$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5421f030-bd8e-457e-b9e5-ffbc49afebe1.roa File: 5421f030-bd8e-457e-b9e5-ffbc49afebe1.roa (raw, json) Hash identifier: QwgiYS+RAI8jTidyQZTje84KzZEOzd5PLHvh3A6PsLE= Subject key identifier: F2:0E:57:AF:76:7B:8F:5A:D6:5D:FF:5C:5C:02:D6:D7:51:47:4D:B1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2442F97B9E23E1D2ABB4A93EA488E033E1214729 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5421f030-bd8e-457e-b9e5-ffbc49afebe1.roa Signing time: Tue 07 Oct 2025 00:00:48 +0000 ROA not before: Tue 07 Oct 2025 00:00:48 +0000 ROA not after: Tue 11 Nov 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:dab9:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 Oct 2025 00:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:42:f9:7b:9e:23:e1:d2:ab:b4:a9:3e:a4:88:e0:33:e1:21:47:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 7 00:00:48 2025 GMT Not After : Nov 11 23:59:59 2025 GMT Subject: serialNumber=e03bdd3d2fc27b97205b91fa47dfb09baff339d763543e537db89a75cda81ef7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:09:67:cc:35:d9:e3:fe:7b:1b:99:cb:b6:3d: cb:33:af:fc:88:05:3f:02:20:7c:b0:52:db:72:4b: 8f:13:96:83:bf:9b:17:89:b3:13:dd:69:66:76:69: 86:76:fa:9e:34:8a:a6:4c:0f:18:a3:6d:9f:5c:f6: ba:6c:05:17:2f:b4:a5:18:d4:eb:09:b7:d2:09:52: 96:46:ac:78:c5:0d:97:f9:1e:e8:cc:61:08:7f:d1: 83:54:6f:fc:fe:c3:0f:16:95:75:72:fa:35:4e:40: 4d:69:e9:7d:4b:52:e2:fe:e6:be:84:92:7f:ea:91: d8:99:04:9a:2b:e1:4c:c6:8b:e6:88:f7:16:78:43: 6b:e8:40:41:dd:af:17:db:45:ba:a2:cc:00:f6:d3: c1:e9:21:89:3e:dd:ee:46:8e:6f:d3:86:b0:28:04: 23:7c:a3:4e:d3:91:9f:b0:43:ce:29:ec:a5:88:d2: 57:05:48:00:88:d9:3d:7a:f6:64:8f:e4:b2:d4:08: 45:df:37:d2:b1:d7:8c:7e:6b:5e:b9:85:e0:9b:e9: 4c:3c:71:80:47:cb:57:9a:eb:dd:63:f0:7a:6d:81: 0f:8a:f4:74:b2:b8:ba:01:8c:98:a2:61:6c:96:17: 7c:45:78:ec:47:24:4b:67:5c:21:11:16:19:07:64: 1e:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:0E:57:AF:76:7B:8F:5A:D6:5D:FF:5C:5C:02:D6:D7:51:47:4D:B1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5421f030-bd8e-457e-b9e5-ffbc49afebe1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:b000::/40 Signature Algorithm: sha256WithRSAEncryption 50:7d:d0:de:d2:a7:25:8a:e3:a1:ae:ff:2b:ce:be:94:14:b2: 25:a8:56:2b:6d:22:43:09:f7:b6:f4:9e:ff:8f:3b:f9:71:10: 3c:86:5e:72:3c:7b:bb:cd:31:01:f5:d1:e7:4f:e8:9c:68:89: c2:b3:62:71:2f:41:09:a7:5b:aa:9a:13:09:2e:10:ad:bd:ed: 57:f7:f1:8b:51:a8:7c:18:c2:83:76:95:30:00:b1:18:dd:23: c1:61:c6:48:b5:13:ca:9a:b7:d7:b0:00:4d:03:29:55:ad:07: 93:df:2c:25:a9:2a:7a:99:11:9b:bf:52:ed:a1:3b:37:cc:96: 83:f5:83:8e:d7:a8:41:a6:15:b1:21:d8:a7:bf:e7:a5:d3:a3: 7c:58:69:cd:64:84:d3:6f:e5:d2:40:08:49:88:64:60:25:78: 16:87:37:1f:b2:80:f1:06:56:bf:76:5b:92:09:47:d0:2a:b0: bf:27:e0:ab:78:d0:1d:95:e2:ef:7a:dc:d7:46:d6:8f:44:d9: 6c:39:cf:41:0a:3c:af:d2:96:74:67:23:43:80:f6:46:12:20: 43:cf:4b:49:54:f4:e2:b9:29:f8:1b:bd:25:a1:4c:2e:09:8f: 42:84:ec:e4:de:cf:d0:13:b0:d5:b9:60:60:29:f6:8d:32:88: fc:39:b3:22 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJEL5e54j4dKrtKk+pIjgM+EhRykwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNzAwMDA0OFoX DTI1MTExMTIzNTk1OVowejFJMEcGA1UEBRNAZTAzYmRkM2QyZmMyN2I5NzIwNWI5 MWZhNDdkZmIwOWJhZmYzMzlkNzYzNTQzZTUzN2RiODlhNzVjZGE4MWVmNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wlnzDXZ4/57G5nLtj3LM6/8iAU/ AiB8sFLbckuPE5aDv5sXibMT3WlmdmmGdvqeNIqmTA8Yo22fXPa6bAUXL7SlGNTr CbfSCVKWRqx4xQ2X+R7ozGEIf9GDVG/8/sMPFpV1cvo1TkBNael9S1Li/ua+hJJ/ 6pHYmQSaK+FMxovmiPcWeENr6EBB3a8X20W6oswA9tPB6SGJPt3uRo5v04awKAQj fKNO05GfsEPOKeyliNJXBUgAiNk9evZkj+Sy1AhF3zfSsdeMfmteuYXgm+lMPHGA R8tXmuvdY/B6bYEPivR0sri6AYyYomFslhd8RXjsRyRLZ1whERYZB2QeNQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPIOV692e49a1l3/XFwC1tdRR02xMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU0MjFmMDMwLWJkOGUtNDU3ZS1iOWU1LWZmYmM0OWFmZWJlMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaubAwDQYJKoZIhvcNAQELBQADggEBAFB90N7SpyWK46Gu/yvO vpQUsiWoVittIkMJ97b0nv+PO/lxEDyGXnI8e7vNMQH10edP6JxoicKzYnEvQQmn W6qaEwkuEK297Vf38YtRqHwYwoN2lTAAsRjdI8Fhxki1E8qat9ewAE0DKVWtB5Pf LCWpKnqZEZu/Uu2hOzfMloP1g47XqEGmFbEh2Ke/56XTo3xYac1khNNv5dJACEmI ZGAleBaHNx+ygPEGVr92W5IJR9AqsL8n4Kt40B2V4u963NdG1o9E2Ww5z0EKPK/S lnRnI0OA9kYSIEPPS0lU9OK5KfgbvSWhTC4Jj0KE7OTez9ATsNW5YGAp9o0yiPw5 syI= -----END CERTIFICATE-----Generated at Wed Oct 8 21:35:57 2025 by rpki-client