$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c7ee93-3655-4ca9-8897-c8e3d1d0f9ea.roa File: 49c7ee93-3655-4ca9-8897-c8e3d1d0f9ea.roa (raw, json) Hash identifier: DL2E0BqspVFrfg0eJBXEU2mfXBZzLXaklX7euAgsvSg= Subject key identifier: 05:77:71:36:C6:1A:42:05:1D:A1:C8:4F:B3:2C:CB:1A:62:BC:9E:C6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0C071506F5D3DA1E825A2747EA56F4E33E4A992D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c7ee93-3655-4ca9-8897-c8e3d1d0f9ea.roa Signing time: Sun 09 Nov 2025 01:00:51 +0000 ROA not before: Sun 09 Nov 2025 01:00:51 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:4800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:07:15:06:f5:d3:da:1e:82:5a:27:47:ea:56:f4:e3:3e:4a:99:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 01:00:51 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=d0f6b0d1953dc9c0105c7c4f40bdfbd7fe0e42457bfc63e1a8fa41ca85e44420, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:1c:f1:09:90:05:43:68:d7:1b:96:55:d0:57: a7:3a:82:34:20:19:5a:d3:f5:7d:33:ef:89:a7:da: 25:b5:2a:fc:51:c5:60:e3:1b:4b:02:49:8a:71:db: a3:6a:3b:cf:e7:50:b5:8f:d1:d9:39:a2:d8:d1:5a: d1:0d:fc:03:21:24:e9:f5:63:43:bc:46:59:39:ee: 7d:dc:b2:9c:b7:85:a7:8f:09:19:20:51:07:cc:b0: 3d:dc:c6:7a:36:6a:a5:57:b9:3c:c2:82:38:26:f0: 84:1e:5b:a4:54:b9:51:17:7b:31:ca:59:8d:da:2d: e2:ec:ee:f9:bb:ca:bf:cc:e1:1d:2b:c1:16:d1:c7: aa:33:a7:a9:1c:cb:93:76:b9:5b:53:5d:2f:f8:ab: b3:86:08:3c:78:ba:c1:96:b9:16:de:4d:68:06:bf: da:9a:99:4b:4c:09:81:11:4d:12:f0:71:56:15:d1: 74:de:d0:43:38:7e:ea:3d:0a:b7:cd:d5:3f:19:09: a2:74:e8:d4:23:42:1a:8f:35:c1:9e:78:4e:af:b5: b9:a4:d0:b3:a3:23:2e:ab:80:d9:a3:76:0b:32:2e: 89:94:a8:d7:a8:b6:f1:d9:d6:c9:60:e1:f5:4f:0b: 8b:23:e9:37:b3:f0:f2:ae:3a:71:d0:64:a7:c8:e9: e6:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:77:71:36:C6:1A:42:05:1D:A1:C8:4F:B3:2C:CB:1A:62:BC:9E:C6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49c7ee93-3655-4ca9-8897-c8e3d1d0f9ea.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:4800::/40 Signature Algorithm: sha256WithRSAEncryption 51:c6:0e:18:33:69:2e:a5:f0:4c:d9:6b:f6:37:a7:63:24:cf: 55:55:cd:84:b6:c9:87:9c:ab:e7:76:3b:08:01:3b:25:79:0e: 50:ca:30:2e:9b:65:ea:15:4f:e3:82:57:aa:37:77:64:f0:d9: a7:b7:94:40:47:83:3e:00:ee:be:2a:e3:0e:b9:e6:a0:3e:21: de:c5:da:bf:b2:63:d5:91:87:cd:31:3a:df:6e:01:37:c4:33: 26:35:0d:98:fd:02:5a:33:cb:25:ea:0d:f9:08:57:40:8b:2a: 0b:e1:3e:24:4a:bc:8c:17:b2:4f:c7:11:d3:d6:1f:6f:01:4e: 1f:a1:df:68:7b:13:49:d4:7c:7e:44:47:f8:07:94:67:a2:9d: f7:c4:b6:44:fb:17:99:8b:22:d5:ba:14:ce:41:37:66:3c:24: c5:f9:3a:df:31:5a:b8:4c:b8:a6:06:9a:ec:f9:55:36:31:36: 53:89:23:44:ce:0f:4e:c2:97:33:ca:64:1f:60:e0:db:c5:5a: 60:27:6e:70:da:3a:6e:ef:35:55:2f:01:40:4d:dc:f3:ae:f8: 23:3c:3f:5e:e5:e9:21:59:c5:7d:c3:9f:4f:77:30:79:0a:24: 73:5c:17:ff:eb:ab:54:41:90:df:39:61:13:0f:fa:e0:ec:43: 99:f5:e7:22 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDAcVBvXT2h6CWidH6lb04z5KmS0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAxMDA1MVoX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAZDBmNmIwZDE5NTNkYzljMDEwNWM3 YzRmNDBiZGZiZDdmZTBlNDI0NTdiZmM2M2UxYThmYTQxY2E4NWU0NDQyMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxzxCZAFQ2jXG5ZV0FenOoI0IBla 0/V9M++Jp9oltSr8UcVg4xtLAkmKcdujajvP51C1j9HZOaLY0VrRDfwDISTp9WND vEZZOe593LKct4WnjwkZIFEHzLA93MZ6NmqlV7k8woI4JvCEHlukVLlRF3sxylmN 2i3i7O75u8q/zOEdK8EW0ceqM6epHMuTdrlbU10v+Kuzhgg8eLrBlrkW3k1oBr/a mplLTAmBEU0S8HFWFdF03tBDOH7qPQq3zdU/GQmidOjUI0IajzXBnnhOr7W5pNCz oyMuq4DZo3YLMi6JlKjXqLbx2dbJYOH1TwuLI+k3s/Dyrjpx0GSnyOnmjQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAV3cTbGGkIFHaHIT7MsyxpivJ7GMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5YzdlZTkzLTM2NTUtNGNhOS04ODk3LWM4ZTNkMWQwZjllYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9kgwDQYJKoZIhvcNAQELBQADggEBAFHGDhgzaS6l8EzZa/Y3 p2Mkz1VVzYS2yYecq+d2OwgBOyV5DlDKMC6bZeoVT+OCV6o3d2Tw2ae3lEBHgz4A 7r4q4w655qA+Id7F2r+yY9WRh80xOt9uATfEMyY1DZj9AlozyyXqDfkIV0CLKgvh PiRKvIwXsk/HEdPWH28BTh+h32h7E0nUfH5ER/gHlGeinffEtkT7F5mLItW6FM5B N2Y8JMX5Ot8xWrhMuKYGmuz5VTYxNlOJI0TOD07ClzPKZB9g4NvFWmAnbnDaOm7v NVUvAUBN3POu+CM8P17l6SFZxX3Dn093MHkKJHNcF//rq1RBkN85YRMP+uDsQ5n1 5yI= -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:49 2025 by rpki-client