$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bdcc7b0-021b-40da-9332-82434be37f74.roa File: 0bdcc7b0-021b-40da-9332-82434be37f74.roa (raw, json) Hash identifier: JzHCbxz1qt/9yfXfC4N6c+XoWX+bFa2nX32qTPaWXvc= Subject key identifier: FA:9A:58:45:F4:4F:F5:00:9B:8E:46:3C:D7:78:02:F9:6E:4D:F4:B0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5BD76AADBF953EBCAC3D72A024F0B0D475E07768 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bdcc7b0-021b-40da-9332-82434be37f74.roa Signing time: Fri 07 Nov 2025 00:30:44 +0000 ROA not before: Fri 07 Nov 2025 00:30:44 +0000 ROA not after: Fri 12 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:4040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:d7:6a:ad:bf:95:3e:bc:ac:3d:72:a0:24:f0:b0:d4:75:e0:77:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 7 00:30:44 2025 GMT Not After : Dec 12 23:59:59 2025 GMT Subject: serialNumber=6a024b33cb36ab6171c9fa7c326a214d9288c5c900ac7fbb67fe4ce7225ef472, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:86:e7:9f:7b:4f:e0:8e:40:1a:78:68:3f:32: c3:4f:94:65:4c:f7:15:f1:1c:6d:8f:c0:de:2f:32: ba:4a:ef:31:7f:b2:ef:0f:67:1f:5e:ac:14:e6:b0: fd:f6:f7:84:2a:41:76:5d:f9:d3:a4:81:6d:88:88: 23:88:e3:3e:e5:42:8f:cb:98:cc:8c:f3:97:60:6c: 88:52:da:ae:a0:f3:8d:3f:b3:31:f4:27:30:20:e8: 01:24:a6:68:94:40:52:d2:ef:47:5c:52:ad:93:61: 04:6b:65:61:e7:4f:12:cb:3e:85:01:40:37:62:38: c8:b6:b9:bd:2c:2c:9c:d5:a1:65:fb:e6:dc:05:1b: 52:82:a6:c1:14:05:a8:6e:27:a1:a7:bc:2a:db:fd: 3f:a9:62:38:d6:59:8a:70:a7:3b:5a:bb:16:f0:d3: b1:91:11:09:c4:8b:38:b0:67:9d:c0:fc:eb:48:af: f8:7d:4f:24:70:ea:a6:dd:72:f0:dd:d8:95:8c:d5: 66:a2:37:40:a0:27:2a:44:4b:e9:67:c5:42:55:29: a7:8c:b8:f0:f4:f4:a3:fd:ee:3e:72:6c:39:b1:06: 59:7b:74:46:f2:43:89:ad:b9:36:dd:09:a3:a1:b2: 06:cc:db:d4:7c:e3:f2:57:bb:43:8a:ca:15:4c:1a: 25:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:9A:58:45:F4:4F:F5:00:9B:8E:46:3C:D7:78:02:F9:6E:4D:F4:B0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bdcc7b0-021b-40da-9332-82434be37f74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:4040::/48 Signature Algorithm: sha256WithRSAEncryption c9:44:98:93:ff:20:ea:94:c6:41:c3:e2:dc:d2:e7:2c:79:92: e1:78:bc:b6:f0:51:1a:9b:60:b3:fa:56:ce:81:80:99:f5:29: 59:c5:ce:69:5d:83:3c:31:d7:ed:e7:52:36:30:4c:49:5b:61: d7:74:71:98:ca:09:86:18:e7:e5:69:48:b5:4e:b6:ab:60:85: 52:66:36:14:7a:d4:71:b8:5b:ed:69:c2:82:bf:da:f2:03:6f: 9a:d7:d5:94:c2:6a:37:6c:73:18:67:22:6c:56:23:4b:9b:92: 20:99:6b:58:5e:ed:2b:4c:6a:69:06:ca:e2:c4:6b:55:20:a6: f5:cf:f5:ea:4d:15:5b:f9:5b:40:4d:ea:a5:65:d0:7d:1a:9f: 27:5f:73:a2:54:65:dd:cc:d9:2a:7b:33:bb:70:7b:29:4a:8f: 4f:8f:f7:b9:1a:d3:f9:f9:87:40:4d:09:5c:96:3b:7a:72:e2: bf:d5:b2:00:ae:83:9a:18:00:4a:db:e2:db:dc:bb:1f:37:58: fc:60:72:3e:ce:b4:8b:4e:bb:72:79:4c:c6:05:34:d5:70:6e: 0a:47:91:bd:40:29:8d:9a:24:c8:40:3f:1a:78:c2:1b:5d:70: af:00:68:31:fa:09:66:1e:a0:ee:c6:2c:27:6f:3e:85:2b:00: a3:3c:34:21 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUW9dqrb+VPrysPXKgJPCw1HXgd2gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNzAwMzA0NFoX DTI1MTIxMjIzNTk1OVowejFJMEcGA1UEBRNANmEwMjRiMzNjYjM2YWI2MTcxYzlm YTdjMzI2YTIxNGQ5Mjg4YzVjOTAwYWM3ZmJiNjdmZTRjZTcyMjVlZjQ3MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvobnn3tP4I5AGnhoPzLDT5RlTPcV 8Rxtj8DeLzK6Su8xf7LvD2cfXqwU5rD99veEKkF2XfnTpIFtiIgjiOM+5UKPy5jM jPOXYGyIUtquoPONP7Mx9CcwIOgBJKZolEBS0u9HXFKtk2EEa2Vh508Syz6FAUA3 YjjItrm9LCyc1aFl++bcBRtSgqbBFAWobiehp7wq2/0/qWI41lmKcKc7WrsW8NOx kREJxIs4sGedwPzrSK/4fU8kcOqm3XLw3diVjNVmojdAoCcqREvpZ8VCVSmnjLjw 9PSj/e4+cmw5sQZZe3RG8kOJrbk23QmjobIGzNvUfOPyV7tDisoVTBol7QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPqaWEX0T/UAm45GPNd4AvluTfSwMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBiZGNjN2IwLTAyMWItNDBkYS05MzMyLTgyNDM0YmUzN2Y3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAEBAMA0GCSqGSIb3DQEBCwUAA4IBAQDJRJiT/yDqlMZBw+Lc 0ucseZLheLy28FEam2Cz+lbOgYCZ9SlZxc5pXYM8Mdft51I2MExJW2HXdHGYygmG GOflaUi1TrarYIVSZjYUetRxuFvtacKCv9ryA2+a19WUwmo3bHMYZyJsViNLm5Ig mWtYXu0rTGppBsrixGtVIKb1z/XqTRVb+VtATeqlZdB9Gp8nX3OiVGXdzNkqezO7 cHspSo9Pj/e5GtP5+YdATQlcljt6cuK/1bIAroOaGABK2+Lb3LsfN1j8YHI+zrSL TrtyeUzGBTTVcG4KR5G9QCmNmiTIQD8aeMIbXXCvAGgx+glmHqDuxiwnbz6FKwCj PDQh -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:55 2025 by rpki-client