$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/783b96f4-81ad-4d1d-a0e6-647a0ff39448.roa File: 783b96f4-81ad-4d1d-a0e6-647a0ff39448.roa (raw, json) Hash identifier: dEUcpVpaa21t4ScGCvRL67sgC7U/eXdPoFzfMF2gja8= Subject key identifier: 90:E5:D8:BF:C1:93:AB:F0:5D:B8:56:6F:71:4B:50:62:8B:90:B3:7C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 156A7780DD4A83A7D8094791F981FA1C06328280 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/783b96f4-81ad-4d1d-a0e6-647a0ff39448.roa Signing time: Tue 07 Oct 2025 00:00:11 +0000 ROA not before: Tue 07 Oct 2025 00:00:11 +0000 ROA not after: Tue 11 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 Oct 2025 00:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:6a:77:80:dd:4a:83:a7:d8:09:47:91:f9:81:fa:1c:06:32:82:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 7 00:00:11 2025 GMT Not After : Nov 11 23:59:59 2025 GMT Subject: serialNumber=76fa7f7099bf525ff1236d6243fe5f9549d65bfd788812732c9c85eda312e489, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:f6:70:6a:27:02:d2:dc:26:6a:1d:02:fe:df: 22:9b:dd:f1:ad:1b:58:cc:f6:c6:b2:3b:1c:47:40: 39:22:85:dd:2e:9f:50:0a:f0:ac:af:5c:15:30:00: f5:86:47:ed:7d:e2:e6:6e:f3:1c:31:54:36:bd:7d: 61:5a:09:2a:81:ab:d5:58:45:d9:75:66:12:60:d8: ba:e0:e7:1f:46:ee:b5:86:7a:20:0c:14:29:20:31: 66:63:4e:cb:1c:ec:c0:fa:9a:c2:4e:94:db:61:12: 7e:fc:ce:1b:51:e5:cd:fa:42:bd:a1:39:62:28:44: b9:61:0b:b6:ba:04:5c:16:13:da:17:29:22:8a:ae: 87:67:8e:51:44:c3:85:32:8e:e6:f2:92:cb:7b:3e: d3:9a:25:a8:85:38:0b:fa:f8:41:69:74:93:18:5e: d4:d0:85:d9:0b:65:c2:2e:6e:90:41:fa:ba:de:3c: 0b:1b:e2:bd:5c:9b:e4:70:14:c7:17:e6:6e:52:a6: 02:a2:29:6e:0d:33:14:e9:72:89:5c:95:99:d3:f8: e8:05:35:4d:78:1a:fe:17:51:57:d0:29:3f:09:9d: e6:f8:74:2f:53:73:7c:e4:ed:71:97:3d:db:33:08: cf:48:96:e9:1b:e9:0d:71:a1:d0:72:fe:d4:aa:ea: 62:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:E5:D8:BF:C1:93:AB:F0:5D:B8:56:6F:71:4B:50:62:8B:90:B3:7C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/783b96f4-81ad-4d1d-a0e6-647a0ff39448.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:9000::/40 Signature Algorithm: sha256WithRSAEncryption 69:12:24:24:4b:b4:0b:96:9e:0c:c0:f0:a8:7f:bd:a7:4e:12: 32:d1:08:d3:9e:9b:85:35:16:f3:ee:df:33:db:2b:a6:34:86: b8:0f:43:92:34:3b:7c:05:77:a7:70:99:34:ff:66:29:6f:a5: d6:e3:44:27:e9:38:20:4d:d1:21:b1:46:83:a4:08:67:76:49: 67:81:7f:a9:40:78:77:59:e1:fb:8f:59:0d:f0:b3:db:3d:67: ff:c3:9b:75:0f:99:4f:aa:0f:cf:a2:3d:ab:03:cc:4b:f1:a2: 5d:7b:ef:7b:a6:72:c3:14:c2:75:12:4c:91:6d:91:ad:65:d9: 43:32:9b:b1:d6:76:e5:15:a5:33:be:d4:6c:4b:ce:8a:e8:0a: ab:02:f1:39:24:49:b6:16:be:b2:57:e5:9f:80:b9:e9:de:28: 17:cd:58:19:fb:d7:e4:f4:25:8c:ea:8a:4e:4d:36:4a:9c:df: 02:7f:66:29:b7:d5:2d:a7:c9:a1:aa:1b:0c:96:a1:73:03:3b: 12:77:12:13:2d:13:4f:6c:0a:93:fe:02:8b:99:48:69:a3:19: 03:d0:57:26:cc:cf:de:90:99:3f:31:29:2a:4b:c9:e1:dc:eb: 39:bb:60:77:6a:ee:a3:86:26:16:01:69:6b:15:33:5a:1d:7b: 58:96:48:23 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFWp3gN1Kg6fYCUeR+YH6HAYygoAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNzAwMDAxMVoX DTI1MTExMTIzNTk1OVowejFJMEcGA1UEBRNANzZmYTdmNzA5OWJmNTI1ZmYxMjM2 ZDYyNDNmZTVmOTU0OWQ2NWJmZDc4ODgxMjczMmM5Yzg1ZWRhMzEyZTQ4OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/ZwaicC0twmah0C/t8im93xrRtY zPbGsjscR0A5IoXdLp9QCvCsr1wVMAD1hkftfeLmbvMcMVQ2vX1hWgkqgavVWEXZ dWYSYNi64OcfRu61hnogDBQpIDFmY07LHOzA+prCTpTbYRJ+/M4bUeXN+kK9oTli KES5YQu2ugRcFhPaFykiiq6HZ45RRMOFMo7m8pLLez7TmiWohTgL+vhBaXSTGF7U 0IXZC2XCLm6QQfq63jwLG+K9XJvkcBTHF+ZuUqYCoiluDTMU6XKJXJWZ0/joBTVN eBr+F1FX0Ck/CZ3m+HQvU3N85O1xlz3bMwjPSJbpG+kNcaHQcv7Uqupi5QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJDl2L/Bk6vwXbhWb3FLUGKLkLN8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc4M2I5NmY0LTgxYWQtNGQxZC1hMGU2LTY0N2EwZmYzOTQ0OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauZAwDQYJKoZIhvcNAQELBQADggEBAGkSJCRLtAuWngzA8Kh/ vadOEjLRCNOem4U1FvPu3zPbK6Y0hrgPQ5I0O3wFd6dwmTT/ZilvpdbjRCfpOCBN 0SGxRoOkCGd2SWeBf6lAeHdZ4fuPWQ3ws9s9Z//Dm3UPmU+qD8+iPasDzEvxol17 73umcsMUwnUSTJFtka1l2UMym7HWduUVpTO+1GxLzoroCqsC8TkkSbYWvrJX5Z+A ueneKBfNWBn71+T0JYzqik5NNkqc3wJ/Zim31S2nyaGqGwyWoXMDOxJ3EhMtE09s CpP+AouZSGmjGQPQVybMz96QmT8xKSpLyeHc6zm7YHdq7qOGJhYBaWsVM1ode1iW SCM= -----END CERTIFICATE-----Generated at Wed Oct 8 23:13:38 2025 by rpki-client