$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ee15ce65-dc50-4412-8826-22842acc278a.roa File: ee15ce65-dc50-4412-8826-22842acc278a.roa (raw, json) Hash identifier: DerhbJiNzgvg3vFmFBd10jYYaTHUSL+i9zSjCpmpAeA= Subject key identifier: EE:6F:26:54:34:91:11:5A:77:BD:B3:77:8E:8E:AF:99:8C:EB:54:68 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7CD844331C3EEE971E8E9DBFDFE59A6DE384AA16 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ee15ce65-dc50-4412-8826-22842acc278a.roa Signing time: Mon 06 Oct 2025 15:10:07 +0000 ROA not before: Mon 06 Oct 2025 15:10:07 +0000 ROA not after: Mon 10 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Nov 2025 00:10:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:d8:44:33:1c:3e:ee:97:1e:8e:9d:bf:df:e5:9a:6d:e3:84:aa:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 6 15:10:07 2025 GMT Not After : Nov 10 23:59:59 2025 GMT Subject: serialNumber=19cb5e808e1ed2e995d844bf692e1759418e1ca2558ca59b4c4534ff1ce9f34d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:85:e1:4b:89:6d:f9:02:21:be:40:dc:d6:be: 81:fa:a5:4b:90:96:1f:e6:f8:1c:45:fe:e3:75:1b: e4:fd:32:d9:1a:b3:49:da:ea:75:61:84:65:00:8b: f8:67:4e:e1:60:39:fc:be:aa:2a:be:8f:2e:f6:0b: 6b:31:65:e7:64:7e:38:2d:85:2a:0f:c6:8d:61:d4: ef:b3:4e:c9:15:5d:26:5d:c4:ec:dc:b9:be:8e:d2: 3a:c6:5d:21:8e:f6:5c:53:cf:ac:72:26:9b:61:34: a7:73:74:f1:ce:dd:01:b5:b8:d0:e5:4c:47:13:70: 1e:a7:ee:a0:ff:73:2a:35:7b:da:dd:a8:e8:75:f1: d4:2b:76:77:03:f2:27:d2:a9:cd:85:de:93:a4:d9: d2:0e:f9:a9:41:87:20:6f:66:c1:74:8a:a4:dc:67: db:2a:96:5a:90:d1:e7:ee:15:82:7b:61:a0:ba:9a: 66:8e:4c:1b:0a:2a:67:cf:22:6c:bb:05:fe:c7:06: 32:e2:f4:ae:c1:1c:9f:a9:b6:0b:74:b9:98:dc:03: 55:33:65:0b:bd:1b:64:58:cf:e3:03:c1:9b:5c:f8: e1:83:34:b2:69:1e:14:a9:ea:92:d0:0b:e2:3e:b1: 10:91:46:02:3d:97:d7:09:80:47:dd:e7:b5:f1:47: 87:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:6F:26:54:34:91:11:5A:77:BD:B3:77:8E:8E:AF:99:8C:EB:54:68 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ee15ce65-dc50-4412-8826-22842acc278a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:f000::/40 Signature Algorithm: sha256WithRSAEncryption 4f:e6:1f:c5:41:24:93:a2:63:55:19:10:3f:f9:12:a0:4f:5e: b7:1d:09:3b:bd:48:b8:d6:cd:3d:63:0c:e4:e1:07:53:fe:44: aa:37:2c:29:ab:55:2f:ab:83:0b:86:8b:24:6b:df:03:ba:0c: 8a:35:43:1f:0b:79:2c:02:a3:32:81:42:6a:73:6a:02:c0:c0: d2:14:33:da:b2:f8:d5:29:5e:1d:0b:98:6c:24:73:26:7b:3f: 90:c8:27:b7:1f:94:d4:c9:b8:84:94:f8:1c:f3:1e:58:a2:8b: b1:ed:ed:57:58:05:00:21:58:40:cc:b9:29:70:97:af:f6:ae: a3:46:2c:6f:fd:cb:a5:46:37:f2:e0:1b:b6:8e:6b:94:30:0f: 69:2b:dc:d7:8c:3d:49:c7:96:e4:5f:4d:c2:ce:03:7d:99:c3: 8c:a1:1d:03:3f:2a:3f:58:80:8a:bc:13:1f:53:3c:78:b3:a4: 05:8b:b3:04:c3:ad:4b:f1:e8:50:ee:6f:e8:ff:7e:8f:ab:58: ef:38:da:62:7e:6b:b0:bd:72:9b:81:c8:56:99:bc:81:1a:72: fc:fc:c7:5e:f7:d4:65:d8:df:6b:b4:54:70:97:92:92:51:d1: a8:58:1c:2f:d2:7f:59:cb:77:9d:91:34:cb:f6:4a:9f:17:00: 81:01:da:e8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfNhEMxw+7pcejp2/3+WabeOEqhYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAwNjE1MTAwN1oX DTI1MTExMDIzNTk1OVowejFJMEcGA1UEBRNAMTljYjVlODA4ZTFlZDJlOTk1ZDg0 NGJmNjkyZTE3NTk0MThlMWNhMjU1OGNhNTliNGM0NTM0ZmYxY2U5ZjM0ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoXhS4lt+QIhvkDc1r6B+qVLkJYf 5vgcRf7jdRvk/TLZGrNJ2up1YYRlAIv4Z07hYDn8vqoqvo8u9gtrMWXnZH44LYUq D8aNYdTvs07JFV0mXcTs3Lm+jtI6xl0hjvZcU8+sciabYTSnc3Txzt0BtbjQ5UxH E3Aep+6g/3MqNXva3ajodfHUK3Z3A/In0qnNhd6TpNnSDvmpQYcgb2bBdIqk3Gfb KpZakNHn7hWCe2GguppmjkwbCipnzyJsuwX+xwYy4vSuwRyfqbYLdLmY3ANVM2UL vRtkWM/jA8GbXPjhgzSyaR4UqeqS0AviPrEQkUYCPZfXCYBH3ee18UeHgwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFO5vJlQ0kRFad72zd46Or5mM61RoMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VlMTVjZTY1LWRjNTAtNDQxMi04ODI2LTIyODQyYWNjMjc4YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9fAwDQYJKoZIhvcNAQELBQADggEBAE/mH8VBJJOiY1UZED/5 EqBPXrcdCTu9SLjWzT1jDOThB1P+RKo3LCmrVS+rgwuGiyRr3wO6DIo1Qx8LeSwC ozKBQmpzagLAwNIUM9qy+NUpXh0LmGwkcyZ7P5DIJ7cflNTJuISU+BzzHliii7Ht 7VdYBQAhWEDMuSlwl6/2rqNGLG/9y6VGN/LgG7aOa5QwD2kr3NeMPUnHluRfTcLO A32Zw4yhHQM/Kj9YgIq8Ex9TPHizpAWLswTDrUvx6FDub+j/fo+rWO842mJ+a7C9 cpuByFaZvIEacvz8x1731GXY32u0VHCXkpJR0ahYHC/Sf1nLd52RNMv2Sp8XAIEB 2ug= -----END CERTIFICATE-----Generated at Wed Oct 29 05:46:24 2025 by rpki-client