$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa File: 02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa (raw, json) Hash identifier: iCAv46/pF58dIE2ZEHwxEO1aVebJMIv8VZI/vUf6SUQ= Subject key identifier: 4D:F6:C5:8B:C0:EF:6C:8C:EB:FE:E4:63:1B:0E:8B:C0:42:99:15:5E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 484ACF96E9D1B310F178B191F4F4BD791F8595B2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa Signing time: Wed 15 Oct 2025 00:01:00 +0000 ROA not before: Wed 15 Oct 2025 00:01:00 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 00:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:4a:cf:96:e9:d1:b3:10:f1:78:b1:91:f4:f4:bd:79:1f:85:95:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:01:00 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=95eb092ede812715384da939f60c2ccc56a26f58baa627d99454771a3bf82337, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:67:ae:8a:0d:a8:5f:22:53:57:5f:80:80:a7: b9:69:3a:c4:b2:b2:36:77:5a:f4:10:23:2b:49:00: 12:c5:e2:a4:4c:72:f4:d6:e3:2b:33:c9:5a:7e:68: 8d:e9:f8:b1:52:7c:18:b3:ba:1c:ca:75:36:69:9a: 58:90:32:4d:a0:b8:98:24:fc:0c:1a:4d:23:d4:71: 2d:56:e7:48:8d:ef:ec:73:af:b0:e0:4b:d5:50:a1: 9b:5e:cc:75:db:d2:dc:e5:ee:41:a8:1d:aa:88:01: 13:af:a2:82:5f:73:65:5f:a2:74:0c:e3:fd:16:fd: 3b:ce:13:27:c0:86:9d:32:a3:46:fd:7d:47:ea:d7: 33:ec:77:48:67:a8:29:8f:83:cb:6b:f5:d1:ae:07: 78:be:fc:e0:c7:0f:91:cb:10:b8:3c:86:11:dc:d8: f8:19:37:3b:47:b7:ce:3b:7e:52:0e:0f:2e:3c:c0: 0f:d4:d4:6d:68:5f:75:c8:1e:48:d2:2a:6f:53:a4: 25:60:de:69:e6:b8:29:21:89:7f:2d:7a:a4:6b:6a: f3:58:99:39:9f:3e:d6:ad:3e:a9:b4:00:4f:32:87: 30:2b:61:fd:55:4c:79:9a:8b:03:1f:1b:b3:ab:9b: 3b:f9:b0:70:d2:39:23:5f:06:3e:2b:78:8e:88:5d: 54:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:F6:C5:8B:C0:EF:6C:8C:EB:FE:E4:63:1B:0E:8B:C0:42:99:15:5E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:2000::/40 Signature Algorithm: sha256WithRSAEncryption 43:17:a4:b4:36:fe:87:82:25:2e:cc:bd:4e:09:a4:74:a1:c6: 24:4f:cc:05:b3:ca:02:af:a9:90:5f:09:cd:ef:31:b2:09:8f: a9:64:9c:c7:40:f6:87:38:ee:36:56:10:dd:60:7e:97:90:e7: 03:e7:41:38:54:3a:82:d2:86:52:82:70:23:33:a7:30:b4:12: 1e:7b:d3:71:98:06:f3:de:cb:37:fc:83:78:00:30:a4:86:8b: b6:f7:39:3c:50:a1:40:17:c7:a9:4f:43:b8:5f:cd:6b:bb:ce: a2:33:c3:af:98:db:25:a2:e7:b1:0f:a6:06:51:4f:d0:67:3a: 6a:8f:d3:c5:d1:33:06:04:7e:6e:de:fc:a9:8a:7a:45:fa:8c: c6:17:35:38:22:60:83:23:63:9f:90:c2:d1:f7:82:5b:16:3c: 9b:24:18:d2:7a:e8:ad:93:e9:de:4b:73:38:e6:a3:d3:f4:66: 4d:bf:58:41:67:8a:c7:ad:72:6c:2f:8b:81:a7:ed:bb:eb:d0: 92:f3:f9:9b:d9:ba:86:9f:40:f1:7f:19:49:e5:48:d9:54:5f: e6:35:ba:87:1a:cf:06:5a:14:2a:c5:38:5d:1d:10:d6:d3:2e: 08:c4:2d:77:c5:0f:78:34:9c:19:4e:5f:ab:05:e7:cc:a9:c5: fe:77:f8:c0 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSErPlunRsxDxeLGR9PS9eR+FlbIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwMDEwMFoX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNAOTVlYjA5MmVkZTgxMjcxNTM4NGRh OTM5ZjYwYzJjY2M1NmEyNmY1OGJhYTYyN2Q5OTQ1NDc3MWEzYmY4MjMzNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4meuig2oXyJTV1+AgKe5aTrEsrI2 d1r0ECMrSQASxeKkTHL01uMrM8lafmiN6fixUnwYs7ocynU2aZpYkDJNoLiYJPwM Gk0j1HEtVudIje/sc6+w4EvVUKGbXsx129Lc5e5BqB2qiAETr6KCX3NlX6J0DOP9 Fv07zhMnwIadMqNG/X1H6tcz7HdIZ6gpj4PLa/XRrgd4vvzgxw+RyxC4PIYR3Nj4 GTc7R7fOO35SDg8uPMAP1NRtaF91yB5I0ipvU6QlYN5p5rgpIYl/LXqka2rzWJk5 nz7WrT6ptABPMocwK2H9VUx5mosDHxuzq5s7+bBw0jkjXwY+K3iOiF1UnwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFE32xYvA72yM6/7kYxsOi8BCmRVeMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAyYTUxZTU0LTZiYjUtNDNlNy05NGQwLWE4ZTk1NzcxZjJhMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8SAwDQYJKoZIhvcNAQELBQADggEBAEMXpLQ2/oeCJS7MvU4J pHShxiRPzAWzygKvqZBfCc3vMbIJj6lknMdA9oc47jZWEN1gfpeQ5wPnQThUOoLS hlKCcCMzpzC0Eh5703GYBvPeyzf8g3gAMKSGi7b3OTxQoUAXx6lPQ7hfzWu7zqIz w6+Y2yWi57EPpgZRT9BnOmqP08XRMwYEfm7e/KmKekX6jMYXNTgiYIMjY5+QwtH3 glsWPJskGNJ66K2T6d5Lczjmo9P0Zk2/WEFnisetcmwvi4Gn7bvr0JLz+ZvZuoaf QPF/GUnlSNlUX+Y1uocazwZaFCrFOF0dENbTLgjELXfFD3g0nBlOX6sF58ypxf53 +MA= -----END CERTIFICATE-----Generated at Sat Nov 1 19:48:59 2025 by rpki-client