$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/56f42d5c-eb43-49bf-b9d7-51747507376d.roa File: 56f42d5c-eb43-49bf-b9d7-51747507376d.roa (raw, json) Hash identifier: gvj4v/M89ohtOS98/9hFlkUADSf8h67eKmQkD2cNyIE= Subject key identifier: 8B:83:DB:1B:44:11:B2:22:D2:57:56:89:29:5A:08:54:E1:9F:42:C1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 69EA5A5C66F0CF8028DE6A225E4CC193D5D53246 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/56f42d5c-eb43-49bf-b9d7-51747507376d.roa Signing time: Sun 09 Nov 2025 00:50:41 +0000 ROA not before: Sun 09 Nov 2025 00:50:41 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafa:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:ea:5a:5c:66:f0:cf:80:28:de:6a:22:5e:4c:c1:93:d5:d5:32:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:50:41 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=e9a3bdb0faf003522e46183fd012001eb8f281063798e0adadd8041611f0e536, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:86:9c:d1:f6:47:2a:7d:0f:6e:10:78:9e:48: 14:dd:b0:5c:8c:41:d3:40:fa:19:79:98:f7:da:60: a7:a3:d5:23:12:68:54:80:94:47:76:03:53:f3:c9: c1:6e:2a:5a:ed:60:a0:8a:7e:b4:9c:0c:46:9a:49: 26:26:6e:ac:b3:9d:27:15:37:f7:94:ac:2d:8a:fe: f4:d3:ad:d8:21:3a:55:90:a0:b9:bc:9a:4c:49:7d: b0:d0:cf:69:e8:50:95:19:f8:b8:08:eb:d6:bb:f8: b3:1b:04:80:90:ed:1b:40:e7:1a:3b:5b:87:02:2f: b9:4b:de:ac:3e:5a:69:51:10:0f:bb:9f:40:da:1f: 35:a5:58:05:b0:ec:f1:04:f8:b8:58:20:41:91:6c: c7:28:39:dc:73:3c:4e:21:f3:67:2a:37:fe:82:f9: a4:3c:6c:b1:2b:d9:d3:b5:e1:63:b9:22:2c:66:f3: a0:3b:f3:64:d1:5d:5c:30:36:ed:ee:c2:4f:2a:02: d4:d0:1c:22:d0:c1:2c:a5:86:bb:5d:20:5b:bc:b7: ee:fa:4b:8e:d8:25:61:7f:0d:ec:1e:f4:5c:0b:19: 55:ab:b9:f3:fa:3c:18:f6:42:fc:a8:f8:72:52:a7: c0:11:f6:22:80:1d:66:47:3b:5a:b1:c5:fb:30:90: f7:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:83:DB:1B:44:11:B2:22:D2:57:56:89:29:5A:08:54:E1:9F:42:C1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/56f42d5c-eb43-49bf-b9d7-51747507376d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafa:a000::/40 Signature Algorithm: sha256WithRSAEncryption 65:d3:6c:db:15:8f:9c:40:87:b1:06:22:15:ae:7f:1d:27:87: 24:cc:ba:a1:f8:af:9f:05:46:8f:6b:71:ff:5e:9a:92:54:55: a2:c7:80:22:b4:9a:8c:73:29:76:43:02:30:50:80:57:57:5b: 74:22:a7:9e:c5:58:6b:26:2c:89:9e:41:86:08:98:ca:ae:8b: eb:a8:6b:72:b4:b1:44:0e:01:44:b3:1f:60:de:32:f2:35:9c: c0:ac:e3:c0:96:dc:25:6e:d2:7a:a5:2e:4e:69:3c:e6:91:3e: 4b:d9:34:fd:23:4a:c9:e9:ba:9c:5e:d0:97:66:6f:5e:88:5e: 14:13:43:98:1a:21:e8:08:ab:a3:86:44:e7:a1:c2:04:d1:70: 0b:45:d0:77:c6:fa:1f:57:d8:8a:05:ae:25:76:a0:63:88:58: cb:d1:f5:7a:c3:cb:7e:87:44:5d:25:4a:e9:2d:48:56:a6:b2: c9:10:0f:f8:dd:a2:10:c0:2a:bc:07:e0:d1:cd:83:04:56:0c: 70:88:46:9e:a1:65:3a:b3:0a:47:8b:cd:5e:8c:2a:b9:08:3a: 16:7d:f3:d9:9f:c2:56:2d:40:3d:64:44:81:91:66:20:5c:8d: 11:20:8f:b0:8b:0d:6b:15:e2:86:a2:8b:67:40:ea:da:ff:6f: 2d:11:1e:6e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUaepaXGbwz4Ao3moiXkzBk9XVMkYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwNTA0MVoX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAZTlhM2JkYjBmYWYwMDM1MjJlNDYx ODNmZDAxMjAwMWViOGYyODEwNjM3OThlMGFkYWRkODA0MTYxMWYwZTUzNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7oac0fZHKn0PbhB4nkgU3bBcjEHT QPoZeZj32mCno9UjEmhUgJRHdgNT88nBbipa7WCgin60nAxGmkkmJm6ss50nFTf3 lKwtiv70063YITpVkKC5vJpMSX2w0M9p6FCVGfi4COvWu/izGwSAkO0bQOcaO1uH Ai+5S96sPlppURAPu59A2h81pVgFsOzxBPi4WCBBkWzHKDncczxOIfNnKjf+gvmk PGyxK9nTteFjuSIsZvOgO/Nk0V1cMDbt7sJPKgLU0Bwi0MEspYa7XSBbvLfu+kuO 2CVhfw3sHvRcCxlVq7nz+jwY9kL8qPhyUqfAEfYigB1mRztascX7MJD3hQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIuD2xtEEbIi0ldWiSlaCFThn0LBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU2ZjQyZDVjLWViNDMtNDliZi1iOWQ3LTUxNzQ3NTA3Mzc2ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+qAwDQYJKoZIhvcNAQELBQADggEBAGXTbNsVj5xAh7EGIhWu fx0nhyTMuqH4r58FRo9rcf9empJUVaLHgCK0moxzKXZDAjBQgFdXW3Qip57FWGsm LImeQYYImMqui+uoa3K0sUQOAUSzH2DeMvI1nMCs48CW3CVu0nqlLk5pPOaRPkvZ NP0jSsnpupxe0Jdmb16IXhQTQ5gaIegIq6OGROehwgTRcAtF0HfG+h9X2IoFriV2 oGOIWMvR9XrDy36HRF0lSuktSFamsskQD/jdohDAKrwH4NHNgwRWDHCIRp6hZTqz CkeLzV6MKrkIOhZ989mfwlYtQD1kRIGRZiBcjREgj7CLDWsV4oaii2dA6tr/by0R Hm4= -----END CERTIFICATE-----Generated at Tue Nov 18 09:37:09 2025 by rpki-client