$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa File: 996cc3b8-0df0-4f17-97f0-d59aa845427c.roa (raw, json) Hash identifier: frhlFPfEQPcNqJCjtEqGqMeQ0KO9yURCcW5tHtJoibU= Subject key identifier: 8D:CD:E3:95:FD:83:92:51:7B:CF:C0:95:A0:FF:F6:BC:E6:1E:A5:65 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 13C4EDB1B9F809083E417C948DA173E3DE01A85C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa Signing time: Mon 29 Sep 2025 15:00:45 +0000 ROA not before: Mon 29 Sep 2025 15:00:45 +0000 ROA not after: Mon 03 Nov 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da00:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 Oct 2025 00:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:c4:ed:b1:b9:f8:09:08:3e:41:7c:94:8d:a1:73:e3:de:01:a8:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 29 15:00:45 2025 GMT Not After : Nov 3 23:59:59 2025 GMT Subject: serialNumber=259b606becce95c0aa48a6658399297e2c6cbbe960d8a51a47dcc1accdd56f82, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:88:da:eb:b0:36:f6:b7:62:13:5e:c5:a4:9d: 45:60:24:d0:b4:5d:2d:2d:c7:64:e7:21:77:10:7a: 61:1a:63:7d:46:ad:29:83:b4:2b:94:61:c9:33:0a: bd:be:12:af:a8:86:4a:8a:8a:18:b3:80:86:4b:cf: 89:0a:40:10:66:24:58:3f:58:f8:bc:33:d6:eb:67: 28:f2:fc:61:ad:16:41:88:ed:d5:e7:5f:9f:6a:51: ed:6f:fe:bc:da:ef:2b:16:27:62:32:ee:c4:2b:a2: 5e:d4:64:7e:39:4c:22:ac:23:29:59:40:de:42:a1: 61:d3:8b:5c:96:f8:62:99:fc:8d:9a:4f:7d:4c:e8: f2:5f:50:eb:e2:cb:0f:dd:8e:6d:dc:cd:29:00:00: f5:76:0e:9d:79:47:74:7f:87:00:a3:02:81:d9:40: ed:19:06:63:85:6f:63:ed:7e:05:a2:71:3a:c4:8c: 81:32:be:fd:6f:d4:79:39:dd:85:d5:65:7d:76:85: 36:20:ac:a1:ff:56:06:95:14:f1:ce:60:c8:ae:44: 2d:4b:fc:d8:7a:50:2b:99:2e:9a:13:81:04:ac:69: 95:96:c6:e7:75:b2:28:27:16:f5:b3:2c:5f:a5:8c: 4f:7c:a2:00:92:c6:bc:d6:82:92:c6:bd:74:85:db: 3c:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:CD:E3:95:FD:83:92:51:7B:CF:C0:95:A0:FF:F6:BC:E6:1E:A5:65 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/996cc3b8-0df0-4f17-97f0-d59aa845427c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 01:9a:d0:7a:6f:9c:52:65:b5:d3:1b:ef:78:b4:7e:38:84:8e: 11:44:d5:1d:4e:23:77:67:1b:ba:fa:63:9e:d5:98:6a:e3:8f: 11:fa:c0:4c:17:53:b3:e5:47:69:1a:30:ac:f4:07:44:a4:07: 63:df:3d:5e:45:e5:e7:41:1c:1f:f3:4e:f9:4f:d9:4b:eb:5f: a1:2d:12:d2:97:06:d9:cf:4c:d7:bd:fe:9b:b0:fb:b0:3d:89: c0:b6:b5:a1:4b:fc:b9:6e:41:a8:11:83:02:ca:32:a8:c5:a0: de:96:b1:6d:a2:54:80:40:a5:67:8d:64:c2:5a:af:98:81:4e: 64:9a:89:71:d9:aa:2e:18:fc:a1:77:d3:7d:e5:b0:ec:3a:8a: 1b:77:96:0e:4a:b7:0a:43:39:03:07:15:36:78:e7:92:a2:6d: 35:70:73:ae:03:26:39:c8:b1:64:0f:21:0f:fc:00:4d:00:d0: 5f:87:cd:4d:e3:43:b1:5c:0c:ca:c0:fa:06:1a:5c:4d:bb:6a: 28:ef:ad:7a:e3:b5:f4:a7:d0:30:f8:6d:b3:c7:d5:b7:a5:e9: 23:fb:07:07:b9:77:4b:69:8b:0a:9c:67:b2:42:48:e2:f1:7a: 62:af:ed:f0:cd:1c:64:01:99:d4:79:7a:34:c9:47:30:95:15: f8:71:f3:00 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUE8Ttsbn4CQg+QXyUjaFz494BqFwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDkyOTE1MDA0NVoX DTI1MTEwMzIzNTk1OVowejFJMEcGA1UEBRNAMjU5YjYwNmJlY2NlOTVjMGFhNDhh NjY1ODM5OTI5N2UyYzZjYmJlOTYwZDhhNTFhNDdkY2MxYWNjZGQ1NmY4MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoja67A29rdiE17FpJ1FYCTQtF0t Lcdk5yF3EHphGmN9Rq0pg7QrlGHJMwq9vhKvqIZKiooYs4CGS8+JCkAQZiRYP1j4 vDPW62co8vxhrRZBiO3V51+falHtb/682u8rFidiMu7EK6Je1GR+OUwirCMpWUDe QqFh04tclvhimfyNmk99TOjyX1Dr4ssP3Y5t3M0pAAD1dg6deUd0f4cAowKB2UDt GQZjhW9j7X4FonE6xIyBMr79b9R5Od2F1WV9doU2IKyh/1YGlRTxzmDIrkQtS/zY elArmS6aE4EErGmVlsbndbIoJxb1syxfpYxPfKIAksa81oKSxr10hds8UQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFI3N45X9g5JRe8/AlaD/9rzmHqVlMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk5NmNjM2I4LTBkZjAtNGYxNy05N2YwLWQ1OWFhODQ1NDI3Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAP8AMA0GCSqGSIb3DQEBCwUAA4IBAQABmtB6b5xSZbXTG+94 tH44hI4RRNUdTiN3Zxu6+mOe1Zhq448R+sBMF1Oz5UdpGjCs9AdEpAdj3z1eReXn QRwf8075T9lL61+hLRLSlwbZz0zXvf6bsPuwPYnAtrWhS/y5bkGoEYMCyjKoxaDe lrFtolSAQKVnjWTCWq+YgU5kmolx2aouGPyhd9N95bDsOoobd5YOSrcKQzkDBxU2 eOeSom01cHOuAyY5yLFkDyEP/ABNANBfh81N40OxXAzKwPoGGlxNu2oo761647X0 p9Aw+G2zx9W3pekj+wcHuXdLaYsKnGeyQkji8Xpir+3wzRxkAZnUeXo0yUcwlRX4 cfMA -----END CERTIFICATE-----Generated at Wed Oct 8 21:30:58 2025 by rpki-client