$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d5b91d5b-b6a3-493c-bfc6-0a607202d3b7.roa File: d5b91d5b-b6a3-493c-bfc6-0a607202d3b7.roa (raw, json) Hash identifier: I6TO/Qkxtw6lZWHsTWpRQNSudozUJBEXgDRPGQrPLJ8= Subject key identifier: 35:1B:4F:30:AD:B1:94:CE:EE:AB:55:07:E1:0C:39:E1:D0:C7:66:01 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 19B6D7ECD9D8A8143FEA1B3DD1C4932CC4C95B7A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d5b91d5b-b6a3-493c-bfc6-0a607202d3b7.roa Signing time: Sat 04 Oct 2025 00:00:07 +0000 ROA not before: Sat 04 Oct 2025 00:00:07 +0000 ROA not after: Sat 08 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:48c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 Oct 2025 00:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:b6:d7:ec:d9:d8:a8:14:3f:ea:1b:3d:d1:c4:93:2c:c4:c9:5b:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 4 00:00:07 2025 GMT Not After : Nov 8 23:59:59 2025 GMT Subject: serialNumber=ac6ff74c94b21269ad30e2f09211a42e84c074d0d9d83ee80284e9b318a32b63, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:22:1f:72:18:d3:4b:4e:69:08:c8:93:20:4b: fe:84:d6:a3:6c:3c:29:76:34:58:07:b1:ec:f5:48: 9c:7c:7a:ac:c0:15:7e:3c:f7:34:b8:3e:52:d2:30: 04:05:4f:29:3d:4b:95:79:62:93:2f:01:38:d7:d1: ee:e0:e3:7e:c9:c9:cc:78:b9:7a:71:35:f1:f1:4a: 14:04:f1:d2:f6:8e:04:8e:ce:dd:a9:28:56:17:7d: e4:20:f6:df:02:e8:8b:b6:4d:84:90:4f:62:6a:87: 7e:7d:fa:36:85:06:17:fc:74:b1:de:b9:5f:1d:4c: 44:d6:32:fd:24:e2:91:90:94:15:84:27:df:71:ac: 81:44:9d:5b:fb:2d:b6:56:ff:f1:96:e2:32:79:f6: cd:f7:bc:8e:f1:01:2d:0c:27:df:00:da:8a:07:09: 0e:c1:77:31:6d:fd:42:05:06:c8:fb:58:d3:c7:39: fd:24:09:c8:cd:74:82:d9:6e:d3:27:82:20:70:37: c0:9b:8f:67:af:28:66:63:56:56:6f:17:95:42:4c: 7d:d9:a3:d6:ea:8b:80:4d:6b:12:0c:6c:32:60:1f: 88:0e:59:ea:1a:51:99:10:78:21:81:4c:f1:b6:10: bc:fc:32:27:40:e7:ec:33:1e:d2:31:14:ac:df:bd: 61:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:1B:4F:30:AD:B1:94:CE:EE:AB:55:07:E1:0C:39:E1:D0:C7:66:01 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d5b91d5b-b6a3-493c-bfc6-0a607202d3b7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:48c0::/46 Signature Algorithm: sha256WithRSAEncryption 2d:71:a0:68:2e:54:55:8d:c6:8e:a8:dd:83:71:08:69:e2:f7: 1e:b0:d8:ff:86:09:3a:57:3d:cf:c8:31:d4:e7:85:aa:1e:2b: 8d:65:19:99:17:71:5d:4d:e4:2b:c5:da:af:07:07:00:7c:e5: 36:66:37:ac:af:d9:3b:e0:5b:5c:52:83:4e:a2:a0:21:18:39: 3d:10:65:f0:c5:c3:d7:c7:14:cc:74:95:2b:9b:09:85:6b:8a: f9:2e:0d:35:8c:46:fe:0d:03:54:06:e4:4f:b9:43:c7:97:34: 2f:a0:33:54:0d:55:14:dc:1d:e7:77:31:57:ef:43:27:a0:e9: 13:34:53:a3:ec:2b:b6:48:6b:aa:7f:0a:18:aa:88:fc:22:df: cf:7a:70:06:16:e9:e7:12:2f:4f:b2:5c:f1:49:16:96:2d:28: bd:f0:d8:71:76:b2:4d:2c:f4:4f:bc:f6:88:67:02:63:48:94: 98:13:af:be:e5:8c:22:d1:df:7d:c0:7e:07:58:36:f9:f8:19: f4:31:52:cd:10:38:57:76:8d:b8:d5:07:86:7c:2a:4c:81:1e: d3:50:94:0f:4b:de:3c:97:42:83:62:e2:e1:e2:89:1d:c6:d0: 22:27:69:9d:92:a6:e6:f7:a4:de:ae:5d:a6:a2:14:e1:1a:08: f8:3d:ee:03 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGbbX7NnYqBQ/6hs90cSTLMTJW3owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNDAwMDAwN1oX DTI1MTEwODIzNTk1OVowejFJMEcGA1UEBRNAYWM2ZmY3NGM5NGIyMTI2OWFkMzBl MmYwOTIxMWE0MmU4NGMwNzRkMGQ5ZDgzZWU4MDI4NGU5YjMxOGEzMmI2MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSIfchjTS05pCMiTIEv+hNajbDwp djRYB7Hs9UicfHqswBV+PPc0uD5S0jAEBU8pPUuVeWKTLwE419Hu4ON+ycnMeLl6 cTXx8UoUBPHS9o4Ejs7dqShWF33kIPbfAuiLtk2EkE9iaod+ffo2hQYX/HSx3rlf HUxE1jL9JOKRkJQVhCffcayBRJ1b+y22Vv/xluIyefbN97yO8QEtDCffANqKBwkO wXcxbf1CBQbI+1jTxzn9JAnIzXSC2W7TJ4IgcDfAm49nryhmY1ZWbxeVQkx92aPW 6ouATWsSDGwyYB+IDlnqGlGZEHghgUzxthC8/DInQOfsMx7SMRSs371htwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDUbTzCtsZTO7qtVB+EMOeHQx2YBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q1YjkxZDViLWI2YTMtNDkzYy1iZmM2LTBhNjA3MjAyZDNiNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba80jAMA0GCSqGSIb3DQEBCwUAA4IBAQAtcaBoLlRVjcaOqN2D cQhp4vcesNj/hgk6Vz3PyDHU54WqHiuNZRmZF3FdTeQrxdqvBwcAfOU2Zjesr9k7 4FtcUoNOoqAhGDk9EGXwxcPXxxTMdJUrmwmFa4r5Lg01jEb+DQNUBuRPuUPHlzQv oDNUDVUU3B3ndzFX70MnoOkTNFOj7Cu2SGuqfwoYqoj8It/PenAGFunnEi9Pslzx SRaWLSi98NhxdrJNLPRPvPaIZwJjSJSYE6++5Ywi0d99wH4HWDb5+Bn0MVLNEDhX do241QeGfCpMgR7TUJQPS948l0KDYuLh4okdxtAiJ2mdkqbm96Terl2mohThGgj4 Pe4D -----END CERTIFICATE-----Generated at Wed Oct 8 23:14:47 2025 by rpki-client