$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d57e8e3c-8605-46f3-8465-e0a444cd661d.roa File: d57e8e3c-8605-46f3-8465-e0a444cd661d.roa (raw, json) Hash identifier: /KUkQ7SN/WHKuF40ZfHdPMQYfC+E+xl9nO+CjJfNImc= Subject key identifier: B6:16:DE:EE:8B:EC:FA:4A:A2:A5:8E:A3:36:C2:83:AA:21:41:99:59 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0A338E4BEF1FB67115204514601927F203C2C7A7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d57e8e3c-8605-46f3-8465-e0a444cd661d.roa Signing time: Tue 21 Oct 2025 00:00:04 +0000 ROA not before: Tue 21 Oct 2025 00:00:04 +0000 ROA not after: Tue 25 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:33:8e:4b:ef:1f:b6:71:15:20:45:14:60:19:27:f2:03:c2:c7:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 21 00:00:04 2025 GMT Not After : Nov 25 23:59:59 2025 GMT Subject: serialNumber=23885ef008bea956d6d681e7e57493a1c3df58133e1cd872b5a74b6e5a214919, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:27:98:cf:b5:56:a7:c7:56:8e:81:1c:58:4a: 77:ae:83:88:77:51:c0:0d:52:1b:02:92:0f:37:cd: 4e:48:3b:0b:7b:00:23:62:bd:dd:9a:68:62:88:ec: 49:a6:0f:32:dc:16:2f:e9:76:ee:2b:98:15:f9:bb: a9:6b:d5:83:1a:a5:ca:f5:3b:ed:07:6e:97:ac:09: 4f:60:dd:08:ad:26:3c:55:8c:15:46:ec:ec:b1:01: d2:36:77:81:37:f7:77:f5:fc:98:fe:37:b6:46:21: db:3d:6d:6f:7e:65:35:4c:6a:72:18:0a:ad:d9:c6: 03:a8:20:d4:18:bc:9d:00:e9:58:ed:29:8d:a9:e7: 55:f9:15:2c:89:8b:89:9d:24:fc:d9:10:0a:63:4c: 0b:f7:2f:82:dc:70:0a:7e:83:60:22:68:95:b7:ee: c6:44:3c:f4:b2:7f:69:80:22:81:79:42:8e:41:06: 57:14:d8:f7:cf:6c:86:fa:8b:30:40:07:45:69:78: 18:e7:d7:8f:e6:92:ad:51:10:0a:9d:54:5c:55:9c: 07:a9:70:aa:4e:3e:2c:90:79:88:0c:8d:39:61:fa: dc:62:2f:c4:d3:64:80:74:23:e9:4b:5d:8e:d3:f3: 2a:41:6f:4c:66:21:42:f0:ca:f4:55:e8:08:a1:6c: fd:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:16:DE:EE:8B:EC:FA:4A:A2:A5:8E:A3:36:C2:83:AA:21:41:99:59 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d57e8e3c-8605-46f3-8465-e0a444cd661d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:8800::/40 Signature Algorithm: sha256WithRSAEncryption 64:51:9c:7c:c9:7d:75:15:13:09:c6:08:19:ee:a4:11:5f:3d: 28:4d:68:85:7c:91:7b:3f:35:5a:b2:6c:d4:1b:33:1b:da:e4: 9f:cc:3f:42:b2:6b:45:3c:a3:49:1b:20:4d:3b:bd:cb:47:fa: 9d:74:9d:c5:6b:41:47:94:83:00:50:20:e0:80:b1:78:0a:b9: 2e:8d:8f:2d:34:4e:66:68:c4:c3:10:fc:8a:3e:b1:3a:72:d2: d6:51:9e:33:aa:10:2e:ce:53:fe:75:42:40:4b:61:f1:6e:d2: a7:f3:37:a9:48:7c:79:59:03:40:24:4d:a8:5c:65:7d:50:0a: 13:5f:fb:0f:37:31:64:fe:fd:bd:0f:39:98:44:95:ca:e3:a1: f5:69:6b:9a:61:5d:fb:b0:53:f5:3a:f6:12:d7:69:b2:60:5e: 16:18:2e:1f:85:01:a4:04:80:8d:9d:70:01:7b:90:14:97:c3: 21:f7:60:41:24:0c:15:23:f5:28:7b:a2:84:56:bd:d5:10:c0: e1:d6:66:3b:d3:1f:69:88:78:8e:19:f8:38:79:82:44:56:1c: dd:2c:cb:8f:fc:03:01:32:31:35:88:8a:21:c7:2e:a2:e9:fc: 16:a5:e1:77:62:53:db:84:5f:e8:b5:5c:da:d3:ad:29:14:55: a8:73:8e:72 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCjOOS+8ftnEVIEUUYBkn8gPCx6cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyMTAwMDAwNFoX DTI1MTEyNTIzNTk1OVowejFJMEcGA1UEBRNAMjM4ODVlZjAwOGJlYTk1NmQ2ZDY4 MWU3ZTU3NDkzYTFjM2RmNTgxMzNlMWNkODcyYjVhNzRiNmU1YTIxNDkxOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSeYz7VWp8dWjoEcWEp3roOId1HA DVIbApIPN81OSDsLewAjYr3dmmhiiOxJpg8y3BYv6XbuK5gV+bupa9WDGqXK9Tvt B26XrAlPYN0IrSY8VYwVRuzssQHSNneBN/d39fyY/je2RiHbPW1vfmU1TGpyGAqt 2cYDqCDUGLydAOlY7SmNqedV+RUsiYuJnST82RAKY0wL9y+C3HAKfoNgImiVt+7G RDz0sn9pgCKBeUKOQQZXFNj3z2yG+oswQAdFaXgY59eP5pKtURAKnVRcVZwHqXCq Tj4skHmIDI05YfrcYi/E02SAdCPpS12O0/MqQW9MZiFC8Mr0VegIoWz9tQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLYW3u6L7PpKoqWOozbCg6ohQZlZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q1N2U4ZTNjLTg2MDUtNDZmMy04NDY1LWUwYTQ0NGNkNjYxZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaIgwDQYJKoZIhvcNAQELBQADggEBAGRRnHzJfXUVEwnGCBnu pBFfPShNaIV8kXs/NVqybNQbMxva5J/MP0Kya0U8o0kbIE07vctH+p10ncVrQUeU gwBQIOCAsXgKuS6Njy00TmZoxMMQ/Io+sTpy0tZRnjOqEC7OU/51QkBLYfFu0qfz N6lIfHlZA0AkTahcZX1QChNf+w83MWT+/b0POZhElcrjofVpa5phXfuwU/U69hLX abJgXhYYLh+FAaQEgI2dcAF7kBSXwyH3YEEkDBUj9Sh7ooRWvdUQwOHWZjvTH2mI eI4Z+Dh5gkRWHN0sy4/8AwEyMTWIiiHHLqLp/Bal4XdiU9uEX+i1XNrTrSkUVahz jnI= -----END CERTIFICATE-----Generated at Wed Nov 5 07:50:16 2025 by rpki-client