$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa File: 4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa (raw, json) Hash identifier: vmcmKMY9lgqZ7GK3Izpj1rvVMcy76NiziAzQTZ8Vet8= Subject key identifier: D2:78:A0:3E:71:49:E4:DE:C3:2F:35:55:19:54:3E:26:2A:52:5B:E5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6EE88636E673853595F022F41B792C261916EABF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa Signing time: Mon 22 Sep 2025 15:00:23 +0000 ROA not before: Mon 22 Sep 2025 15:00:23 +0000 ROA not after: Mon 27 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafa:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 18 Oct 2025 00:20:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:e8:86:36:e6:73:85:35:95:f0:22:f4:1b:79:2c:26:19:16:ea:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 22 15:00:23 2025 GMT Not After : Oct 27 23:59:59 2025 GMT Subject: serialNumber=9063f6e1c83e7df07fc7a95aa127d32aa1a1ae7402389b63f795efe3abd4f97f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:29:35:c9:ee:85:18:09:a2:80:f1:9f:ca:84: 74:20:ba:51:ed:46:53:e9:dd:02:54:93:bf:d8:5d: d5:f2:b6:41:c2:57:d2:5d:08:ba:85:91:63:3b:3a: 1e:5d:d0:23:71:ab:7f:d7:b1:ec:ec:a3:25:ca:d4: 55:bd:92:24:62:6c:d9:ae:99:5e:7e:af:fa:90:c9: a9:eb:a8:5d:76:c5:84:7c:3b:c7:b7:73:33:32:06: 5f:f5:3e:6d:87:27:42:ed:71:0f:70:01:d6:00:a6: 2d:bd:6c:0b:e8:e0:53:5d:8b:9e:38:2b:64:c4:c6: 88:9f:1d:b4:74:a7:c4:3f:6a:6f:9f:5a:ab:64:52: a0:41:a6:56:ba:e4:24:2a:20:9c:a9:ee:d7:62:3f: 8e:4b:d8:74:02:b7:76:5f:ed:d5:ca:71:9f:38:8d: 93:5c:fe:86:d5:03:c7:37:9b:f5:21:95:ed:e1:de: 12:2a:c4:ad:92:23:5e:31:e7:11:2c:58:5b:f7:51: 9f:0e:a1:f4:fc:b8:71:61:40:36:47:bb:e6:fa:ec: 4b:d6:4f:2b:e0:20:12:0b:0d:49:2c:b6:e5:41:a8: d3:d7:7c:97:0a:59:2c:ff:85:25:59:e8:63:64:54: 55:d9:93:01:ec:32:56:f6:62:b1:51:77:cf:65:16: 3c:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:78:A0:3E:71:49:E4:DE:C3:2F:35:55:19:54:3E:26:2A:52:5B:E5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafa:4000::/40 Signature Algorithm: sha256WithRSAEncryption 22:5e:cd:5e:14:ff:3a:5a:12:2f:ad:05:8f:14:08:d3:d0:47: 9c:82:8e:03:9a:86:87:05:bd:86:bc:46:44:8e:20:2c:f2:d3: 21:2a:c1:20:93:1a:42:7d:a6:c6:10:d3:72:3e:a1:f1:ec:37: 05:31:55:8d:f0:ed:d2:c6:a7:67:f0:d2:77:f9:13:3a:3d:3f: 7f:a3:4a:27:bd:65:9f:ab:7c:87:aa:53:39:8d:d1:e1:4a:9a: 12:9c:cc:f5:c5:c5:1f:ad:c0:5c:70:ae:b5:1c:67:91:f9:5f: 19:30:1b:cf:80:f1:03:78:3b:77:58:6d:89:53:c8:d5:43:c4: f7:4b:d4:16:f0:9d:c2:b6:a7:4a:9e:b8:ea:f3:25:b5:5e:c4: 85:b3:cf:0c:17:a0:98:c5:47:70:1a:4e:e3:79:f0:dd:46:9d: 99:b7:88:bf:9b:fa:19:7b:34:20:38:54:e3:d8:d4:af:00:e7: 7f:73:99:0f:b9:5a:4a:69:8d:f9:00:1a:f5:56:1d:fe:92:17: c7:8b:00:f5:76:a5:49:3c:73:57:bf:9f:ec:17:72:a9:70:9f: b0:64:be:a3:cb:5a:31:5f:78:5f:37:70:df:77:c7:66:97:1e: 86:cc:15:45:03:05:95:65:97:5c:96:dc:62:ae:90:bf:e3:43: 54:eb:44:18 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbuiGNuZzhTWV8CL0G3ksJhkW6r8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDkyMjE1MDAyM1oX DTI1MTAyNzIzNTk1OVowejFJMEcGA1UEBRNAOTA2M2Y2ZTFjODNlN2RmMDdmYzdh OTVhYTEyN2QzMmFhMWExYWU3NDAyMzg5YjYzZjc5NWVmZTNhYmQ0Zjk3ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCk1ye6FGAmigPGfyoR0ILpR7UZT 6d0CVJO/2F3V8rZBwlfSXQi6hZFjOzoeXdAjcat/17Hs7KMlytRVvZIkYmzZrple fq/6kMmp66hddsWEfDvHt3MzMgZf9T5thydC7XEPcAHWAKYtvWwL6OBTXYueOCtk xMaInx20dKfEP2pvn1qrZFKgQaZWuuQkKiCcqe7XYj+OS9h0Ard2X+3VynGfOI2T XP6G1QPHN5v1IZXt4d4SKsStkiNeMecRLFhb91GfDqH0/LhxYUA2R7vm+uxL1k8r 4CASCw1JLLblQajT13yXClks/4UlWehjZFRV2ZMB7DJW9mKxUXfPZRY8AwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNJ4oD5xSeTewy81VRlUPiYqUlvlMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRkNWE4NTEzLTIxZTUtNGFmNy1iMWI5LWU4NWJjOGUxNmViOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+kAwDQYJKoZIhvcNAQELBQADggEBACJezV4U/zpaEi+tBY8U CNPQR5yCjgOahocFvYa8RkSOICzy0yEqwSCTGkJ9psYQ03I+ofHsNwUxVY3w7dLG p2fw0nf5Ezo9P3+jSie9ZZ+rfIeqUzmN0eFKmhKczPXFxR+twFxwrrUcZ5H5Xxkw G8+A8QN4O3dYbYlTyNVDxPdL1BbwncK2p0qeuOrzJbVexIWzzwwXoJjFR3AaTuN5 8N1GnZm3iL+b+hl7NCA4VOPY1K8A539zmQ+5WkppjfkAGvVWHf6SF8eLAPV2pUk8 c1e/n+wXcqlwn7BkvqPLWjFfeF83cN93x2aXHobMFUUDBZVll1yW3GKukL/jQ1Tr RBg= -----END CERTIFICATE-----Generated at Tue Oct 14 18:57:52 2025 by rpki-client