$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1bc66f2e-41cb-465a-add7-471e408dd01e.roa File: 1bc66f2e-41cb-465a-add7-471e408dd01e.roa (raw, json) Hash identifier: 7D71z7TNPlN6wrNVlsrfGjXQg5QBkb6yVxg5dj5repQ= Subject key identifier: 9B:FA:FE:47:4F:91:2A:8B:B3:88:EE:2C:EA:62:0C:A4:60:AD:F1:34 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 02805B996B81F799274072467CF44970B4BFE146 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1bc66f2e-41cb-465a-add7-471e408dd01e.roa Signing time: Sun 09 Nov 2025 00:30:15 +0000 ROA not before: Sun 09 Nov 2025 00:30:15 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da14:8000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:80:5b:99:6b:81:f7:99:27:40:72:46:7c:f4:49:70:b4:bf:e1:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:30:15 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=382bddea322f6df99fe96928ff861eadb0cdd929628e20d997362f80d0516f45, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:c6:80:8c:ba:de:a1:85:36:c2:8c:4c:79:dc: fd:b9:85:91:ea:7d:8a:d5:79:de:ba:fa:40:5d:6d: 20:43:ed:2c:18:f4:9c:7c:69:c0:b5:2f:bf:d6:5c: 62:fa:b7:ed:33:61:85:52:c0:b3:82:b6:0c:38:7a: 30:2c:50:63:c4:bb:7a:e1:26:7d:e2:7e:a3:9c:b4: 8c:c3:e6:6f:da:a2:d2:21:6f:d8:29:0d:14:d9:49: dc:71:d3:8f:8b:61:d6:8c:4b:cf:ee:74:ce:25:b6: b1:ae:8e:1b:b3:c2:b3:08:09:b1:a3:18:18:6b:26: 1c:22:be:39:10:5f:96:42:42:d1:94:1e:5a:d5:4c: 5e:a4:1d:63:d7:cf:7c:67:1c:5d:85:4f:fc:0b:37: 6a:0c:6d:87:1f:ab:1d:7e:99:cb:70:15:bd:6b:eb: 75:58:5a:7a:a7:44:f6:eb:96:8e:45:6e:70:ee:df: ba:54:b0:04:5a:df:92:15:eb:aa:f2:3c:ba:04:56: a2:7a:13:22:74:88:96:af:1a:7c:f5:44:8e:9e:8e: ac:61:e0:08:ca:99:4b:91:26:fe:a8:c4:b4:b4:d2: 11:c9:27:ca:50:3c:9b:0e:75:c8:9a:b9:dc:0d:d5: 57:64:ef:4c:fb:4e:d9:ad:cc:93:23:7c:a8:1c:20: 5f:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:FA:FE:47:4F:91:2A:8B:B3:88:EE:2C:EA:62:0C:A4:60:AD:F1:34 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1bc66f2e-41cb-465a-add7-471e408dd01e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da14:8000::/36 Signature Algorithm: sha256WithRSAEncryption 7c:de:57:de:ff:73:70:a1:12:9d:78:c7:2c:de:e6:6c:41:11: 53:9d:c3:be:4a:0b:8c:63:42:79:2c:ae:a7:70:cf:91:e2:38: f5:30:a1:a9:71:eb:eb:27:6f:ae:c9:52:b5:e9:d7:d5:c6:08: bf:8e:94:49:dc:b2:b3:28:d5:6c:6e:f8:42:5b:57:bd:6a:0d: 8a:4c:14:f6:5d:d9:de:89:a9:5f:9e:8e:a5:bb:fa:4f:d7:2a: 21:4a:ba:10:e1:26:0d:3f:08:68:3c:ae:6d:95:cc:ce:a7:7a: 7f:09:c1:97:0d:5e:d4:2d:d5:ae:ac:81:8d:66:89:59:88:27: fb:5d:9e:5d:28:91:e6:16:3b:3e:57:e7:13:6d:d6:fe:4a:28: 31:9f:54:19:fc:42:ae:38:3f:53:30:3c:57:48:07:77:23:71: 39:37:4f:71:1f:53:52:23:0d:0a:fd:b5:06:e1:f0:c2:10:49: bf:19:77:44:4b:27:40:62:9b:0a:6e:de:db:c8:24:47:09:c5: 2b:f7:2c:ef:3a:c9:95:a7:25:9d:47:82:05:33:7e:c0:34:5d: 11:a4:f2:d8:53:d0:33:39:c6:10:b5:42:a2:4e:b4:5b:c1:29: 8e:46:04:d3:07:06:9e:fb:60:76:7f:c1:36:44:e0:55:cd:09: 6f:de:31:b5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUAoBbmWuB95knQHJGfPRJcLS/4UYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwMzAxNVoX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAMzgyYmRkZWEzMjJmNmRmOTlmZTk2 OTI4ZmY4NjFlYWRiMGNkZDkyOTYyOGUyMGQ5OTczNjJmODBkMDUxNmY0NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosaAjLreoYU2woxMedz9uYWR6n2K 1XneuvpAXW0gQ+0sGPScfGnAtS+/1lxi+rftM2GFUsCzgrYMOHowLFBjxLt64SZ9 4n6jnLSMw+Zv2qLSIW/YKQ0U2UnccdOPi2HWjEvP7nTOJbaxro4bs8KzCAmxoxgY ayYcIr45EF+WQkLRlB5a1UxepB1j1898ZxxdhU/8CzdqDG2HH6sdfpnLcBW9a+t1 WFp6p0T265aORW5w7t+6VLAEWt+SFeuq8jy6BFaiehMidIiWrxp89USOno6sYeAI yplLkSb+qMS0tNIRySfKUDybDnXImrncDdVXZO9M+07ZrcyTI3yoHCBfwwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJv6/kdPkSqLs4juLOpiDKRgrfE0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFiYzY2ZjJlLTQxY2ItNDY1YS1hZGQ3LTQ3MWU0MDhkZDAxZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaFIAwDQYJKoZIhvcNAQELBQADggEBAHzeV97/c3ChEp14xyze 5mxBEVOdw75KC4xjQnksrqdwz5HiOPUwoalx6+snb67JUrXp19XGCL+OlEncsrMo 1Wxu+EJbV71qDYpMFPZd2d6JqV+ejqW7+k/XKiFKuhDhJg0/CGg8rm2VzM6nen8J wZcNXtQt1a6sgY1miVmIJ/tdnl0okeYWOz5X5xNt1v5KKDGfVBn8Qq44P1MwPFdI B3cjcTk3T3EfU1IjDQr9tQbh8MIQSb8Zd0RLJ0Bimwpu3tvIJEcJxSv3LO86yZWn JZ1HggUzfsA0XRGk8thT0DM5xhC1QqJOtFvBKY5GBNMHBp77YHZ/wTZE4FXNCW/e MbU= -----END CERTIFICATE-----Generated at Tue Nov 18 10:40:16 2025 by rpki-client