$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/72a92468-955c-4942-86f7-be976f5fe4ad.roa File: 72a92468-955c-4942-86f7-be976f5fe4ad.roa (raw, json) Hash identifier: ooKhYglxQk7z4t13EWkQYKsh9aUaqWfBzobNYcHZC58= Subject key identifier: F4:5F:71:E2:41:F7:78:A2:73:E8:31:13:AA:AF:5E:11:0D:81:19:11 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 64EE5C59EAB754ADD67CA5DC07F11F2E3A41F137 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/72a92468-955c-4942-86f7-be976f5fe4ad.roa Signing time: Sat 04 Oct 2025 00:10:24 +0000 ROA not before: Sat 04 Oct 2025 00:10:24 +0000 ROA not after: Sat 08 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:20c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 Oct 2025 00:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:ee:5c:59:ea:b7:54:ad:d6:7c:a5:dc:07:f1:1f:2e:3a:41:f1:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 4 00:10:24 2025 GMT Not After : Nov 8 23:59:59 2025 GMT Subject: serialNumber=9ebc23996252bfd4c5f60d66c7f260d3261e5a21c16061bc2444824b6087ef0a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:f8:9d:bf:ef:54:d2:41:1a:60:d5:98:70:67: 7b:d0:95:8f:8e:cd:04:8b:5f:c7:cf:5f:77:62:40: c9:d7:98:d4:9c:42:db:3c:e7:4a:1c:ee:dd:96:d8: 2a:d8:dc:8b:62:80:fc:f6:1c:a2:6c:29:c3:5e:ca: 17:0d:ce:64:1d:d7:4c:52:65:f8:38:8a:4a:7e:3c: 5d:40:3d:86:82:2c:cd:f8:a8:80:52:28:0e:fa:30: a4:35:6b:17:0a:45:a6:df:fb:d0:51:6a:0c:3f:8d: db:ad:13:16:2c:04:91:9d:21:88:47:c9:dc:60:3a: 0d:ff:b0:cc:34:6e:87:f0:ee:00:21:be:31:d1:7a: 95:90:30:b5:84:99:67:39:63:4d:ad:38:82:1d:c4: c3:bf:05:76:28:2f:34:61:52:af:24:d4:26:00:2f: 7f:2c:b8:ca:71:ea:11:ab:3f:2b:f9:68:f9:20:12: 07:46:9a:7b:bd:38:2f:16:d2:9f:fd:ef:9f:40:a2: a3:61:7a:7e:6b:59:27:da:84:b0:97:14:2c:39:53: c8:49:dd:b8:c7:c7:fe:ad:d5:ca:e2:a3:55:c4:ff: b8:61:2a:0b:aa:ae:3d:2a:86:b2:48:0a:9d:ef:ec: 7f:f9:4a:07:b9:c4:ab:d8:d1:b8:d9:8f:7a:27:50: c8:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:5F:71:E2:41:F7:78:A2:73:E8:31:13:AA:AF:5E:11:0D:81:19:11 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/72a92468-955c-4942-86f7-be976f5fe4ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:20c0::/46 Signature Algorithm: sha256WithRSAEncryption 6d:4d:2e:21:27:a8:67:57:a4:ec:be:1d:46:50:87:b4:99:19: 50:95:f9:41:e1:b5:ca:2c:37:29:da:d0:0a:be:aa:9f:fa:ff: 53:88:81:1a:b9:f4:c2:b7:5a:99:11:f9:3e:59:9c:38:07:ec: 42:4d:fe:8a:e8:c0:a6:9c:c1:70:26:9b:6a:3e:46:3d:43:d9: 5d:64:01:d7:52:38:e4:fe:c5:89:9f:33:da:51:1c:f7:6a:ba: 75:0f:00:a3:11:01:e5:f8:21:d6:ae:d1:fb:5e:26:6f:6c:66: c2:4f:11:6e:b2:52:32:a4:c0:af:37:d6:ac:cb:f8:07:32:9b: 91:1c:9b:e3:7b:d0:0d:fd:00:cf:04:64:8a:8f:16:c2:36:4b: 9b:b1:7c:79:bb:fe:dd:40:97:73:7f:9a:f7:25:1d:17:7c:64: 7d:50:53:c9:df:bf:52:a3:30:73:d7:9c:fe:3e:cc:43:73:2f: c4:77:7d:33:8e:9a:a9:bd:14:33:00:c0:ea:34:c5:af:9a:00: 76:16:61:68:db:2e:3a:fb:71:c4:8e:ef:b8:3f:d0:b7:08:83: 3f:c4:13:48:93:d1:b5:e8:2e:08:12:a3:4b:af:2c:66:af:4e: c8:e2:65:4d:c3:13:45:5c:32:bd:8e:a2:0e:5b:69:76:9d:1d: 87:2c:7f:7a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZO5cWeq3VK3WfKXcB/EfLjpB8TcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNDAwMTAyNFoX DTI1MTEwODIzNTk1OVowejFJMEcGA1UEBRNAOWViYzIzOTk2MjUyYmZkNGM1ZjYw ZDY2YzdmMjYwZDMyNjFlNWEyMWMxNjA2MWJjMjQ0NDgyNGI2MDg3ZWYwYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPidv+9U0kEaYNWYcGd70JWPjs0E i1/Hz193YkDJ15jUnELbPOdKHO7dltgq2NyLYoD89hyibCnDXsoXDc5kHddMUmX4 OIpKfjxdQD2GgizN+KiAUigO+jCkNWsXCkWm3/vQUWoMP43brRMWLASRnSGIR8nc YDoN/7DMNG6H8O4AIb4x0XqVkDC1hJlnOWNNrTiCHcTDvwV2KC80YVKvJNQmAC9/ LLjKceoRqz8r+Wj5IBIHRpp7vTgvFtKf/e+fQKKjYXp+a1kn2oSwlxQsOVPISd24 x8f+rdXK4qNVxP+4YSoLqq49KoaySAqd7+x/+UoHucSr2NG42Y96J1DIqQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPRfceJB93iic+gxE6qvXhENgRkRMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcyYTkyNDY4LTk1NWMtNDk0Mi04NmY3LWJlOTc2ZjVmZTRhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba8yDAMA0GCSqGSIb3DQEBCwUAA4IBAQBtTS4hJ6hnV6Tsvh1G UIe0mRlQlflB4bXKLDcp2tAKvqqf+v9TiIEaufTCt1qZEfk+WZw4B+xCTf6K6MCm nMFwJptqPkY9Q9ldZAHXUjjk/sWJnzPaURz3arp1DwCjEQHl+CHWrtH7XiZvbGbC TxFuslIypMCvN9asy/gHMpuRHJvje9AN/QDPBGSKjxbCNkubsXx5u/7dQJdzf5r3 JR0XfGR9UFPJ379SozBz15z+PsxDcy/Ed30zjpqpvRQzAMDqNMWvmgB2FmFo2y46 +3HEju+4P9C3CIM/xBNIk9G16C4IEqNLryxmr07I4mVNwxNFXDK9jqIOW2l2nR2H LH96 -----END CERTIFICATE-----Generated at Wed Oct 8 23:11:53 2025 by rpki-client