$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4b07dfd7-5453-4b08-89f3-583f124643f9.roa File: 4b07dfd7-5453-4b08-89f3-583f124643f9.roa (raw, json) Hash identifier: bQPLX46gkIzIj+YTUb7eMtYYfqhMNqFPUbj6+WUjJTE= Subject key identifier: 27:41:AF:29:CB:88:58:9A:22:A5:52:59:EA:1A:D0:29:EB:BE:E1:27 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 561F54461676979CDC4708DB9C54AB1C040162A9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4b07dfd7-5453-4b08-89f3-583f124643f9.roa Signing time: Sun 09 Nov 2025 00:50:45 +0000 ROA not before: Sun 09 Nov 2025 00:50:45 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da14::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:1f:54:46:16:76:97:9c:dc:47:08:db:9c:54:ab:1c:04:01:62:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:50:45 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=4a2a8fe4f42e6c11b9f856c4ade7ce6bfddb038060551a104787ac0af54faf64, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:2a:db:57:c3:c5:33:dc:32:ad:80:67:c3:e9: 1b:af:9f:67:93:a6:db:e0:0a:be:2e:0c:f6:6b:4c: c7:b9:ed:ce:ab:32:6b:07:75:ea:d8:ec:a5:04:3f: ad:3e:9d:03:66:a8:78:64:c1:e1:5e:a3:75:6a:02: 99:80:dd:5f:d1:bf:a1:18:ed:71:cd:7e:be:01:69: d4:d3:92:f0:00:5f:b2:9b:73:ab:54:55:85:5f:f6: b4:d0:ce:f0:1c:3f:b3:88:bc:6a:d3:5e:fa:54:55: f8:e2:f6:d5:17:bf:11:94:56:8a:18:9c:d9:79:06: fa:85:cb:f9:94:a8:8a:e1:7e:5b:6c:e5:8a:eb:da: 9b:20:cc:5d:73:09:7c:09:03:6c:60:49:ad:28:ed: 78:df:3a:9f:cb:8f:ba:44:40:3e:39:16:06:97:7a: 85:75:96:02:b6:0a:24:f8:5c:5f:2c:9f:fe:1b:64: 83:ce:54:b7:9f:06:e2:c2:ce:6f:96:0d:3d:43:48: 8b:ca:8f:1c:e6:94:fb:b4:f0:b5:7b:2e:d3:d4:f0: 23:92:f6:88:e5:9e:53:6b:0a:9f:23:9c:3f:c9:e6: e3:d8:07:46:41:6d:49:a9:26:bf:5c:ee:db:61:b0: fb:fa:da:09:7e:b5:88:61:18:5e:d1:a9:52:f8:ec: bf:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:41:AF:29:CB:88:58:9A:22:A5:52:59:EA:1A:D0:29:EB:BE:E1:27 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4b07dfd7-5453-4b08-89f3-583f124643f9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da14::/36 Signature Algorithm: sha256WithRSAEncryption 59:75:3a:f0:b2:3b:a8:f1:6b:28:a9:c8:11:25:29:ed:84:d4: 1f:fa:f0:cf:8c:6c:2c:db:b7:a1:f3:17:3d:56:99:33:63:5c: a3:48:5a:4d:d4:d2:93:77:0e:62:a6:3b:08:1c:d7:2e:9e:f2: c8:79:27:75:12:91:33:d2:9a:75:71:4c:7c:84:54:4d:24:b9: 32:50:ba:d3:4c:1d:1c:ea:45:27:b5:03:dc:69:7e:f8:c2:d9: e9:0f:b7:8d:cc:0c:5b:c0:f5:fc:82:25:67:12:51:32:4e:a1: de:c7:3b:d0:a2:44:b6:bf:78:0e:5c:63:86:d5:60:12:05:c3: a3:d6:60:bd:46:28:44:23:57:78:9c:04:24:56:cc:27:6b:85: 8b:c3:a9:72:de:65:fe:4b:3a:79:a8:eb:b5:aa:f9:68:e5:fa: ac:06:77:ed:19:4f:63:60:70:55:cd:d1:00:2a:3e:40:b1:69: 86:91:bb:a9:f1:a3:b0:c6:ad:eb:56:96:db:6d:cd:2c:fa:21: 9b:39:4e:6e:f5:83:ec:ab:88:41:71:fc:66:20:e5:4e:39:29: 3f:04:ab:84:d6:6b:79:d0:1b:b1:9c:7d:a7:29:8a:de:3e:98: ab:2a:d9:bc:38:ef:bb:ee:a6:53:f4:2a:07:ab:63:ac:9b:1a: 8a:bf:a7:26 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVh9URhZ2l5zcRwjbnFSrHAQBYqkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwNTA0NVoX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNANGEyYThmZTRmNDJlNmMxMWI5Zjg1 NmM0YWRlN2NlNmJmZGRiMDM4MDYwNTUxYTEwNDc4N2FjMGFmNTRmYWY2NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCrbV8PFM9wyrYBnw+kbr59nk6bb 4Aq+Lgz2a0zHue3OqzJrB3Xq2OylBD+tPp0DZqh4ZMHhXqN1agKZgN1f0b+hGO1x zX6+AWnU05LwAF+ym3OrVFWFX/a00M7wHD+ziLxq0176VFX44vbVF78RlFaKGJzZ eQb6hcv5lKiK4X5bbOWK69qbIMxdcwl8CQNsYEmtKO143zqfy4+6REA+ORYGl3qF dZYCtgok+FxfLJ/+G2SDzlS3nwbiws5vlg09Q0iLyo8c5pT7tPC1ey7T1PAjkvaI 5Z5TawqfI5w/yebj2AdGQW1JqSa/XO7bYbD7+toJfrWIYRhe0alS+Oy/FQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCdBrynLiFiaIqVSWeoa0CnrvuEnMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRiMDdkZmQ3LTU0NTMtNGIwOC04OWYzLTU4M2YxMjQ2NDNmOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaFAAwDQYJKoZIhvcNAQELBQADggEBAFl1OvCyO6jxayipyBEl Ke2E1B/68M+MbCzbt6HzFz1WmTNjXKNIWk3U0pN3DmKmOwgc1y6e8sh5J3USkTPS mnVxTHyEVE0kuTJQutNMHRzqRSe1A9xpfvjC2ekPt43MDFvA9fyCJWcSUTJOod7H O9CiRLa/eA5cY4bVYBIFw6PWYL1GKEQjV3icBCRWzCdrhYvDqXLeZf5LOnmo67Wq +Wjl+qwGd+0ZT2NgcFXN0QAqPkCxaYaRu6nxo7DGretWltttzSz6IZs5Tm71g+yr iEFx/GYg5U45KT8Eq4TWa3nQG7Gcfacpit4+mKsq2bw477vuplP0KgerY6ybGoq/ pyY= -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:59 2025 by rpki-client