$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/71870024-8ed4-4150-a104-52f4b8c56809.roa File: 71870024-8ed4-4150-a104-52f4b8c56809.roa (raw, json) Hash identifier: JA44Gqux91R0cS28xY7dSRWbDb4V3LUzm27aGGB9BQY= Subject key identifier: A9:66:C1:CC:98:C2:64:6C:98:67:83:E1:E5:19:5A:A2:AE:22:71:13 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3F0CBC2AB2493EA5490601524D71AC2E7505FD9F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/71870024-8ed4-4150-a104-52f4b8c56809.roa Signing time: Sat 04 Oct 2025 00:10:44 +0000 ROA not before: Sat 04 Oct 2025 00:10:44 +0000 ROA not after: Sat 08 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 Oct 2025 00:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:0c:bc:2a:b2:49:3e:a5:49:06:01:52:4d:71:ac:2e:75:05:fd:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 4 00:10:44 2025 GMT Not After : Nov 8 23:59:59 2025 GMT Subject: serialNumber=5c83d4147df9284d3276ad271ad40c53b37e5f60ed4d1a33c9f67cfdf2443d59, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:f1:26:00:f4:f7:2d:15:47:11:f8:d8:6e:6e: 54:e1:1c:e4:af:0e:7d:85:af:e8:86:18:0d:9e:dd: 5d:91:d6:61:41:69:a1:5d:e2:d1:9c:d0:11:34:f3: 5d:d8:98:db:43:2d:e9:ad:91:f9:50:34:97:a4:5b: 08:e2:3b:4f:65:04:df:b1:ec:a1:d4:bd:3c:fe:85: fe:00:06:78:69:fd:3d:c8:95:5d:89:fe:83:2c:52: 2e:9b:46:83:7f:35:da:ae:95:ba:69:a7:e3:23:b1: b1:1b:8b:0c:1e:ab:2a:79:65:fd:6f:4a:8a:74:c7: 5b:cc:bb:de:ad:96:42:2a:20:4a:8c:27:e3:b9:bc: c2:07:6f:6a:3e:5d:71:41:f4:d1:c4:d2:e0:ce:82: 5e:e2:d3:4e:72:2c:67:e4:d9:a4:89:6d:dc:2d:51: 7f:c0:d8:0c:4e:98:f4:19:47:5b:be:72:d6:c5:fb: cd:38:35:bf:ca:64:65:e7:42:62:d9:bf:43:95:db: ba:a1:38:bb:66:2a:0f:f8:3c:e5:34:b6:02:f8:38: 56:c1:3c:39:94:0a:f1:4a:a1:a0:da:4f:d6:70:16: b5:70:ee:33:2e:eb:69:0a:c2:14:99:12:78:65:16: 71:29:77:ec:63:6e:1b:06:90:a7:00:23:74:b9:c9: 80:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:66:C1:CC:98:C2:64:6C:98:67:83:E1:E5:19:5A:A2:AE:22:71:13 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/71870024-8ed4-4150-a104-52f4b8c56809.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:2000::/40 Signature Algorithm: sha256WithRSAEncryption a7:85:71:4d:c2:f0:c5:00:77:51:2e:73:0e:21:8a:cd:5c:74: 6d:3a:9b:f1:f0:dc:23:61:1d:e3:5b:f9:30:30:31:1f:13:6b: a0:0b:97:c4:2a:0b:71:5f:f5:b0:6f:0d:26:8f:76:89:af:b6: e9:ca:1a:25:4e:a1:76:b7:0f:d0:f5:11:0f:0f:4f:24:aa:ff: cb:57:b8:ae:f2:7d:55:e2:9d:e5:ce:b9:ca:bf:29:03:e4:08: d8:0a:48:52:3a:61:a1:db:5e:47:34:22:bf:2c:bc:cd:6f:81: 5b:3c:8e:62:f1:8f:c3:da:53:87:b4:20:d2:0b:5b:94:fa:6f: d6:80:f1:1d:d2:1e:52:61:d5:43:48:87:04:01:31:95:e8:09: 53:d7:4f:bc:a6:ac:ff:ae:f3:a8:4e:d9:7d:8f:d1:5f:18:06: c3:d7:a9:b3:5d:60:63:1a:d2:6f:ea:84:4d:7d:8b:27:3a:3c: a3:a6:c9:f8:07:30:fd:ec:33:57:92:ee:e0:94:af:c5:67:f9: 24:67:6a:56:b8:3e:fb:d2:f5:da:2d:15:1e:13:d0:5b:18:f6: 4d:71:0e:05:ad:33:68:cb:68:71:e7:5e:86:0e:23:b9:a8:79: 14:08:44:ce:e9:36:fd:12:50:49:7c:8d:ee:b3:da:f6:10:6a: e8:b7:3e:40 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPwy8KrJJPqVJBgFSTXGsLnUF/Z8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNDAwMTA0NFoX DTI1MTEwODIzNTk1OVowejFJMEcGA1UEBRNANWM4M2Q0MTQ3ZGY5Mjg0ZDMyNzZh ZDI3MWFkNDBjNTNiMzdlNWY2MGVkNGQxYTMzYzlmNjdjZmRmMjQ0M2Q1OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvEmAPT3LRVHEfjYbm5U4Rzkrw59 ha/ohhgNnt1dkdZhQWmhXeLRnNARNPNd2JjbQy3prZH5UDSXpFsI4jtPZQTfseyh 1L08/oX+AAZ4af09yJVdif6DLFIum0aDfzXarpW6aafjI7GxG4sMHqsqeWX9b0qK dMdbzLverZZCKiBKjCfjubzCB29qPl1xQfTRxNLgzoJe4tNOcixn5NmkiW3cLVF/ wNgMTpj0GUdbvnLWxfvNODW/ymRl50Ji2b9Dldu6oTi7ZioP+DzlNLYC+DhWwTw5 lArxSqGg2k/WcBa1cO4zLutpCsIUmRJ4ZRZxKXfsY24bBpCnACN0ucmA2QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKlmwcyYwmRsmGeD4eUZWqKuInETMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcxODcwMDI0LThlZDQtNDE1MC1hMTA0LTUyZjRiOGM1NjgwOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauCAwDQYJKoZIhvcNAQELBQADggEBAKeFcU3C8MUAd1Eucw4h is1cdG06m/Hw3CNhHeNb+TAwMR8Ta6ALl8QqC3Ff9bBvDSaPdomvtunKGiVOoXa3 D9D1EQ8PTySq/8tXuK7yfVXineXOucq/KQPkCNgKSFI6YaHbXkc0Ir8svM1vgVs8 jmLxj8PaU4e0INILW5T6b9aA8R3SHlJh1UNIhwQBMZXoCVPXT7ymrP+u86hO2X2P 0V8YBsPXqbNdYGMa0m/qhE19iyc6PKOmyfgHMP3sM1eS7uCUr8Vn+SRnala4PvvS 9dotFR4T0FsY9k1xDgWtM2jLaHHnXoYOI7moeRQIRM7pNv0SUEl8je6z2vYQaui3 PkA= -----END CERTIFICATE-----Generated at Wed Oct 8 23:15:47 2025 by rpki-client