$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3cf33701-1ea5-43c6-b291-763d0e06817e.roa File: 3cf33701-1ea5-43c6-b291-763d0e06817e.roa (raw, json) Hash identifier: KkwWJFHV6H5k1U02eFR6QlwNirr3jw3mUxqSPrVSp9c= Subject key identifier: 95:BD:47:15:D5:65:AD:C1:AC:D4:99:EB:A2:05:59:F5:6B:65:53:11 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2DE87A7DB54243E363720BC8E4A719B0BFF82DC8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3cf33701-1ea5-43c6-b291-763d0e06817e.roa Signing time: Sun 09 Nov 2025 00:30:38 +0000 ROA not before: Sun 09 Nov 2025 00:30:38 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1c:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:e8:7a:7d:b5:42:43:e3:63:72:0b:c8:e4:a7:19:b0:bf:f8:2d:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:30:38 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=b0370751e912c0e51bbf183b038c440b00ecfec1b5604c75f6396dc7c4a53e5e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:93:20:75:91:5e:dc:fa:a2:89:34:a1:84:32: 9f:78:a5:2c:21:a7:23:5b:9f:ff:ea:08:1b:b4:69: 0d:6e:77:aa:88:fe:1e:aa:3e:48:fe:1a:9e:e0:45: 93:2c:f5:3f:50:54:e1:b4:23:21:a8:c2:1e:23:76: 69:f7:c3:56:ce:47:a1:59:25:7f:81:74:b6:57:eb: 67:17:9b:d4:55:c1:bd:36:27:05:bc:38:ae:00:6b: ed:56:ff:ec:ef:67:a5:48:74:17:3a:6b:20:f1:e7: 3c:65:22:af:6a:e7:db:f9:27:80:95:1c:8c:8a:da: f3:bb:4d:6b:63:68:35:5e:fe:b0:3e:73:f0:45:81: 92:dd:b0:a2:1b:b6:f7:72:13:7d:ea:3c:82:29:24: 33:2c:35:c5:06:3c:31:a3:0d:48:65:3d:8b:47:dd: 8a:7f:6e:54:bb:91:7a:6c:8a:8a:af:71:a8:18:8b: e5:43:92:ca:57:0b:2f:17:e6:0b:eb:90:3d:dd:e2: 85:d4:6c:66:0a:69:2a:85:84:d6:f4:bb:83:c5:3b: dc:07:84:16:1e:61:46:1a:94:05:b6:f2:b9:3e:9f: de:5f:04:d2:f2:4b:c7:43:33:9e:36:e4:05:31:7e: 09:6d:d4:48:24:dd:c0:d1:8c:a5:58:82:34:90:5d: 5e:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:BD:47:15:D5:65:AD:C1:AC:D4:99:EB:A2:05:59:F5:6B:65:53:11 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3cf33701-1ea5-43c6-b291-763d0e06817e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1c:400::/38 Signature Algorithm: sha256WithRSAEncryption 93:be:23:56:dd:76:61:cf:c3:43:9c:11:03:79:63:2c:1b:0b: 37:14:d5:4a:9b:1a:a7:7a:26:a7:3c:e9:db:48:70:9d:41:59: 9b:b1:ee:8c:89:4b:35:3f:cf:bf:3c:e7:0b:56:13:fc:8b:23: 98:05:61:7a:26:37:b7:c9:d9:7b:e0:7e:a3:a0:be:c2:ab:1a: 28:fd:7e:4b:dd:00:cc:e2:d5:49:59:f6:5c:e8:5c:1b:a1:0a: 95:ad:e1:04:8b:fa:82:3e:58:80:8b:ae:0f:ab:ee:b9:8e:ae: bb:e2:b5:bb:9a:59:c4:53:96:d1:6b:9d:e5:4d:ec:99:7e:82: 21:b1:af:f7:2d:2c:50:b0:d8:22:26:64:2b:99:e4:f9:d1:16: 31:0e:02:49:55:39:b9:43:20:4f:27:cb:74:33:73:ab:f9:82: 78:70:36:f9:98:c6:38:d1:2e:6c:e8:e3:32:85:f1:84:66:fc: 4d:5f:31:5b:bf:6b:59:1a:1b:4c:77:3d:a7:c3:0e:4d:e6:83: 47:b3:e2:6a:ea:01:91:2d:a1:11:82:88:db:3f:c1:fc:56:8c: c4:8a:7b:90:df:1c:95:f4:4c:1c:d4:9b:0f:fa:9e:ea:ab:6b: e1:01:12:38:74:5b:29:97:69:61:7b:3c:53:51:41:34:e1:64: 7d:22:cb:c3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULeh6fbVCQ+NjcgvI5KcZsL/4LcgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwMzAzOFoX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAYjAzNzA3NTFlOTEyYzBlNTFiYmYx ODNiMDM4YzQ0MGIwMGVjZmVjMWI1NjA0Yzc1ZjYzOTZkYzdjNGE1M2U1ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpMgdZFe3PqiiTShhDKfeKUsIacj W5//6ggbtGkNbneqiP4eqj5I/hqe4EWTLPU/UFThtCMhqMIeI3Zp98NWzkehWSV/ gXS2V+tnF5vUVcG9NicFvDiuAGvtVv/s72elSHQXOmsg8ec8ZSKvaufb+SeAlRyM itrzu01rY2g1Xv6wPnPwRYGS3bCiG7b3chN96jyCKSQzLDXFBjwxow1IZT2LR92K f25Uu5F6bIqKr3GoGIvlQ5LKVwsvF+YL65A93eKF1GxmCmkqhYTW9LuDxTvcB4QW HmFGGpQFtvK5Pp/eXwTS8kvHQzOeNuQFMX4JbdRIJN3A0YylWII0kF1eFQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJW9RxXVZa3BrNSZ66IFWfVrZVMRMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNjZjMzNzAxLTFlYTUtNDNjNi1iMjkxLTc2M2QwZTA2ODE3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaHAQwDQYJKoZIhvcNAQELBQADggEBAJO+I1bddmHPw0OcEQN5 YywbCzcU1UqbGqd6Jqc86dtIcJ1BWZux7oyJSzU/z7885wtWE/yLI5gFYXomN7fJ 2XvgfqOgvsKrGij9fkvdAMzi1UlZ9lzoXBuhCpWt4QSL+oI+WICLrg+r7rmOrrvi tbuaWcRTltFrneVN7Jl+giGxr/ctLFCw2CImZCuZ5PnRFjEOAklVOblDIE8ny3Qz c6v5gnhwNvmYxjjRLmzo4zKF8YRm/E1fMVu/a1kaG0x3PafDDk3mg0ez4mrqAZEt oRGCiNs/wfxWjMSKe5DfHJX0TBzUmw/6nuqra+EBEjh0WymXaWF7PFNRQTThZH0i y8M= -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:44 2025 by rpki-client