$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffd89ff2-4de6-4517-88fc-12345cabb969.roa File: ffd89ff2-4de6-4517-88fc-12345cabb969.roa (raw, json) Hash identifier: GjrNcpUAteeUXCztkfXWOeZOM8256eEu2F6p30H4Gtk= Subject key identifier: 65:36:8B:25:19:18:E4:98:C8:A3:8A:94:7C:EA:38:6E:6F:9B:DB:9A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 37BB1FC5AF8CCE9188B7DFF73A50E28E962A896B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffd89ff2-4de6-4517-88fc-12345cabb969.roa Signing time: Wed 15 Oct 2025 00:50:50 +0000 ROA not before: Wed 15 Oct 2025 00:50:50 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da15::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 00:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:bb:1f:c5:af:8c:ce:91:88:b7:df:f7:3a:50:e2:8e:96:2a:89:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:50:50 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=f0af9cf479add3d152fb771e240883dd24b65f00a527e993712f23718ff8d7c8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ef:7b:19:14:2e:ec:ad:cc:93:b6:86:fb:9a: 31:47:10:e6:7e:10:3e:18:8c:73:48:fd:ef:17:ab: df:1f:bf:9b:f0:13:a1:55:6f:49:9e:a9:1a:7f:e0: 4f:d6:2b:ef:09:31:d3:4f:38:aa:04:3a:9b:a7:cd: 90:42:36:34:7c:c9:b3:6e:31:fb:4d:66:3b:3f:69: 84:d6:7b:d7:c9:55:92:5a:a3:4e:9b:16:39:ef:d5: 66:1c:36:e5:48:26:29:e1:3c:21:e0:b7:bf:2f:a9: 22:20:d4:83:94:03:2a:6e:dd:37:5f:45:f2:94:bf: bf:06:d1:eb:99:64:b7:81:92:b0:6f:57:30:7c:12: 94:70:13:c6:d4:03:0e:fc:6d:f5:f9:03:4a:a7:0d: d2:4a:08:38:46:a0:91:55:4b:1e:ff:56:d4:5d:7d: 1c:d5:67:7b:54:76:ca:2e:33:14:88:e2:93:47:70: a2:d4:ab:66:ea:b0:06:94:f6:4d:b8:c4:75:20:05: e1:1b:bf:27:26:2b:93:5f:57:83:00:ab:ca:1b:5b: 4d:0e:b7:28:59:3b:aa:40:66:36:f4:5e:62:b3:cd: 9d:72:4f:a8:69:64:b7:b5:09:8f:59:3a:5a:69:0e: dd:a5:15:99:2d:c6:e5:82:62:79:03:9d:db:2b:1d: c1:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:36:8B:25:19:18:E4:98:C8:A3:8A:94:7C:EA:38:6E:6F:9B:DB:9A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffd89ff2-4de6-4517-88fc-12345cabb969.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da15::/36 Signature Algorithm: sha256WithRSAEncryption 22:57:69:a2:1b:ee:ff:8a:4c:6a:c9:2a:aa:4b:a1:b1:34:b1: 2c:d4:22:f9:2c:93:87:78:db:ca:60:49:9f:70:68:5a:27:fd: 22:d7:04:09:fb:f9:89:09:0c:43:3e:42:fc:5f:df:e3:41:db: 88:58:4e:3a:98:35:c6:4c:bd:2a:de:3a:76:7e:89:1c:a5:02: 09:71:b9:0f:94:94:87:57:2b:e7:c0:19:68:c9:55:1b:8f:70: 51:a7:64:17:c5:92:a6:65:ea:21:19:a6:1e:d9:69:ef:94:76: 2f:d6:ed:90:62:40:c7:a5:e1:36:ca:28:88:9d:56:2f:ae:6f: 73:c5:1d:d9:5f:0e:7a:c5:3d:f8:9f:ea:ca:3a:0e:f0:79:1c: 08:2b:c9:83:d3:61:22:c3:a6:ca:d3:a8:42:2a:09:fa:46:73: 18:59:62:dc:74:1e:43:47:1e:4c:40:89:f1:1c:c7:32:2b:1a: 50:9a:45:14:6d:eb:1c:86:b3:65:15:22:fc:aa:e0:c2:18:98: 71:64:18:68:63:10:8e:7c:d6:b9:3d:bf:7b:2a:dc:db:d0:f5: 15:c8:a5:8e:8a:e4:ec:e6:36:2e:e4:ba:f4:c2:96:9f:32:d7: 47:2d:d3:9c:81:8b:ff:f3:02:cf:d5:05:f4:97:9d:73:92:60: 6d:4e:0e:dd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUN7sfxa+MzpGIt9/3OlDijpYqiWswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwNTA1MFoX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNAZjBhZjljZjQ3OWFkZDNkMTUyZmI3 NzFlMjQwODgzZGQyNGI2NWYwMGE1MjdlOTkzNzEyZjIzNzE4ZmY4ZDdjODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAye97GRQu7K3Mk7aG+5oxRxDmfhA+ GIxzSP3vF6vfH7+b8BOhVW9Jnqkaf+BP1ivvCTHTTziqBDqbp82QQjY0fMmzbjH7 TWY7P2mE1nvXyVWSWqNOmxY579VmHDblSCYp4Twh4Le/L6kiINSDlAMqbt03X0Xy lL+/BtHrmWS3gZKwb1cwfBKUcBPG1AMO/G31+QNKpw3SSgg4RqCRVUse/1bUXX0c 1Wd7VHbKLjMUiOKTR3Ci1Ktm6rAGlPZNuMR1IAXhG78nJiuTX1eDAKvKG1tNDrco WTuqQGY29F5is82dck+oaWS3tQmPWTpaaQ7dpRWZLcblgmJ5A53bKx3BgQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGU2iyUZGOSYyKOKlHzqOG5vm9uaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZmZDg5ZmYyLTRkZTYtNDUxNy04OGZjLTEyMzQ1Y2FiYjk2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaFQAwDQYJKoZIhvcNAQELBQADggEBACJXaaIb7v+KTGrJKqpL obE0sSzUIvksk4d428pgSZ9waFon/SLXBAn7+YkJDEM+Qvxf3+NB24hYTjqYNcZM vSreOnZ+iRylAglxuQ+UlIdXK+fAGWjJVRuPcFGnZBfFkqZl6iEZph7Zae+Udi/W 7ZBiQMel4TbKKIidVi+ub3PFHdlfDnrFPfif6so6DvB5HAgryYPTYSLDpsrTqEIq CfpGcxhZYtx0HkNHHkxAifEcxzIrGlCaRRRt6xyGs2UVIvyq4MIYmHFkGGhjEI58 1rk9v3sq3NvQ9RXIpY6K5OzmNi7kuvTClp8y10ct05yBi//zAs/VBfSXnXOSYG1O Dt0= -----END CERTIFICATE-----Generated at Sat Oct 18 11:34:34 2025 by rpki-client