$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/10683670-b448-4b46-8e10-aa3682be179f.roa File: 10683670-b448-4b46-8e10-aa3682be179f.roa (raw, json) Hash identifier: LJy15U76iZmHQC8thOlibK8jZvO3BgANA8Qd0q+gHzE= Subject key identifier: D8:F9:EE:F7:37:F6:86:D4:76:2C:D3:C5:9F:43:87:76:C4:88:BB:C3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 68C5FC0869F8466BA7EE41EEEF95576B612E1719 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/10683670-b448-4b46-8e10-aa3682be179f.roa Signing time: Fri 07 Nov 2025 00:30:51 +0000 ROA not before: Fri 07 Nov 2025 00:30:51 +0000 ROA not after: Fri 12 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:c5:fc:08:69:f8:46:6b:a7:ee:41:ee:ef:95:57:6b:61:2e:17:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 7 00:30:51 2025 GMT Not After : Dec 12 23:59:59 2025 GMT Subject: serialNumber=e0bbf1314c46f2c93d68e60ade027f85788b8d34f8d358cfc560eebc2beb7a45, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:81:66:29:8d:85:dd:2c:ed:f5:7e:8d:03:d4: 60:6f:53:5b:a5:06:37:1f:6b:91:15:43:41:6f:ec: e7:e9:6d:ab:ae:4f:62:97:f7:9b:50:5b:9d:18:2b: 62:ca:4f:3f:a5:52:97:a0:04:75:df:81:ff:8e:e0: af:db:68:58:40:7c:fa:c2:3b:9a:5d:3d:53:9e:e2: 8c:97:a7:36:f7:a3:e4:75:63:ca:c4:09:a5:aa:a9: b4:8e:53:92:40:11:bf:fc:e8:da:8c:9c:17:e5:5a: 8a:ee:e7:82:40:f4:1c:af:e5:79:f3:45:77:11:a8: 1e:16:54:02:fc:b3:b3:15:b1:1b:0e:13:07:b0:c2: 3c:f7:0a:b4:0b:a5:87:5c:ea:fb:66:e8:29:9c:1b: 4e:90:48:ac:1e:74:2a:e8:dd:b4:d1:0f:4c:d4:d2: 5c:73:c9:82:a2:a4:dd:5c:78:50:ff:f6:14:97:64: 96:71:f2:6f:71:80:3f:3c:4d:00:ab:91:dd:50:16: 68:44:1c:24:dd:39:47:34:d6:ca:5b:1f:42:ee:5d: 05:71:86:0a:1a:9d:81:57:6b:c4:f7:05:58:65:74: 9c:ac:64:9a:55:ae:53:62:5b:d3:c9:0b:2b:9d:e2: 34:e2:41:ab:89:a8:05:84:a7:40:fb:74:31:03:a5: df:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:F9:EE:F7:37:F6:86:D4:76:2C:D3:C5:9F:43:87:76:C4:88:BB:C3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/10683670-b448-4b46-8e10-aa3682be179f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:840::/48 Signature Algorithm: sha256WithRSAEncryption bb:61:6c:f1:bb:47:2c:36:88:e2:3a:1e:b3:b1:f9:0a:cd:8b: df:9a:33:d9:2e:d6:8c:a7:1c:4f:ff:ad:f0:0e:21:91:d8:56: 6e:8b:3c:7c:72:92:99:c6:32:95:c0:ec:3c:18:b7:72:1b:29: f9:47:fa:ce:90:d1:d6:2b:47:50:e4:26:9e:b8:e7:43:6f:90: c2:a7:cf:9e:11:ef:08:ca:f9:48:4c:67:87:1b:8a:53:b7:bb: d4:b0:59:7b:33:6f:2c:17:8a:59:27:1e:02:e6:7a:65:ea:94: e5:95:2a:6a:af:5a:23:64:9b:fb:53:d9:00:8a:50:b1:18:ac: 48:4b:9d:e4:82:86:1b:54:f7:32:02:8d:88:53:bd:01:07:e4: 67:9a:d6:4d:40:01:f2:ef:d0:10:4a:6b:8d:b7:21:b1:00:4b: 5a:47:e9:96:54:7f:5b:e6:79:78:d4:21:41:56:44:f1:65:de: fa:3c:83:a3:3d:03:12:6d:1b:cd:52:40:2b:d8:36:69:ac:1e: 38:91:a7:a0:4c:f3:2d:3d:35:50:70:65:b7:fd:bb:10:a1:7b: 54:c0:e9:9d:bc:a3:3b:37:bb:e2:0e:9f:61:0a:6d:4b:d7:96: 04:fb:e5:71:29:ff:a1:f3:22:83:b5:99:db:83:0d:37:6e:d0: fc:84:58:39 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUaMX8CGn4Rmun7kHu75VXa2EuFxkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNzAwMzA1MVoX DTI1MTIxMjIzNTk1OVowejFJMEcGA1UEBRNAZTBiYmYxMzE0YzQ2ZjJjOTNkNjhl NjBhZGUwMjdmODU3ODhiOGQzNGY4ZDM1OGNmYzU2MGVlYmMyYmViN2E0NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5oFmKY2F3Szt9X6NA9Rgb1NbpQY3 H2uRFUNBb+zn6W2rrk9il/ebUFudGCtiyk8/pVKXoAR134H/juCv22hYQHz6wjua XT1TnuKMl6c296PkdWPKxAmlqqm0jlOSQBG//OjajJwX5VqK7ueCQPQcr+V580V3 EageFlQC/LOzFbEbDhMHsMI89wq0C6WHXOr7ZugpnBtOkEisHnQq6N200Q9M1NJc c8mCoqTdXHhQ//YUl2SWcfJvcYA/PE0Aq5HdUBZoRBwk3TlHNNbKWx9C7l0FcYYK Gp2BV2vE9wVYZXScrGSaVa5TYlvTyQsrneI04kGriagFhKdA+3QxA6XfjQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNj57vc39obUdizTxZ9Dh3bEiLvDMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzEwNjgzNjcwLWI0NDgtNGI0Ni04ZTEwLWFhMzY4MmJlMTc5Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAAhAMA0GCSqGSIb3DQEBCwUAA4IBAQC7YWzxu0csNojiOh6z sfkKzYvfmjPZLtaMpxxP/63wDiGR2FZuizx8cpKZxjKVwOw8GLdyGyn5R/rOkNHW K0dQ5CaeuOdDb5DCp8+eEe8IyvlITGeHG4pTt7vUsFl7M28sF4pZJx4C5npl6pTl lSpqr1ojZJv7U9kAilCxGKxIS53kgoYbVPcyAo2IU70BB+RnmtZNQAHy79AQSmuN tyGxAEtaR+mWVH9b5nl41CFBVkTxZd76PIOjPQMSbRvNUkAr2DZprB44kaegTPMt PTVQcGW3/bsQoXtUwOmdvKM7N7viDp9hCm1L15YE++VxKf+h8yKDtZnbgw03btD8 hFg5 -----END CERTIFICATE-----Generated at Tue Nov 18 10:40:12 2025 by rpki-client