$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f173998-8628-44e7-98de-49838888c622.roa File: 0f173998-8628-44e7-98de-49838888c622.roa (raw, json) Hash identifier: apEU9nO9i7s2iiEEocHKfGI8n036XGKt5q5kubq3/wQ= Subject key identifier: E5:81:1F:90:47:65:14:94:39:DE:FD:5D:40:CF:5C:73:CA:7A:42:0F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 570E0FFFE43316CD0D2A3FF0B10E9049CC8299D8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f173998-8628-44e7-98de-49838888c622.roa Signing time: Sat 08 Nov 2025 00:20:37 +0000 ROA not before: Sat 08 Nov 2025 00:20:37 +0000 ROA not after: Sat 13 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:c800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:0e:0f:ff:e4:33:16:cd:0d:2a:3f:f0:b1:0e:90:49:cc:82:99:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 8 00:20:37 2025 GMT Not After : Dec 13 23:59:59 2025 GMT Subject: serialNumber=7175c514c03d109a23b416d8bd34f0d46262abb3160385dd463fdbd6dc45d552, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:4d:65:fe:ad:58:9b:25:df:39:3a:88:a6:04: f7:55:6a:da:e1:47:8f:3f:7e:4b:e9:bb:76:0e:7c: a8:76:0f:85:ae:0f:4d:66:e2:cd:43:d1:c3:ea:d7: 14:36:55:4d:60:aa:f2:6e:d2:33:44:a6:8a:8e:e5: f3:ea:5d:4d:b8:89:d7:01:3b:e0:fb:db:36:ba:1f: 01:e5:42:61:bd:51:22:ea:5c:4e:8d:03:e5:67:51: 85:c2:53:1a:60:fb:1a:4a:77:a3:89:46:4c:67:07: 32:a1:39:62:4a:2c:f3:dc:d7:33:ae:e0:2c:9c:bc: 2d:e3:77:fe:ec:f1:73:80:8d:e7:21:21:ef:6c:46: 17:91:c0:46:90:f9:09:99:d0:92:99:c5:59:4b:16: 58:76:ac:f2:ed:de:cb:c1:85:69:22:32:c6:ed:a7: f8:b6:12:4d:44:2a:bd:25:72:2a:55:63:70:d3:da: f6:bd:e0:44:fd:fc:f1:81:9b:e4:97:30:55:75:ca: 03:c6:d2:bf:0f:fc:40:dc:b9:46:3e:11:8b:e3:33: b2:9c:ff:2f:95:5c:c6:04:2f:61:33:d3:4f:37:77: c3:93:e8:92:84:c3:6f:d4:e3:b4:70:cf:cf:be:6f: a7:f9:42:cd:b1:bb:76:56:66:f8:33:93:eb:4a:66: 2c:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:81:1F:90:47:65:14:94:39:DE:FD:5D:40:CF:5C:73:CA:7A:42:0F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0f173998-8628-44e7-98de-49838888c622.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:c800::/40 Signature Algorithm: sha256WithRSAEncryption 68:fd:d7:30:2b:06:f2:49:99:d7:83:98:a7:62:05:a8:7c:27: 0d:ba:f3:8e:5c:28:e1:da:45:52:63:85:82:92:d4:32:77:20: 33:65:fc:1d:7b:81:77:d8:6f:63:fc:b9:3f:cb:8f:95:4c:b9: cc:7a:82:72:d9:be:b2:75:b8:bf:4d:55:bd:2e:5e:0b:90:ed: a5:7e:55:1d:fb:81:95:04:a0:87:d2:47:4c:d9:32:47:5f:83: 21:83:35:e0:6b:c2:e3:4c:8b:f9:16:d4:75:56:af:28:f8:20: fa:b9:cd:bf:22:8e:0e:47:8b:14:21:a9:0d:3c:f7:9d:8a:a3: 54:57:ac:1f:06:37:06:f2:9c:8d:eb:a4:d7:f6:af:2c:f6:88: 57:42:44:1e:cb:01:cf:cc:86:2b:34:83:4a:6b:e2:d7:29:1e: 0d:bc:b7:26:e7:54:45:6d:a2:1b:31:30:04:6b:54:37:ed:cd: 42:07:ca:b2:aa:ad:71:dd:d3:62:98:e4:0a:d5:85:40:b0:82: ad:54:00:dd:c1:89:df:2b:91:92:77:f7:26:4f:17:bd:34:b4: a8:58:9f:3b:ff:f8:37:96:eb:21:fe:52:16:49:7b:fe:7a:dd: 75:05:5b:fd:7f:7c:8f:fc:2f:b2:6a:cd:e5:3b:3b:ca:7b:ed: 10:5c:d8:95 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVw4P/+QzFs0NKj/wsQ6QScyCmdgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwODAwMjAzN1oX DTI1MTIxMzIzNTk1OVowejFJMEcGA1UEBRNANzE3NWM1MTRjMDNkMTA5YTIzYjQx NmQ4YmQzNGYwZDQ2MjYyYWJiMzE2MDM4NWRkNDYzZmRiZDZkYzQ1ZDU1MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuE1l/q1YmyXfOTqIpgT3VWra4UeP P35L6bt2Dnyodg+Frg9NZuLNQ9HD6tcUNlVNYKrybtIzRKaKjuXz6l1NuInXATvg +9s2uh8B5UJhvVEi6lxOjQPlZ1GFwlMaYPsaSnejiUZMZwcyoTliSizz3NczruAs nLwt43f+7PFzgI3nISHvbEYXkcBGkPkJmdCSmcVZSxZYdqzy7d7LwYVpIjLG7af4 thJNRCq9JXIqVWNw09r2veBE/fzxgZvklzBVdcoDxtK/D/xA3LlGPhGL4zOynP8v lVzGBC9hM9NPN3fDk+iShMNv1OO0cM/Pvm+n+ULNsbt2Vmb4M5PrSmYsVwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOWBH5BHZRSUOd79XUDPXHPKekIPMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBmMTczOTk4LTg2MjgtNDRlNy05OGRlLTQ5ODM4ODg4YzYyMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOMgwDQYJKoZIhvcNAQELBQADggEBAGj91zArBvJJmdeDmKdi Bah8Jw26845cKOHaRVJjhYKS1DJ3IDNl/B17gXfYb2P8uT/Lj5VMucx6gnLZvrJ1 uL9NVb0uXguQ7aV+VR37gZUEoIfSR0zZMkdfgyGDNeBrwuNMi/kW1HVWryj4IPq5 zb8ijg5HixQhqQ08952Ko1RXrB8GNwbynI3rpNf2ryz2iFdCRB7LAc/Mhis0g0pr 4tcpHg28tybnVEVtohsxMARrVDftzUIHyrKqrXHd02KY5ArVhUCwgq1UAN3Bid8r kZJ39yZPF700tKhYnzv/+DeW6yH+UhZJe/563XUFW/1/fI/8L7JqzeU7O8p77RBc 2JU= -----END CERTIFICATE-----Generated at Tue Nov 18 07:03:29 2025 by rpki-client