$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/eb97279c-5cd5-487d-8327-aaaca3ddaddb.roa File: eb97279c-5cd5-487d-8327-aaaca3ddaddb.roa (raw, json) Hash identifier: wH2rWYls/n/OGaq4rQj6DO/rctkZPsEO0Vq7ZZm5UGw= Subject key identifier: CF:CB:E6:33:1E:F9:72:35:B4:74:10:8F:A4:17:A4:20:AD:D7:A1:7F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 42FC44DB6CEAD5B0000BCDCFE6AA119CEAB7A6DA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/eb97279c-5cd5-487d-8327-aaaca3ddaddb.roa Signing time: Wed 08 Oct 2025 00:00:52 +0000 ROA not before: Wed 08 Oct 2025 00:00:52 +0000 ROA not after: Wed 12 Nov 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da60:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 Oct 2025 00:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:fc:44:db:6c:ea:d5:b0:00:0b:cd:cf:e6:aa:11:9c:ea:b7:a6:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 8 00:00:52 2025 GMT Not After : Nov 12 23:59:59 2025 GMT Subject: serialNumber=ddaf38c1d387f9733f4ce0bac879146e1594e9e3f9fbbfd29b666271fdd21414, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:0f:f9:93:98:42:9f:17:42:77:6b:ed:3a:3b: 45:3c:e3:44:7b:4c:3b:32:1d:bf:0d:7c:1c:fd:ea: ce:9f:8f:ad:fb:12:f8:1f:39:0c:ac:65:fe:89:f0: a1:34:6f:a1:c4:6c:00:05:f2:a2:eb:de:85:8b:e3: 8c:ee:c8:be:51:17:5c:dd:07:bf:19:ea:08:5c:f7: e8:1f:ba:35:e5:00:4d:9a:6d:24:c1:98:2e:4d:78: a8:8f:e5:0f:15:93:04:9b:7f:4c:16:c0:b8:bc:dc: 85:65:39:98:92:56:c8:63:f9:9f:da:86:43:f5:1d: 7e:00:e2:e0:93:e7:25:1e:9f:76:09:f6:b9:1c:80: 09:56:a0:52:11:66:1e:48:dc:b2:cf:b9:d6:ed:5d: 3f:f3:b1:9a:bb:de:98:fa:34:9f:a2:37:b2:24:39: 9a:32:71:36:84:7e:71:44:7d:f6:83:94:90:78:d1: ea:11:7f:a2:50:f0:6b:09:20:f4:89:bc:88:70:48: e0:2d:87:94:7e:f8:e3:ef:5e:43:55:9b:a2:ad:00: b6:2e:be:99:6d:ef:21:97:0f:0f:c3:85:17:39:6d: 28:d3:46:d2:da:4e:cb:b4:2c:e3:2e:06:9d:cb:23: 2b:49:04:73:4c:e0:2d:cd:e4:10:9b:c6:f4:56:6b: 29:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:CB:E6:33:1E:F9:72:35:B4:74:10:8F:A4:17:A4:20:AD:D7:A1:7F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/eb97279c-5cd5-487d-8327-aaaca3ddaddb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:2000::/40 Signature Algorithm: sha256WithRSAEncryption b7:b9:e6:71:3e:72:e2:18:e0:6e:22:1c:34:4e:d3:3c:0c:59: 9b:1c:eb:35:d8:05:6e:21:22:68:49:09:a9:64:6d:1b:04:34: 3b:1d:b2:88:44:2b:74:34:8a:77:39:d7:b2:49:43:95:e9:6d: e0:26:dd:32:2f:ac:d4:d2:98:15:2e:26:2f:eb:65:d8:85:95: 19:59:33:06:79:b3:bc:a4:25:f8:dd:b4:fa:9c:a2:19:e0:bd: b6:68:a4:ca:b1:42:13:c9:6c:e8:f8:10:db:31:03:4f:70:d5: 80:35:52:0d:92:64:05:5f:1c:46:0a:46:58:ec:78:40:df:6e: c4:24:67:f0:5c:9d:98:cf:f5:ee:b4:4a:af:07:28:77:83:34: a3:2e:75:ce:c2:86:ca:44:98:41:3c:9e:3c:7e:99:a5:c6:f7: 25:5f:14:0b:c4:f4:95:9b:8e:81:46:e3:2c:91:48:e0:d8:3f: b3:0d:bc:89:b3:99:ac:81:cc:14:24:e4:3d:e2:ed:b3:6b:21: c5:91:70:cc:5b:b6:d3:26:24:24:ad:0b:63:63:7d:95:da:71: 5c:8e:4d:ab:17:3a:f6:a8:93:d7:85:0e:c4:59:50:d4:7b:d7: f5:8a:43:e2:60:f7:4d:76:86:79:2a:a7:78:d6:81:46:d7:34: 77:32:c4:4a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQvxE22zq1bAAC83P5qoRnOq3ptowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwODAwMDA1MloX DTI1MTExMjIzNTk1OVowejFJMEcGA1UEBRNAZGRhZjM4YzFkMzg3Zjk3MzNmNGNl MGJhYzg3OTE0NmUxNTk0ZTllM2Y5ZmJiZmQyOWI2NjYyNzFmZGQyMTQxNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw/5k5hCnxdCd2vtOjtFPONEe0w7 Mh2/DXwc/erOn4+t+xL4HzkMrGX+ifChNG+hxGwABfKi696Fi+OM7si+URdc3Qe/ GeoIXPfoH7o15QBNmm0kwZguTXioj+UPFZMEm39MFsC4vNyFZTmYklbIY/mf2oZD 9R1+AOLgk+clHp92Cfa5HIAJVqBSEWYeSNyyz7nW7V0/87Gau96Y+jSfojeyJDma MnE2hH5xRH32g5SQeNHqEX+iUPBrCSD0ibyIcEjgLYeUfvjj715DVZuirQC2Lr6Z be8hlw8Pw4UXOW0o00bS2k7LtCzjLgadyyMrSQRzTOAtzeQQm8b0VmspMQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFM/L5jMe+XI1tHQQj6QXpCCt16F/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ViOTcyNzljLTVjZDUtNDg3ZC04MzI3LWFhYWNhM2RkYWRkYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYCAwDQYJKoZIhvcNAQELBQADggEBALe55nE+cuIY4G4iHDRO 0zwMWZsc6zXYBW4hImhJCalkbRsENDsdsohEK3Q0inc517JJQ5XpbeAm3TIvrNTS mBUuJi/rZdiFlRlZMwZ5s7ykJfjdtPqcohngvbZopMqxQhPJbOj4ENsxA09w1YA1 Ug2SZAVfHEYKRljseEDfbsQkZ/BcnZjP9e60Sq8HKHeDNKMudc7ChspEmEE8njx+ maXG9yVfFAvE9JWbjoFG4yyRSODYP7MNvImzmayBzBQk5D3i7bNrIcWRcMxbttMm JCStC2NjfZXacVyOTasXOvaok9eFDsRZUNR71/WKQ+Jg9012hnkqp3jWgUbXNHcy xEo= -----END CERTIFICATE-----Generated at Wed Oct 8 19:42:09 2025 by rpki-client