$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25d5e8f8-01ee-4887-9403-cad800717cc9.roa File: 25d5e8f8-01ee-4887-9403-cad800717cc9.roa (raw, json) Hash identifier: 0dT9v84A1Cx2XWmNteqirhV11M4SpW5HTHwnW7T9q2I= Subject key identifier: 34:A1:DF:B5:53:A6:B0:D9:17:64:BE:47:9D:97:A4:82:46:B9:4B:61 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5AB30E37BA4206B690DCFBF133112D8D8C46E2E3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25d5e8f8-01ee-4887-9403-cad800717cc9.roa Signing time: Sun 09 Nov 2025 01:01:05 +0000 ROA not before: Sun 09 Nov 2025 01:01:05 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:b3:0e:37:ba:42:06:b6:90:dc:fb:f1:33:11:2d:8d:8c:46:e2:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 01:01:05 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=3f171cc58833ea0a3ba36701eb7a34b74bc30b5f686c10de05e6369784a141f5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:dc:af:e2:d3:2a:99:47:7d:0c:fe:99:b6:21: e0:aa:4a:8b:c2:a9:49:00:29:47:79:87:11:d8:c6: 28:5a:15:f7:da:9a:08:fa:41:d3:b6:f7:1d:36:36: 75:7a:ff:d8:cc:b2:9e:65:c5:22:b5:f6:5e:77:62: a2:bb:b9:64:b8:d3:bf:0d:ca:26:68:8f:08:a4:9d: ee:cd:0b:bb:07:72:3c:83:92:7f:52:05:d2:bb:1e: 39:7f:5f:1b:02:67:dc:de:de:19:82:a2:3c:bf:6c: 7c:6c:4e:36:d4:7c:f7:bb:15:d0:12:eb:66:61:5d: 67:34:a7:97:da:2c:4d:2b:7a:7c:18:cc:03:cc:13: 81:f3:e7:80:a4:56:7a:5a:c0:37:ac:90:09:a1:1d: 35:84:03:a4:a6:6a:28:de:1e:37:90:3a:8a:c3:f0: 94:11:d9:5a:91:b5:60:a6:e9:57:18:06:89:b8:76: f8:03:55:b2:5a:3a:c5:aa:62:30:ff:0f:b3:00:3c: 27:64:ec:b1:6c:12:66:8e:f8:88:b8:b2:79:25:ec: a9:de:a6:2e:d7:d4:dc:0d:27:3b:72:fa:16:1e:85: 92:97:08:60:56:6e:54:43:92:5d:66:9b:d5:75:34: f8:6a:59:5d:a5:82:da:d5:c0:2d:ae:f7:71:68:02: 7f:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:A1:DF:B5:53:A6:B0:D9:17:64:BE:47:9D:97:A4:82:46:B9:4B:61 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25d5e8f8-01ee-4887-9403-cad800717cc9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:1000::/40 Signature Algorithm: sha256WithRSAEncryption 5f:5b:15:96:5f:77:15:71:e6:9b:af:f5:44:45:f1:eb:4f:81: 6d:ff:6e:29:c1:3a:ed:27:fe:c5:4d:46:2c:ee:db:b0:46:07: 0a:7f:57:48:79:2f:d3:74:cc:7d:6e:ae:1c:ca:5d:fa:b6:68: db:b8:36:05:ea:25:2b:27:2d:f5:95:24:2a:3a:86:f0:00:2b: 4e:e0:29:da:53:0b:f8:d3:f1:d5:4b:b6:b7:30:b7:93:dd:e4: 52:3b:84:05:b2:6c:84:3e:57:98:d5:1c:05:66:33:ba:6d:d5: f6:e7:df:15:60:8b:85:98:db:89:a3:d4:d4:81:94:64:23:75: e2:7b:27:d7:5e:9b:c2:c0:f2:da:03:c7:ce:54:41:4f:5e:bb: b7:e7:a0:7a:8e:cd:c9:f6:27:2f:53:cd:53:51:68:a1:4d:de: 43:0c:b9:7e:83:8c:7d:cc:8a:8a:71:7d:a5:b7:25:c1:f3:c8: 54:24:f4:1c:1a:53:4b:77:6a:42:a3:d8:72:03:03:8a:7e:08: 59:ce:5e:f8:23:3f:ca:1a:0c:43:a8:b2:57:d5:f7:cf:ae:10: 3b:b0:8e:31:67:6e:31:b7:bd:cf:92:97:81:d9:8e:a2:b3:0f: ce:77:7d:44:88:51:c1:4e:9b:a4:53:38:34:48:51:ab:73:c4: e1:df:09:17 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWrMON7pCBraQ3PvxMxEtjYxG4uMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAxMDEwNVoX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAM2YxNzFjYzU4ODMzZWEwYTNiYTM2 NzAxZWI3YTM0Yjc0YmMzMGI1ZjY4NmMxMGRlMDVlNjM2OTc4NGExNDFmNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNyv4tMqmUd9DP6ZtiHgqkqLwqlJ AClHeYcR2MYoWhX32poI+kHTtvcdNjZ1ev/YzLKeZcUitfZed2Kiu7lkuNO/Dcom aI8IpJ3uzQu7B3I8g5J/UgXSux45f18bAmfc3t4ZgqI8v2x8bE421Hz3uxXQEutm YV1nNKeX2ixNK3p8GMwDzBOB8+eApFZ6WsA3rJAJoR01hAOkpmoo3h43kDqKw/CU EdlakbVgpulXGAaJuHb4A1WyWjrFqmIw/w+zADwnZOyxbBJmjviIuLJ5Jeyp3qYu 19TcDSc7cvoWHoWSlwhgVm5UQ5JdZpvVdTT4alldpYLa1cAtrvdxaAJ/dQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDSh37VTprDZF2S+R52XpIJGuUthMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI1ZDVlOGY4LTAxZWUtNDg4Ny05NDAzLWNhZDgwMDcxN2NjOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacBAwDQYJKoZIhvcNAQELBQADggEBAF9bFZZfdxVx5puv9URF 8etPgW3/binBOu0n/sVNRizu27BGBwp/V0h5L9N0zH1urhzKXfq2aNu4NgXqJSsn LfWVJCo6hvAAK07gKdpTC/jT8dVLtrcwt5Pd5FI7hAWybIQ+V5jVHAVmM7pt1fbn 3xVgi4WY24mj1NSBlGQjdeJ7J9dem8LA8toDx85UQU9eu7fnoHqOzcn2Jy9TzVNR aKFN3kMMuX6DjH3MiopxfaW3JcHzyFQk9BwaU0t3akKj2HIDA4p+CFnOXvgjP8oa DEOoslfV98+uEDuwjjFnbjG3vc+Sl4HZjqKzD853fUSIUcFOm6RTODRIUatzxOHf CRc= -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:28 2025 by rpki-client