$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b00b4bd-a92b-43ae-b31e-fca60c8d760c.roa File: 1b00b4bd-a92b-43ae-b31e-fca60c8d760c.roa (raw, json) Hash identifier: hZj5yqJyIQTtRXybuYTIFVMZunuXyFk4u7B1mI+/2MQ= Subject key identifier: 8F:89:CE:86:76:ED:6C:82:B5:FF:5E:37:D4:9C:EF:E5:3F:4B:9D:BF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1D6E5508CF8AFB8715EAF56F6DF0F06A830B810E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b00b4bd-a92b-43ae-b31e-fca60c8d760c.roa Signing time: Tue 07 Oct 2025 00:00:07 +0000 ROA not before: Tue 07 Oct 2025 00:00:07 +0000 ROA not after: Tue 11 Nov 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daf4:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 Oct 2025 00:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:6e:55:08:cf:8a:fb:87:15:ea:f5:6f:6d:f0:f0:6a:83:0b:81:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 7 00:00:07 2025 GMT Not After : Nov 11 23:59:59 2025 GMT Subject: serialNumber=e173392834b40eb34b31fb593d47d89fbd6786a743477219dbdec2190468a637, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:ed:a2:92:de:9f:59:e6:aa:f7:56:11:05:bc: aa:42:27:8f:51:6c:1d:e9:3a:66:f8:15:7a:cf:4e: 4f:56:54:ea:90:08:36:f9:57:ab:84:cb:b3:bd:28: aa:54:d6:16:76:94:14:90:b3:b2:ae:09:81:a1:30: 71:a9:4c:35:67:92:55:24:b4:7a:12:24:d9:a9:df: b9:7a:a3:39:c5:c4:4f:c8:2b:a8:c0:9b:a0:5d:f4: b4:a1:53:bd:48:26:06:0e:42:95:2f:37:e3:02:66: 4c:ca:bf:a0:81:d7:5a:c5:8d:2a:40:5f:5b:cc:70: e8:25:ed:cc:16:67:44:c5:cc:65:41:c1:40:36:87: 6c:a0:e8:17:97:cd:56:54:5f:8c:30:2b:33:68:58: de:63:f0:f7:d7:43:43:9f:a3:ef:76:25:6c:97:8c: 89:ce:44:bf:42:15:75:c4:48:e8:f9:b9:73:a7:a7: 30:98:d5:49:e2:44:64:78:30:4e:1f:31:6d:8f:15: ff:05:e2:28:79:d8:90:58:07:ae:80:37:a8:aa:0c: 49:1d:d4:e4:9e:32:4d:c3:b3:d3:9b:12:59:18:f1: 53:b8:2e:82:cf:08:1a:24:29:8b:22:72:9e:72:59: 83:e7:d5:cd:13:9e:04:70:43:f5:e1:a6:4c:24:c6: df:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:89:CE:86:76:ED:6C:82:B5:FF:5E:37:D4:9C:EF:E5:3F:4B:9D:BF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1b00b4bd-a92b-43ae-b31e-fca60c8d760c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:800::/40 Signature Algorithm: sha256WithRSAEncryption a7:6d:85:8f:72:a5:c9:71:36:71:ca:43:ca:8a:75:b0:06:61: 28:bf:ff:b6:f4:05:a9:52:f6:41:04:c0:9b:16:1e:cb:52:5d: 62:7a:0c:f4:ce:e7:93:b5:36:c7:75:7b:de:aa:90:2b:30:ea: 19:4c:61:39:70:21:fc:f5:9c:e6:ad:eb:c7:ec:9e:42:40:fe: 86:b7:44:4d:a0:8c:3d:9d:9e:82:98:f9:a0:ad:c8:9c:ba:cb: 2e:dc:24:00:e7:c7:f3:1a:15:67:40:40:36:36:99:00:36:06: 56:8d:58:cc:f3:67:66:dc:bd:01:b5:f1:e3:61:9d:5e:c5:1d: 1f:cf:e1:97:02:0a:76:84:70:6e:a9:ac:69:92:63:85:31:50: 27:72:eb:5b:91:ac:f0:bb:f9:84:7e:8b:ae:a8:a8:b6:9b:6e: 31:de:61:b3:de:22:bb:46:16:a2:d0:d6:0f:ab:e6:a6:da:81: e4:63:73:09:fc:fb:aa:38:c1:f2:13:77:a4:f4:46:5b:5d:6a: 07:4f:0c:af:2c:0d:b6:78:8f:f5:b7:9e:78:14:42:a3:de:9c: 10:9c:19:04:ba:7a:66:df:4c:c0:ac:82:46:02:4d:57:25:42: 89:6a:c8:f7:b3:7c:d2:22:6d:54:f4:28:8e:38:a0:0c:d6:0f: 18:cd:5e:d7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUHW5VCM+K+4cV6vVvbfDwaoMLgQ4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNzAwMDAwN1oX DTI1MTExMTIzNTk1OVowejFJMEcGA1UEBRNAZTE3MzM5MjgzNGI0MGViMzRiMzFm YjU5M2Q0N2Q4OWZiZDY3ODZhNzQzNDc3MjE5ZGJkZWMyMTkwNDY4YTYzNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+2ikt6fWeaq91YRBbyqQiePUWwd 6Tpm+BV6z05PVlTqkAg2+VerhMuzvSiqVNYWdpQUkLOyrgmBoTBxqUw1Z5JVJLR6 EiTZqd+5eqM5xcRPyCuowJugXfS0oVO9SCYGDkKVLzfjAmZMyr+ggddaxY0qQF9b zHDoJe3MFmdExcxlQcFANodsoOgXl81WVF+MMCszaFjeY/D310NDn6PvdiVsl4yJ zkS/QhV1xEjo+blzp6cwmNVJ4kRkeDBOHzFtjxX/BeIoediQWAeugDeoqgxJHdTk njJNw7PTmxJZGPFTuC6CzwgaJCmLInKeclmD59XNE54EcEP14aZMJMbf8QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFI+JzoZ27WyCtf9eN9Sc7+U/S52/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFiMDBiNGJkLWE5MmItNDNhZS1iMzFlLWZjYTYwYzhkNzYwYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9AgwDQYJKoZIhvcNAQELBQADggEBAKdthY9ypclxNnHKQ8qK dbAGYSi//7b0BalS9kEEwJsWHstSXWJ6DPTO55O1Nsd1e96qkCsw6hlMYTlwIfz1 nOat68fsnkJA/oa3RE2gjD2dnoKY+aCtyJy6yy7cJADnx/MaFWdAQDY2mQA2BlaN WMzzZ2bcvQG18eNhnV7FHR/P4ZcCCnaEcG6prGmSY4UxUCdy61uRrPC7+YR+i66o qLabbjHeYbPeIrtGFqLQ1g+r5qbageRjcwn8+6o4wfITd6T0RltdagdPDK8sDbZ4 j/W3nngUQqPenBCcGQS6embfTMCsgkYCTVclQolqyPezfNIibVT0KI44oAzWDxjN Xtc= -----END CERTIFICATE-----Generated at Wed Oct 8 23:10:22 2025 by rpki-client