$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/328cea91-878c-4f36-ad16-29b649a79487.roa File: 328cea91-878c-4f36-ad16-29b649a79487.roa (raw, json) Hash identifier: 9D8459Dque7SKPpEAV1HgTnf2vkIc+AakOfTYYoHOw8= Subject key identifier: AD:7D:09:BA:E2:EE:7F:8F:F1:8F:3C:E3:E4:C3:D8:74:9E:08:57:27 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3A879AF6671989918ABA51159BFE085481EA195B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/328cea91-878c-4f36-ad16-29b649a79487.roa Signing time: Sat 08 Nov 2025 00:20:09 +0000 ROA not before: Sat 08 Nov 2025 00:20:09 +0000 ROA not after: Sat 13 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:c8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:87:9a:f6:67:19:89:91:8a:ba:51:15:9b:fe:08:54:81:ea:19:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 8 00:20:09 2025 GMT Not After : Dec 13 23:59:59 2025 GMT Subject: serialNumber=6ae7d8dcfb2df7b52e992903674875ff3125968d3c241418d938ab2d0504ee84, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:da:04:1c:7f:51:91:20:a0:e7:d2:20:14:8c: 7b:06:c4:08:ce:f8:23:64:b6:2a:8e:5d:a7:e5:08: 89:c4:87:12:a1:24:0b:31:4f:c2:88:e2:c1:76:4e: 00:95:27:aa:a3:f3:ce:30:af:f5:66:0d:ef:96:a3: 52:51:44:fb:30:fb:bc:5d:f7:26:b4:5c:56:82:10: 88:a8:a7:59:f7:21:07:56:33:b5:da:b2:ff:d2:6a: 53:2e:19:e4:38:cb:7d:f5:54:d9:8a:9a:96:6b:03: af:20:b5:bf:a5:70:6b:48:01:f3:5a:eb:f2:db:7b: 8b:95:b9:b3:9e:98:0a:90:0a:2a:f9:e1:fb:fb:af: 3f:2c:c4:b2:f0:90:5d:1a:a7:2b:58:31:1a:5b:ed: f2:b3:92:23:1a:b5:22:1a:be:06:6e:ec:17:6a:2f: 35:33:64:82:a8:78:bb:c1:4f:71:d4:aa:66:4e:e0: e2:49:c4:e3:3f:a8:5a:c9:d1:bd:cd:c9:eb:52:ca: fc:62:17:f4:70:f5:b3:a2:7f:0d:e1:69:70:3b:f5: 17:f7:07:bd:05:93:91:0c:69:53:e2:9b:bd:a1:0f: de:00:bc:54:7b:d7:16:2b:a2:10:ad:89:f9:5a:40: b0:87:8e:96:6b:85:64:f6:98:5d:b0:a4:d3:e6:f9: 97:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:7D:09:BA:E2:EE:7F:8F:F1:8F:3C:E3:E4:C3:D8:74:9E:08:57:27 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/328cea91-878c-4f36-ad16-29b649a79487.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:c8c0::/48 Signature Algorithm: sha256WithRSAEncryption 51:16:48:c4:28:15:07:f1:5e:f1:04:f9:4c:f5:a5:e7:68:62: 73:fa:45:f3:58:bb:40:31:30:af:f2:f1:4a:68:83:cc:22:95: 3f:af:bd:15:6e:14:e2:3d:59:ab:7f:92:5e:46:f3:0b:b5:2c: 0d:11:d1:92:84:af:89:7c:55:7d:c5:12:09:02:f1:67:b2:a0: a7:f6:06:83:2a:78:99:87:bc:5b:81:dc:dd:7a:30:72:7c:16: da:20:c0:31:77:03:2c:c4:38:c2:01:30:f3:b6:7c:7c:24:3e: 6d:32:70:c9:17:a3:2e:ff:ec:f7:50:79:c2:23:de:32:97:16: b6:e0:18:3d:fd:09:70:f2:ee:94:39:1a:20:07:2b:ba:3b:20: 26:98:12:ed:a5:fb:a5:8c:ef:78:ff:c9:62:ed:a5:55:2a:eb: 7c:19:da:e1:50:27:f6:1d:ba:02:fb:8b:1a:26:9f:4f:86:d1: 80:c7:79:75:a9:29:8e:b4:a0:7d:98:ec:13:38:74:4f:4b:e8: 41:cf:86:8a:79:56:8d:64:3c:97:64:7b:1a:99:22:a8:63:08: 82:77:2c:51:55:64:36:5e:c0:07:f4:ee:25:dc:30:c2:0b:5b: a0:2f:bd:ae:31:68:05:fb:84:db:b9:68:86:9f:4f:96:7c:6b: 1b:a6:d0:81 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUOoea9mcZiZGKulEVm/4IVIHqGVswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwODAwMjAwOVoX DTI1MTIxMzIzNTk1OVowejFJMEcGA1UEBRNANmFlN2Q4ZGNmYjJkZjdiNTJlOTky OTAzNjc0ODc1ZmYzMTI1OTY4ZDNjMjQxNDE4ZDkzOGFiMmQwNTA0ZWU4NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdoEHH9RkSCg59IgFIx7BsQIzvgj ZLYqjl2n5QiJxIcSoSQLMU/CiOLBdk4AlSeqo/POMK/1Zg3vlqNSUUT7MPu8Xfcm tFxWghCIqKdZ9yEHVjO12rL/0mpTLhnkOMt99VTZipqWawOvILW/pXBrSAHzWuvy 23uLlbmznpgKkAoq+eH7+68/LMSy8JBdGqcrWDEaW+3ys5IjGrUiGr4GbuwXai81 M2SCqHi7wU9x1KpmTuDiScTjP6haydG9zcnrUsr8Yhf0cPWzon8N4WlwO/UX9we9 BZORDGlT4pu9oQ/eALxUe9cWK6IQrYn5WkCwh46Wa4Vk9phdsKTT5vmX4QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFK19Cbri7n+P8Y884+TD2HSeCFcnMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyOGNlYTkxLTg3OGMtNGYzNi1hZDE2LTI5YjY0OWE3OTQ4Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/8jAMA0GCSqGSIb3DQEBCwUAA4IBAQBRFkjEKBUH8V7xBPlM 9aXnaGJz+kXzWLtAMTCv8vFKaIPMIpU/r70VbhTiPVmrf5JeRvMLtSwNEdGShK+J fFV9xRIJAvFnsqCn9gaDKniZh7xbgdzdejByfBbaIMAxdwMsxDjCATDztnx8JD5t MnDJF6Mu/+z3UHnCI94ylxa24Bg9/Qlw8u6UORogByu6OyAmmBLtpfuljO94/8li 7aVVKut8GdrhUCf2HboC+4saJp9PhtGAx3l1qSmOtKB9mOwTOHRPS+hBz4aKeVaN ZDyXZHsamSKoYwiCdyxRVWQ2XsAH9O4l3DDCC1ugL72uMWgF+4TbuWiGn0+WfGsb ptCB -----END CERTIFICATE-----Generated at Tue Nov 18 09:37:28 2025 by rpki-client