$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fd2b2e92-17ea-4b49-b199-9af23a32900f.roa File: fd2b2e92-17ea-4b49-b199-9af23a32900f.roa (raw, json) Hash identifier: d0F3KqHUWc89fHJ5d6UdofwjKMW6BxsbxeYZ+790L1U= Subject key identifier: 14:DA:E2:7D:D2:39:B0:A8:D9:28:FA:3E:C3:FE:FE:22:F4:05:47:B5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 705D86AE358C492B862C21D155286610C7732738 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fd2b2e92-17ea-4b49-b199-9af23a32900f.roa Signing time: Tue 21 Oct 2025 00:00:42 +0000 ROA not before: Tue 21 Oct 2025 00:00:42 +0000 ROA not after: Tue 25 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da2a:8800::/37 maxlen: 37 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:5d:86:ae:35:8c:49:2b:86:2c:21:d1:55:28:66:10:c7:73:27:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 21 00:00:42 2025 GMT Not After : Nov 25 23:59:59 2025 GMT Subject: serialNumber=08c0d9e77fe9f968a8926815a5d1e5d88342a857a4be42fa6e05211b457f33ee, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:a5:ae:90:d9:92:0c:1a:66:d4:13:da:f7:32: 75:86:61:4e:0f:3c:39:4c:33:78:c7:87:e8:8e:07: b4:25:ae:19:b2:06:bb:8b:73:9a:fa:7c:19:1f:76: 11:74:35:56:03:6d:7f:3e:24:cd:00:dd:c8:e0:51: 94:61:65:f3:ef:71:d6:63:fa:25:57:ef:44:5c:ec: 3d:c0:78:37:de:82:76:e2:de:3f:c0:3a:70:ca:89: 1e:7a:35:df:ce:01:2d:ef:33:90:8b:ff:6b:2c:50: 35:a2:6a:37:8a:fa:da:bd:44:e0:6c:1f:dc:cb:1f: 88:7e:ec:f8:03:d0:28:9d:fd:ce:ae:49:8a:c0:0b: d4:fa:a0:e2:8c:b2:19:6a:9a:61:5f:e1:22:ee:ce: 8d:65:7d:09:9c:b6:53:c6:fb:40:72:3d:1f:6d:ef: 99:bc:d8:10:70:c9:60:1f:52:59:2e:b8:86:02:25: 3c:c7:7d:6a:1d:ce:79:e5:5f:56:9f:87:5a:33:3d: ba:2e:49:93:37:2a:99:c3:9d:36:6b:c6:03:93:d3: 81:cc:6a:84:bb:2c:11:9e:81:37:36:b7:99:01:3b: 8e:68:1f:c8:ad:a3:48:ce:74:25:72:09:19:65:5c: 23:8e:4a:da:98:3c:a7:f8:f0:ed:47:e4:4e:22:17: a2:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:DA:E2:7D:D2:39:B0:A8:D9:28:FA:3E:C3:FE:FE:22:F4:05:47:B5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fd2b2e92-17ea-4b49-b199-9af23a32900f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da2a:8800::/37 Signature Algorithm: sha256WithRSAEncryption 8a:12:54:cb:54:55:f5:86:1e:50:20:2a:6d:d4:1e:d6:cb:ae: 06:c5:15:62:f3:0a:2b:4d:d1:f4:e6:e4:63:cc:4a:b1:0f:8a: 98:41:c6:aa:9b:75:b4:86:35:9d:43:18:6e:c8:c5:35:69:b8: c8:70:ea:e2:37:09:af:4f:cd:5c:d9:4b:25:83:df:c6:93:58: d3:fb:f8:41:4b:b5:2e:63:fe:46:78:87:57:67:3e:6c:cf:7f: bc:d5:74:23:1e:59:33:01:2c:8a:3a:52:80:a4:3f:79:6b:57: ca:ab:ca:67:81:e5:38:0d:b0:f9:a5:e8:30:3d:72:a6:d7:80: 22:82:8a:4f:d2:ac:d0:86:90:4f:ed:6a:7b:c2:b3:21:38:ba: 86:e8:1c:ca:11:2b:02:de:c8:8c:49:64:ce:c5:42:93:11:39: b4:c9:b2:9c:f7:5d:b3:56:9e:5b:d9:a9:a3:2e:74:7d:4f:14: c7:a0:98:03:70:85:45:df:06:c6:3f:63:cf:4f:f0:bc:21:5a: f4:43:ad:4e:96:c4:b4:6a:77:9c:f3:b9:a5:b3:29:6c:8d:9c: 35:f7:47:ac:e4:df:68:f5:65:b4:73:ea:28:2a:5e:5c:33:2b: 8a:a7:f7:46:1c:f1:eb:74:ae:7d:5f:e8:3f:fb:2b:9b:61:cb: ef:82:c3:71 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcF2GrjWMSSuGLCHRVShmEMdzJzgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyMTAwMDA0MloX DTI1MTEyNTIzNTk1OVowejFJMEcGA1UEBRNAMDhjMGQ5ZTc3ZmU5Zjk2OGE4OTI2 ODE1YTVkMWU1ZDg4MzQyYTg1N2E0YmU0MmZhNmUwNTIxMWI0NTdmMzNlZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6WukNmSDBpm1BPa9zJ1hmFODzw5 TDN4x4fojge0Ja4Zsga7i3Oa+nwZH3YRdDVWA21/PiTNAN3I4FGUYWXz73HWY/ol V+9EXOw9wHg33oJ24t4/wDpwyokeejXfzgEt7zOQi/9rLFA1omo3ivravUTgbB/c yx+Ifuz4A9Aonf3OrkmKwAvU+qDijLIZapphX+Ei7s6NZX0JnLZTxvtAcj0fbe+Z vNgQcMlgH1JZLriGAiU8x31qHc555V9Wn4daMz26LkmTNyqZw502a8YDk9OBzGqE uywRnoE3NreZATuOaB/IraNIznQlcgkZZVwjjkramDyn+PDtR+ROIheiXQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBTa4n3SObCo2Sj6PsP+/iL0BUe1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZkMmIyZTkyLTE3ZWEtNGI0OS1iMTk5LTlhZjIzYTMyOTAwZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYDJAbaKogwDQYJKoZIhvcNAQELBQADggEBAIoSVMtUVfWGHlAgKm3U HtbLrgbFFWLzCitN0fTm5GPMSrEPiphBxqqbdbSGNZ1DGG7IxTVpuMhw6uI3Ca9P zVzZSyWD38aTWNP7+EFLtS5j/kZ4h1dnPmzPf7zVdCMeWTMBLIo6UoCkP3lrV8qr ymeB5TgNsPml6DA9cqbXgCKCik/SrNCGkE/tanvCsyE4uoboHMoRKwLeyIxJZM7F QpMRObTJspz3XbNWnlvZqaMudH1PFMegmANwhUXfBsY/Y89P8LwhWvRDrU6WxLRq d5zzuaWzKWyNnDX3R6zk32j1ZbRz6igqXlwzK4qn90Yc8et0rn1f6D/7K5thy++C w3E= -----END CERTIFICATE-----Generated at Wed Nov 5 09:51:22 2025 by rpki-client