$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24d9e029-97cb-43ac-a07a-cb219c1b416c.roa File: 24d9e029-97cb-43ac-a07a-cb219c1b416c.roa (raw, json) Hash identifier: bRRGQmBC2DlJp0qBdWRdimpEIA1a5PyGdUjtNWKDkNM= Subject key identifier: 01:B4:BC:64:AC:18:A7:3B:35:C1:AE:B3:63:C5:F6:60:B5:8A:09:0B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 56CAF2593912B45A2CAF4DB76DE6928CAF3B17C7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24d9e029-97cb-43ac-a07a-cb219c1b416c.roa Signing time: Fri 07 Nov 2025 00:01:08 +0000 ROA not before: Fri 07 Nov 2025 00:01:08 +0000 ROA not after: Fri 12 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:ca:f2:59:39:12:b4:5a:2c:af:4d:b7:6d:e6:92:8c:af:3b:17:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 7 00:01:08 2025 GMT Not After : Dec 12 23:59:59 2025 GMT Subject: serialNumber=86b9bc7a56f9f21b51fd575d364bece068c17e3c25d2293b3b53cd93255177fd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ed:c0:5b:67:b6:1c:57:ab:ca:fb:d4:64:ca: 85:9f:0d:f2:7a:9b:b7:46:ed:ac:a8:2c:0c:71:a3: 51:74:e2:1a:f7:56:ff:38:a8:21:33:1a:84:8b:ba: 8f:e0:34:b8:81:b7:ec:8a:a5:de:a4:60:d1:32:0d: 84:87:49:60:d2:b2:fb:4a:fc:c8:d3:d8:f5:72:0d: 2b:c3:75:73:d4:73:b6:46:8e:e0:1b:ed:13:33:2c: c4:3e:52:c2:d5:38:6c:dc:d0:6a:76:29:7c:bc:8f: e4:e3:7d:30:51:b9:20:fa:bd:b4:2e:37:7e:f6:20: 75:69:17:50:05:7f:9d:ea:f0:48:68:a7:be:83:ee: fc:2f:2a:73:18:92:22:be:e4:66:3b:be:f9:9b:36: c8:80:64:68:17:28:72:a4:d0:a8:f8:7d:a0:7e:0d: 17:95:7b:5f:5b:76:a5:11:7e:70:b8:83:b0:4e:ca: 2f:2e:06:87:66:96:44:81:be:0c:9d:84:0b:0c:25: e1:2c:29:3a:22:dd:3d:f7:3c:4b:d8:46:12:45:bc: 17:56:43:b7:89:28:82:82:6f:5d:39:5a:25:03:c7: 3d:c2:eb:22:a6:98:94:64:a4:5b:7c:61:24:a2:21: d4:27:61:13:90:6e:ac:6f:a1:1b:80:e7:8a:f3:e0: 62:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:B4:BC:64:AC:18:A7:3B:35:C1:AE:B3:63:C5:F6:60:B5:8A:09:0B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24d9e029-97cb-43ac-a07a-cb219c1b416c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:e000::/40 Signature Algorithm: sha256WithRSAEncryption 91:43:6f:d9:3d:17:18:52:7b:70:8d:b3:76:55:92:a7:a7:15: 58:83:f3:96:50:26:55:3d:a4:cc:2c:b4:4f:84:a2:73:c1:74: 83:46:e3:79:6c:87:82:63:fa:b1:4c:54:2a:1e:39:b0:d6:07: 2e:7e:21:0e:ac:50:24:09:c4:2d:14:c0:94:55:56:ed:b4:a9: ea:a4:e5:ac:f0:f5:6a:02:41:11:08:6c:c9:ad:1e:0d:75:2e: 4f:31:92:75:ce:4f:41:08:23:ae:5a:4a:4b:36:3e:e7:46:fc: 56:53:cb:e1:d5:57:82:40:06:ba:0d:20:46:67:0b:c3:7d:6a: 92:1a:90:ff:c6:ca:56:38:8f:62:48:59:62:5d:ff:f2:fc:00: 82:5f:8b:90:f0:6e:99:db:7e:87:22:2b:55:5e:1d:cb:66:27: 19:e4:5d:3e:1c:ce:d8:04:ca:ca:f3:0f:18:f4:20:93:5d:c6: ba:e7:c4:21:d8:5c:bf:73:44:7f:19:06:42:ca:fb:e7:2a:6b: 08:3f:48:cc:5e:99:6f:f5:97:df:9b:6a:30:51:98:e6:42:80: 51:0d:ed:e7:00:c8:f2:13:7d:46:4c:3d:8c:b4:60:24:6f:88: 3d:4a:11:32:e8:29:30:ac:60:6b:21:fa:bb:c3:d9:42:29:12: 94:7d:88:c9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVsryWTkStFosr023beaSjK87F8cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNzAwMDEwOFoX DTI1MTIxMjIzNTk1OVowejFJMEcGA1UEBRNAODZiOWJjN2E1NmY5ZjIxYjUxZmQ1 NzVkMzY0YmVjZTA2OGMxN2UzYzI1ZDIyOTNiM2I1M2NkOTMyNTUxNzdmZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAte3AW2e2HFeryvvUZMqFnw3yepu3 Ru2sqCwMcaNRdOIa91b/OKghMxqEi7qP4DS4gbfsiqXepGDRMg2Eh0lg0rL7SvzI 09j1cg0rw3Vz1HO2Ro7gG+0TMyzEPlLC1Ths3NBqdil8vI/k430wUbkg+r20Ljd+ 9iB1aRdQBX+d6vBIaKe+g+78LypzGJIivuRmO775mzbIgGRoFyhypNCo+H2gfg0X lXtfW3alEX5wuIOwTsovLgaHZpZEgb4MnYQLDCXhLCk6It099zxL2EYSRbwXVkO3 iSiCgm9dOVolA8c9wusippiUZKRbfGEkoiHUJ2ETkG6sb6EbgOeK8+BiywIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAG0vGSsGKc7NcGus2PF9mC1igkLMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI0ZDllMDI5LTk3Y2ItNDNhYy1hMDdhLWNiMjE5YzFiNDE2Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYeAwDQYJKoZIhvcNAQELBQADggEBAJFDb9k9FxhSe3CNs3ZV kqenFViD85ZQJlU9pMwstE+EonPBdING43lsh4Jj+rFMVCoeObDWBy5+IQ6sUCQJ xC0UwJRVVu20qeqk5azw9WoCQREIbMmtHg11Lk8xknXOT0EII65aSks2PudG/FZT y+HVV4JABroNIEZnC8N9apIakP/GylY4j2JIWWJd//L8AIJfi5DwbpnbfociK1Ve HctmJxnkXT4cztgEysrzDxj0IJNdxrrnxCHYXL9zRH8ZBkLK++cqawg/SMxemW/1 l9+bajBRmOZCgFEN7ecAyPITfUZMPYy0YCRviD1KETLoKTCsYGsh+rvD2UIpEpR9 iMk= -----END CERTIFICATE-----Generated at Tue Nov 18 09:37:24 2025 by rpki-client