$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/94244cb0-158e-46d4-8af4-e50dc14db808.roa File: 94244cb0-158e-46d4-8af4-e50dc14db808.roa (raw, json) Hash identifier: 82pY3qld7ujGUgy7NvFFccdypBW8VRL0ZTTxXCUXbBw= Subject key identifier: CE:C8:8B:99:8A:A2:D3:B4:91:E6:C1:33:7B:BE:3F:45:23:7E:B2:9C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 797098128FA6AF9EA9FA668CB9059B4B9B6ECF5F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/94244cb0-158e-46d4-8af4-e50dc14db808.roa Signing time: Tue 07 Oct 2025 00:00:53 +0000 ROA not before: Tue 07 Oct 2025 00:00:53 +0000 ROA not after: Tue 11 Nov 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:dab9:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 Oct 2025 00:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:70:98:12:8f:a6:af:9e:a9:fa:66:8c:b9:05:9b:4b:9b:6e:cf:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 7 00:00:53 2025 GMT Not After : Nov 11 23:59:59 2025 GMT Subject: serialNumber=736999f1d843b3e90736e5082cee776dceb22dbbfdde94d5a4912d6cd6b78db7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:de:08:4a:a3:21:89:24:a7:46:6c:b6:6a:71: b1:4d:84:81:e8:b8:49:71:df:01:4c:f0:8e:52:5e: 0a:db:c1:0d:85:47:15:79:26:0a:78:bf:35:08:65: 6b:78:64:ea:0c:ef:cb:f5:81:d0:8b:c5:5f:98:01: 64:04:af:60:01:5c:91:16:be:32:a0:2d:5b:bd:04: 0d:5e:98:5b:33:c1:57:60:4b:f6:0d:f0:fc:f5:ae: 4c:a5:5a:6c:d8:e0:15:c3:f3:23:8c:c0:fe:46:94: 75:4d:55:bc:27:1b:3e:ac:49:cc:5d:f9:e9:7e:65: 4d:35:59:e3:e6:20:34:3d:53:a6:d1:75:9c:05:e0: cb:4a:42:6c:c3:36:94:d7:40:2e:4d:2c:01:d1:ef: b3:7f:89:1f:2f:58:59:af:24:18:9b:ae:0a:28:c0: 88:f7:eb:18:00:c0:02:60:47:dc:f6:7a:4e:50:45: 47:11:4e:b0:de:99:09:ae:70:38:97:e5:fc:80:0a: 80:aa:2b:fe:a3:7e:2d:39:39:77:72:b2:08:61:e9: a1:93:be:6b:69:96:4d:6d:cb:ba:65:bd:7b:c1:31: 9e:a2:24:5b:b9:f6:a6:f9:72:45:b1:af:6f:e4:cd: be:a3:97:6c:6f:c7:a4:f8:35:a2:47:22:3b:73:59: d7:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:C8:8B:99:8A:A2:D3:B4:91:E6:C1:33:7B:BE:3F:45:23:7E:B2:9C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/94244cb0-158e-46d4-8af4-e50dc14db808.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:2800::/40 Signature Algorithm: sha256WithRSAEncryption 5a:0d:ce:d1:c2:c6:df:06:e2:8b:b4:bc:b2:5a:81:10:fa:46: 59:ff:93:bc:34:c7:50:de:00:54:68:53:bc:de:70:5c:51:e3: b6:ab:e2:36:22:ae:c9:d0:02:49:00:51:38:5e:40:4b:66:42: 0a:73:20:d9:90:7a:37:3a:0d:93:3c:17:90:12:cb:d2:4c:cb: 76:d4:c0:d6:4e:5a:64:6c:6e:03:37:5d:6c:45:9d:a2:38:0b: e6:3e:31:7c:ce:6e:94:f0:dd:cf:fc:01:52:00:0f:38:33:39: cd:8a:dd:d3:12:54:70:7b:5b:8e:3a:ae:9b:a1:5c:80:a1:68: 16:ad:75:03:80:ca:41:3b:c0:78:b8:65:01:ca:25:50:89:3f: 68:2f:7f:21:2c:fc:0c:57:4a:32:fb:9f:48:26:fc:33:8f:46: 91:e7:09:5f:8d:aa:51:e5:72:2c:e6:c3:88:56:32:bb:1e:bd: 64:a5:09:5d:01:b3:8a:66:a9:33:44:92:22:4a:5e:48:b3:1b: fe:bc:1d:a4:81:e4:8b:c8:9e:10:ea:d5:f1:ce:03:8b:d4:85: 58:e0:ea:8f:a8:29:b0:be:1b:37:6c:08:61:a0:3d:3c:ac:03: 04:00:1b:47:f4:f3:66:71:a9:15:65:59:f0:74:dd:4b:77:04: 75:88:12:22 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeXCYEo+mr56p+maMuQWbS5tuz18wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNzAwMDA1M1oX DTI1MTExMTIzNTk1OVowejFJMEcGA1UEBRNANzM2OTk5ZjFkODQzYjNlOTA3MzZl NTA4MmNlZTc3NmRjZWIyMmRiYmZkZGU5NGQ1YTQ5MTJkNmNkNmI3OGRiNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA594ISqMhiSSnRmy2anGxTYSB6LhJ cd8BTPCOUl4K28ENhUcVeSYKeL81CGVreGTqDO/L9YHQi8VfmAFkBK9gAVyRFr4y oC1bvQQNXphbM8FXYEv2DfD89a5MpVps2OAVw/MjjMD+RpR1TVW8Jxs+rEnMXfnp fmVNNVnj5iA0PVOm0XWcBeDLSkJswzaU10AuTSwB0e+zf4kfL1hZryQYm64KKMCI 9+sYAMACYEfc9npOUEVHEU6w3pkJrnA4l+X8gAqAqiv+o34tOTl3crIIYemhk75r aZZNbcu6Zb17wTGeoiRbufam+XJFsa9v5M2+o5dsb8ek+DWiRyI7c1nXYQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFM7Ii5mKotO0kebBM3u+P0UjfrKcMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk0MjQ0Y2IwLTE1OGUtNDZkNC04YWY0LWU1MGRjMTRkYjgwOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauSgwDQYJKoZIhvcNAQELBQADggEBAFoNztHCxt8G4ou0vLJa gRD6Rln/k7w0x1DeAFRoU7zecFxR47ar4jYirsnQAkkAUTheQEtmQgpzINmQejc6 DZM8F5ASy9JMy3bUwNZOWmRsbgM3XWxFnaI4C+Y+MXzObpTw3c/8AVIADzgzOc2K 3dMSVHB7W446rpuhXIChaBatdQOAykE7wHi4ZQHKJVCJP2gvfyEs/AxXSjL7n0gm /DOPRpHnCV+NqlHlcizmw4hWMrsevWSlCV0Bs4pmqTNEkiJKXkizG/68HaSB5IvI nhDq1fHOA4vUhVjg6o+oKbC+GzdsCGGgPTysAwQAG0f082ZxqRVlWfB03Ut3BHWI EiI= -----END CERTIFICATE-----Generated at Wed Oct 8 19:42:40 2025 by rpki-client