC51DetNdh7Y+rrpBs6WIQA4F6UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyOTA3Mzc1N1oX DTI1MTIwMzIzNTk1OVowejFJMEcGA1UEBRNANjkzNDhjMzc1YzBiODE3MzdlNTc1 OThkMTA2M2QxOGU0MDQ2MDJjODQxMzI3MmQ1ZmFlZjQ5ZjFlYTQ1YWNkMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMCvbd5IK6vPhuufiiWhlMC89Vjt yxHefWA2GAzkTaEBn735acMON3lUzgyEa2FD+VfOKqVQTHS+sTb0XHJ0reSRYfWR fHINCm2XlfAnlc5lwk6a2Ili1zgPXWLjNBTjUQpjnCtJg0+xQtJGih4/QIhcbpMI IoGHDch6LP4r6NNZoQ/EmR2Kx9l9Ci08Z2pIJ4g9iaF2/Pcp90l1Lv+YpCniQ+90 Qr1P33KOSZEAGULfMZoZzXTBSND+qbZzNYW03Gxdq6kHmVaaJ3orr0Ciunxh23N9 oHKbWj2KIWQhtEadupEuG22Ak4yxqGB4dvT/4FYGrPdz1/6VR+3PEfhRCQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDXQCIC/ZjL14wL7j7KCFq16PsNmMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JjZjA3NDkxLTQxNDgtNGFkNS04MmUxLTU4ZGY4YjJlMjI2Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6kDAMA0GCSqGSIb3DQEBCwUAA4IBAQClRzfrMyhjY+q1wPVp Bp5zwOpfvVXsWXG7L8/hb0xPnRavd+toobvVauD50UfK0Z4XX/ECu1AQ+oByTU0d tmJy2sMdIv9L3rq1lTrpT1X5+4y15lnLw0sMLmPRVv7qFxLfEO8NjAlbPNpx95UA i/B3C4c8ZuCMjBolVsx6vpoV+OwsrZg2Y/j0kqDtxy6BEtj8ExxF9Zs2S7izMcgH OTsfBmatu466bQ825BF8Ctp9RBTK4WvB/Qc7v975xb9au/72Sf3kU4dnNSaxRq9T jypUQgqFVK32Uubh2ylV76jr8ZO1GK4b0+BLj34yfCPTEQQ5CFhdBPj1xNfT+Z9s o+/w -----END CERTIFICATE-----Generated at Wed Nov 5 10:54:20 2025 by rpki-client