$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cc7f81a9-6f4b-42c4-80d7-ad99343f49e1.roa File: cc7f81a9-6f4b-42c4-80d7-ad99343f49e1.roa (raw, json) Hash identifier: JgdXNJWQACvTjJ1p7KDpjxnQNo4vIzYVrwtSTy7pYSs= Subject key identifier: C6:4A:CF:AD:23:14:03:C1:6E:99:74:AF:7B:A4:B1:B3:12:DF:99:72 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 28EEA165EBF036AF7C3BF3846C7BB99F177BA2F6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cc7f81a9-6f4b-42c4-80d7-ad99343f49e1.roa Signing time: Fri 24 Oct 2025 00:00:22 +0000 ROA not before: Fri 24 Oct 2025 00:00:22 +0000 ROA not after: Fri 28 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da28:8000::/37 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:ee:a1:65:eb:f0:36:af:7c:3b:f3:84:6c:7b:b9:9f:17:7b:a2:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 24 00:00:22 2025 GMT Not After : Nov 28 23:59:59 2025 GMT Subject: serialNumber=373dced7280fbd9bcabc0d75e154ba1b5d91290d39500a7767dc233aef4f3c3c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:b9:e9:41:57:c9:b9:c9:45:65:e9:e5:db:58: fa:6d:6d:87:7c:83:cf:12:58:37:25:65:9f:bf:ae: 47:63:43:17:99:31:60:a2:df:05:0f:ef:de:9d:cf: a2:e7:d2:7b:92:d1:54:b7:8b:fa:22:88:0e:11:4a: 5a:3f:db:43:14:74:fd:e3:52:57:92:56:de:06:16: 39:67:fd:fd:1a:a2:7d:4b:24:d6:05:cc:eb:e7:37: e5:4d:b7:26:7c:b0:e7:e4:e5:ab:6a:ff:09:ed:a8: d8:61:3c:2f:90:8d:9a:34:f1:2f:24:6f:b0:19:a0: e6:05:80:90:b2:3b:50:a9:e7:56:05:e7:51:26:b3: b3:95:a5:d5:dd:af:ff:51:25:bc:b3:67:35:6b:26: 71:19:d3:b5:b5:45:9d:22:0a:e1:37:68:53:ad:ae: f3:c0:9b:e7:d1:03:4c:bc:4f:68:3c:46:b3:98:7e: 18:37:0c:36:7c:7e:9e:07:0f:fd:0a:04:76:9a:17: 55:6d:5b:7c:0b:ff:4d:5b:6c:cd:f2:13:e9:4e:52: 81:86:b3:29:e7:79:86:9d:35:21:db:6d:7e:57:61: 8b:40:91:6c:21:b8:f5:5a:f1:ce:cd:27:a7:f1:0e: e0:68:4d:7d:70:31:9b:f2:7c:4f:a9:e4:13:dd:f2: a4:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:4A:CF:AD:23:14:03:C1:6E:99:74:AF:7B:A4:B1:B3:12:DF:99:72 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cc7f81a9-6f4b-42c4-80d7-ad99343f49e1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da28:8000::/37 Signature Algorithm: sha256WithRSAEncryption 14:a4:0e:29:1a:b5:af:41:8b:23:fc:f8:d8:27:10:56:a3:d7: fb:36:85:40:9d:8d:1e:d6:40:47:33:11:ee:db:01:b0:f5:3d: a4:32:b2:43:7c:8f:c4:83:bf:5f:e9:48:16:ca:2a:03:ef:07: be:b6:84:20:35:1d:c4:64:28:68:0e:2f:1e:f4:81:4b:9e:36: 29:9c:3a:40:c8:be:ab:e2:7e:0d:de:06:71:11:35:11:f8:8d: 97:97:fb:60:41:19:4e:07:a6:69:2d:e1:c8:3d:84:bb:7a:36: 04:58:4c:89:55:fd:1c:f4:79:97:13:68:b2:91:49:2d:60:0a: 6e:ed:91:85:70:bb:18:cb:b8:07:c5:0d:1a:e6:c1:0a:b2:a9: 6b:40:91:20:d4:b7:a9:ce:c1:38:99:95:67:a8:7c:d9:0c:1e: b9:a2:39:66:80:da:f3:8b:16:7f:8c:01:e9:00:90:61:25:68: b9:a2:ea:2e:ee:74:f6:27:35:ac:ca:5f:31:db:79:1a:28:7d: f4:6d:c7:b8:93:24:33:e2:69:1b:87:30:98:3c:ae:6d:e3:ae: 04:b4:09:d4:f4:62:54:46:66:10:f5:fe:4b:8a:76:e2:f9:d1: 75:1a:2b:dd:f8:3b:40:4a:6b:c9:a9:6a:7e:58:ad:eb:b8:17: 35:2f:10:22 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKO6hZevwNq98O/OEbHu5nxd7ovYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyNDAwMDAyMloX DTI1MTEyODIzNTk1OVowejFJMEcGA1UEBRNAMzczZGNlZDcyODBmYmQ5YmNhYmMw ZDc1ZTE1NGJhMWI1ZDkxMjkwZDM5NTAwYTc3NjdkYzIzM2FlZjRmM2MzYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrnpQVfJuclFZenl21j6bW2HfIPP Elg3JWWfv65HY0MXmTFgot8FD+/enc+i59J7ktFUt4v6IogOEUpaP9tDFHT941JX klbeBhY5Z/39GqJ9SyTWBczr5zflTbcmfLDn5OWrav8J7ajYYTwvkI2aNPEvJG+w GaDmBYCQsjtQqedWBedRJrOzlaXV3a//USW8s2c1ayZxGdO1tUWdIgrhN2hTra7z wJvn0QNMvE9oPEazmH4YNww2fH6eBw/9CgR2mhdVbVt8C/9NW2zN8hPpTlKBhrMp 53mGnTUh221+V2GLQJFsIbj1WvHOzSen8Q7gaE19cDGb8nxPqeQT3fKkkQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMZKz60jFAPBbpl0r3uksbMS35lyMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NjN2Y4MWE5LTZmNGItNDJjNC04MGQ3LWFkOTkzNDNmNDllMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYDJAbaKIAwDQYJKoZIhvcNAQELBQADggEBABSkDikata9BiyP8+Ngn EFaj1/s2hUCdjR7WQEczEe7bAbD1PaQyskN8j8SDv1/pSBbKKgPvB762hCA1HcRk KGgOLx70gUueNimcOkDIvqvifg3eBnERNRH4jZeX+2BBGU4Hpmkt4cg9hLt6NgRY TIlV/Rz0eZcTaLKRSS1gCm7tkYVwuxjLuAfFDRrmwQqyqWtAkSDUt6nOwTiZlWeo fNkMHrmiOWaA2vOLFn+MAekAkGElaLmi6i7udPYnNazKXzHbeRooffRtx7iTJDPi aRuHMJg8rm3jrgS0CdT0YlRGZhD1/kuKduL50XUaK934O0BKa8mpan5Yreu4FzUv ECI= -----END CERTIFICATE-----Generated at Wed Nov 5 09:49:58 2025 by rpki-client