$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6ea417f3-3b4b-41d7-a7ff-22c7107de3b3.roa File: 6ea417f3-3b4b-41d7-a7ff-22c7107de3b3.roa (raw, json) Hash identifier: JS866fGIucD2atof8C3wDUBkaIOtXXCfLH5VHr0KD7Y= Subject key identifier: FA:9A:61:3A:72:60:F3:CD:BD:27:13:55:B5:0B:32:37:FE:D6:F4:89 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7BF96A3F43361F15081BDFA42AA189ABCD3FE998 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6ea417f3-3b4b-41d7-a7ff-22c7107de3b3.roa Signing time: Sat 04 Oct 2025 00:00:37 +0000 ROA not before: Sat 04 Oct 2025 00:00:37 +0000 ROA not after: Sat 08 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:6080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 Oct 2025 00:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:f9:6a:3f:43:36:1f:15:08:1b:df:a4:2a:a1:89:ab:cd:3f:e9:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 4 00:00:37 2025 GMT Not After : Nov 8 23:59:59 2025 GMT Subject: serialNumber=4582ac73c4234d2589f8c8dedc3e1cd28e0d676b5a672f308705bd2f9f3f6434, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:69:cd:b0:d2:8d:8d:91:b5:55:7b:84:c4:f5: bc:75:d2:88:8c:7f:db:9a:c9:3b:37:cc:85:2a:64: a7:24:6a:3b:6e:8f:e7:7b:a9:63:48:e5:16:14:35: a4:df:17:18:4b:ec:41:20:af:7f:83:30:e4:0d:3e: 35:0b:c3:66:7a:5c:1a:20:75:28:ab:98:10:4b:39: 68:32:f1:95:33:c8:88:ff:6e:f0:b0:a1:e0:c6:2d: ab:bb:46:c3:19:96:ba:e2:05:a5:6c:be:ce:01:a1: 75:dc:68:f8:3e:7b:27:ce:b6:d4:0f:5c:51:23:3f: e1:9f:c1:ba:dc:51:06:f7:5c:31:93:63:07:b1:a5: 25:0b:3f:b8:e8:78:3f:ab:92:0b:48:d4:01:7b:1c: 9e:46:58:1b:97:a9:3b:03:15:dd:63:c7:9b:9f:20: 31:1f:51:71:43:bd:11:bb:d7:a7:68:75:0f:1e:9a: f8:b2:db:1d:bf:a0:da:17:cb:25:7b:c0:b2:92:d9: ed:6a:fd:28:82:20:18:b8:74:66:38:7e:c3:7b:38: cd:d2:17:c4:11:42:e3:35:e1:9f:5a:2e:82:55:19: 59:f6:01:63:bc:a1:18:58:81:20:5e:5e:b2:70:09: 20:18:c0:f4:74:fa:b9:9b:6f:4f:9f:42:be:fa:c0: 00:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:9A:61:3A:72:60:F3:CD:BD:27:13:55:B5:0B:32:37:FE:D6:F4:89 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6ea417f3-3b4b-41d7-a7ff-22c7107de3b3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:6080::/46 Signature Algorithm: sha256WithRSAEncryption 67:83:81:bc:42:a5:c9:25:0a:62:6b:de:f8:58:b4:54:b5:55: c3:0f:0b:8a:9d:e9:29:e5:09:77:06:4e:69:f6:a4:4e:3e:5d: 75:3d:45:ff:b8:36:32:1d:c8:f3:81:ad:3a:57:eb:bf:90:7f: 49:45:df:be:85:6d:c4:bd:1b:24:47:58:cb:dc:78:30:75:bb: 83:cf:97:7a:1b:b3:8d:66:d7:86:72:0f:ac:10:55:0c:07:f9: ec:f0:ef:f6:1d:9e:30:6f:49:c2:2c:63:02:03:13:27:45:49: aa:d2:9a:24:a9:05:fe:8d:42:c6:1d:a6:b5:97:90:26:ad:f8: 87:c0:7b:48:85:78:b6:10:a7:b4:b6:2e:33:21:38:b3:d8:67: fb:f9:88:fd:b0:66:cf:87:c4:ee:ec:39:2c:1b:50:88:ca:8d: b0:11:a1:ce:00:9c:ef:1c:41:21:c6:ad:9c:75:9c:b0:8b:a8: b0:16:e4:e5:17:16:14:ca:75:0a:ce:fb:39:58:93:96:d8:bc: 83:dd:d4:5f:8f:89:d9:96:1c:6c:9d:6b:25:b5:5e:d8:4b:58: 16:23:05:be:e1:30:86:f6:ae:34:e1:ee:c2:80:d6:bb:4f:7a: 8a:d7:e1:6e:37:e7:d3:75:6b:72:7b:c6:b1:ab:f3:10:72:6e: 0a:b5:7f:e0 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUe/lqP0M2HxUIG9+kKqGJq80/6ZgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNDAwMDAzN1oX DTI1MTEwODIzNTk1OVowejFJMEcGA1UEBRNANDU4MmFjNzNjNDIzNGQyNTg5Zjhj OGRlZGMzZTFjZDI4ZTBkNjc2YjVhNjcyZjMwODcwNWJkMmY5ZjNmNjQzNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumnNsNKNjZG1VXuExPW8ddKIjH/b msk7N8yFKmSnJGo7bo/ne6ljSOUWFDWk3xcYS+xBIK9/gzDkDT41C8NmelwaIHUo q5gQSzloMvGVM8iI/27wsKHgxi2ru0bDGZa64gWlbL7OAaF13Gj4PnsnzrbUD1xR Iz/hn8G63FEG91wxk2MHsaUlCz+46Hg/q5ILSNQBexyeRlgbl6k7AxXdY8ebnyAx H1FxQ70Ru9enaHUPHpr4stsdv6DaF8sle8Cyktntav0ogiAYuHRmOH7DezjN0hfE EULjNeGfWi6CVRlZ9gFjvKEYWIEgXl6ycAkgGMD0dPq5m29Pn0K++sAAzwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPqaYTpyYPPNvScTVbULMjf+1vSJMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZlYTQxN2YzLTNiNGItNDFkNy1hN2ZmLTIyYzcxMDdkZTNiMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba82CAMA0GCSqGSIb3DQEBCwUAA4IBAQBng4G8QqXJJQpia974 WLRUtVXDDwuKnekp5Ql3Bk5p9qROPl11PUX/uDYyHcjzga06V+u/kH9JRd++hW3E vRskR1jL3HgwdbuDz5d6G7ONZteGcg+sEFUMB/ns8O/2HZ4wb0nCLGMCAxMnRUmq 0pokqQX+jULGHaa1l5AmrfiHwHtIhXi2EKe0ti4zITiz2Gf7+Yj9sGbPh8Tu7Dks G1CIyo2wEaHOAJzvHEEhxq2cdZywi6iwFuTlFxYUynUKzvs5WJOW2LyD3dRfj4nZ lhxsnWsltV7YS1gWIwW+4TCG9q404e7CgNa7T3qK1+FuN+fTdWtye8axq/MQcm4K tX/g -----END CERTIFICATE-----Generated at Wed Oct 8 23:14:49 2025 by rpki-client