$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c27b2338-5ab9-4430-8cc1-8132801f76eb.roa File: c27b2338-5ab9-4430-8cc1-8132801f76eb.roa (raw, json) Hash identifier: 2dqIRrsSt0XAIUcFBDWKwpgCTpTMeJLWfIb0bet00rI= Subject key identifier: 17:75:90:D1:2C:4D:8C:8E:E3:5C:1C:35:71:95:DC:1E:2A:D7:AD:6D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5957DA6E59DA686B62EBC9FCF638C9836550FC79 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c27b2338-5ab9-4430-8cc1-8132801f76eb.roa Signing time: Mon 06 Oct 2025 15:20:08 +0000 ROA not before: Mon 06 Oct 2025 15:20:08 +0000 ROA not after: Mon 10 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da2c::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 00:02:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:57:da:6e:59:da:68:6b:62:eb:c9:fc:f6:38:c9:83:65:50:fc:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 6 15:20:08 2025 GMT Not After : Nov 10 23:59:59 2025 GMT Subject: serialNumber=a367cebc65c8e25fb99d23c9101c41794c24096a61a872bfd341e6f804a22910, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:47:7d:77:7d:55:34:a0:4a:06:f3:eb:d4:02: c3:aa:5a:47:46:46:be:89:87:d5:34:aa:f4:8d:bb: 18:9d:16:a0:f8:64:15:7d:16:46:90:fa:ec:e6:0e: 18:f2:7c:d7:70:ce:7d:f3:f6:d9:38:88:cf:48:cc: 11:d4:56:58:6b:87:ba:f0:8f:62:16:74:a6:ff:e1: 8c:ac:49:82:fe:ab:3e:c3:47:c3:ad:78:67:db:fa: 43:79:b9:a9:7a:91:69:6a:1d:7c:e1:20:2a:6a:10: 36:68:1c:3a:a5:7a:72:4d:0a:15:b0:8a:50:b9:03: 49:f4:b7:14:a7:9c:bf:f8:df:85:27:ea:5c:10:7a: 7b:cc:58:6f:35:ad:3a:e5:f4:c6:a8:90:81:42:94: cb:93:95:df:5b:71:f1:da:48:c7:bd:b8:45:38:92: d1:f7:76:78:c5:94:1d:15:f2:33:0f:f9:69:7d:15: 7c:dc:36:b1:2e:5d:34:be:90:ff:2d:b7:e0:69:c5: bb:79:6b:ae:78:48:26:9e:e9:b7:0b:ef:72:ba:aa: 45:26:c5:dd:bb:e4:f4:d4:0d:bb:05:3d:cd:bb:08: 26:cf:4c:76:81:40:02:ca:0d:9e:98:b8:8a:ec:ab: 82:20:16:69:a5:63:75:bd:5e:4c:23:d2:b6:c4:37: df:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:75:90:D1:2C:4D:8C:8E:E3:5C:1C:35:71:95:DC:1E:2A:D7:AD:6D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c27b2338-5ab9-4430-8cc1-8132801f76eb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da2c::/36 Signature Algorithm: sha256WithRSAEncryption 2e:5a:f4:4b:d6:94:82:7b:5d:41:a4:e0:98:53:2f:23:60:99: 78:40:ba:c1:dd:a3:d3:67:f1:ca:3d:e5:f4:a1:d8:17:7a:b5: 81:be:e7:42:e0:ef:c5:b3:5b:0f:55:c5:17:f1:08:43:86:5b: 1d:89:fd:6e:24:6c:65:3d:d0:25:c9:5c:0e:ed:02:37:b2:97: 1f:87:cc:af:2b:ac:2d:8a:6c:b0:56:d5:1f:f6:70:f6:eb:0b: fb:b0:27:22:8d:ed:1c:ca:ec:2e:2e:85:9e:4b:14:d3:03:50: 1a:37:d9:d8:95:5c:58:84:37:b2:0d:5b:cf:a4:c8:d8:f0:94: 3c:7c:71:d0:30:c3:a4:fb:9f:5b:92:6e:15:2f:49:8e:34:2c: db:0d:e8:2f:f6:69:ee:b6:32:98:77:5c:2e:d0:a7:19:57:8b: 75:b8:f9:3d:b0:5e:a4:be:97:9f:5c:14:83:f2:72:40:6c:7f: f7:fd:39:77:bc:33:99:f9:27:29:03:06:64:22:4b:6f:3f:d8: 98:eb:cc:08:30:d5:c6:17:77:46:9e:8f:b8:45:65:ea:1a:7c: bb:84:3f:5f:ad:37:97:80:85:5f:5f:5f:80:4c:b0:94:2e:99: c3:04:ed:15:e4:72:67:f7:ed:e1:28:63:cf:f7:ad:88:d8:36: 78:b7:f9:dc -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWVfablnaaGti68n89jjJg2VQ/HkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNjE1MjAwOFoX DTI1MTExMDIzNTk1OVowejFJMEcGA1UEBRNAYTM2N2NlYmM2NWM4ZTI1ZmI5OWQy M2M5MTAxYzQxNzk0YzI0MDk2YTYxYTg3MmJmZDM0MWU2ZjgwNGEyMjkxMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEd9d31VNKBKBvPr1ALDqlpHRka+ iYfVNKr0jbsYnRag+GQVfRZGkPrs5g4Y8nzXcM598/bZOIjPSMwR1FZYa4e68I9i FnSm/+GMrEmC/qs+w0fDrXhn2/pDebmpepFpah184SAqahA2aBw6pXpyTQoVsIpQ uQNJ9LcUp5y/+N+FJ+pcEHp7zFhvNa065fTGqJCBQpTLk5XfW3Hx2kjHvbhFOJLR 93Z4xZQdFfIzD/lpfRV83DaxLl00vpD/LbfgacW7eWuueEgmnum3C+9yuqpFJsXd u+T01A27BT3Nuwgmz0x2gUACyg2emLiK7KuCIBZppWN1vV5MI9K2xDffyQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBd1kNEsTYyO41wcNXGV3B4q161tMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MyN2IyMzM4LTVhYjktNDQzMC04Y2MxLTgxMzI4MDFmNzZlYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaLAAwDQYJKoZIhvcNAQELBQADggEBAC5a9EvWlIJ7XUGk4JhT LyNgmXhAusHdo9Nn8co95fSh2Bd6tYG+50Lg78WzWw9VxRfxCEOGWx2J/W4kbGU9 0CXJXA7tAjeylx+HzK8rrC2KbLBW1R/2cPbrC/uwJyKN7RzK7C4uhZ5LFNMDUBo3 2diVXFiEN7INW8+kyNjwlDx8cdAww6T7n1uSbhUvSY40LNsN6C/2ae62Mph3XC7Q pxlXi3W4+T2wXqS+l59cFIPyckBsf/f9OXe8M5n5JykDBmQiS28/2JjrzAgw1cYX d0aej7hFZeoafLuEP1+tN5eAhV9fX4BMsJQumcME7RXkcmf37eEoY8/3rYjYNni3 +dw= -----END CERTIFICATE-----Generated at Fri Oct 17 07:49:06 2025 by rpki-client