$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/58370a36-bf5a-4314-8163-12b380e5ebe5.roa File: 58370a36-bf5a-4314-8163-12b380e5ebe5.roa (raw, json) Hash identifier: zMu/epvxQ9WIfLhXvgOP0itamItsedtXr4tNBf5ggdI= Subject key identifier: 97:ED:7D:92:82:02:62:4E:D0:A9:52:79:2C:8E:B0:43:56:79:5E:65 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7FD9592DC47CAAEA662C13203470860D4F3D60E3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/58370a36-bf5a-4314-8163-12b380e5ebe5.roa Signing time: Mon 10 Nov 2025 16:20:46 +0000 ROA not before: Mon 10 Nov 2025 16:20:46 +0000 ROA not after: Mon 15 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:d9:59:2d:c4:7c:aa:ea:66:2c:13:20:34:70:86:0d:4f:3d:60:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 10 16:20:46 2025 GMT Not After : Dec 15 23:59:59 2025 GMT Subject: serialNumber=a1688280e3f718841fad64a2b6d216f98574268eeaa24afbd97c8155508b6768, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:26:1d:ef:b0:21:6c:9c:4a:0e:d4:4a:0a:05: d9:84:26:b5:b2:be:31:3b:10:9a:68:4b:ba:18:ed: 95:a4:ae:9b:a2:72:80:04:26:e5:3d:19:6c:47:fa: 78:da:36:20:2f:00:2e:95:8e:21:36:77:4e:ba:52: 58:49:9e:bd:77:ca:fc:2c:94:9c:e9:a4:28:ea:7d: 3d:e7:94:17:a0:fa:af:fc:7d:3e:6a:4b:d1:56:16: 04:73:44:94:cf:11:71:c2:00:3b:75:a7:99:5a:16: e7:7f:b3:bd:46:96:ad:f3:d7:01:46:dd:26:d8:0a: 10:02:1e:1e:e2:b7:3c:14:6c:0f:e2:c5:15:d7:2c: c4:e6:bb:6f:8d:57:81:9b:2d:9e:45:50:8c:77:1b: ef:1d:48:c5:84:07:0b:20:64:c8:83:ed:6f:52:3a: fa:85:18:76:7d:4e:9c:22:f8:0a:81:9a:29:bc:5e: 36:81:02:ed:7d:5b:6f:42:55:31:1f:90:21:44:54: 91:4f:ca:89:3e:82:a3:e4:85:ed:33:6e:52:a9:16: 62:c5:8c:d1:4f:b2:1b:ef:65:84:94:2e:e5:4d:ed: 7d:98:c1:17:b2:81:83:e3:d1:42:a1:a4:b0:c3:ff: 8c:5f:fa:b6:6c:21:4c:83:73:53:b8:c5:6e:cc:99: 84:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:ED:7D:92:82:02:62:4E:D0:A9:52:79:2C:8E:B0:43:56:79:5E:65 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/58370a36-bf5a-4314-8163-12b380e5ebe5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:4000::/40 Signature Algorithm: sha256WithRSAEncryption 77:06:68:6c:09:c3:38:33:79:31:60:06:63:81:ea:11:b6:98: 0f:ab:75:c6:14:75:e1:2a:af:7a:f0:88:6e:17:5c:f7:df:41: e7:81:c9:63:34:d0:5e:80:7e:77:80:25:12:5e:e2:8f:de:c0: e2:0f:9b:3e:dc:12:8c:53:bc:ca:81:0a:6c:43:10:75:d7:cf: 34:42:c9:f3:36:66:a5:89:c7:b1:d8:30:2e:a8:ca:36:e9:ca: 26:ab:f3:59:4e:96:d4:25:24:44:c1:14:ab:f8:df:53:c6:3d: 96:69:41:ec:e9:96:3b:a2:fb:2d:d8:88:68:3e:22:91:96:ee: 41:87:ce:e2:27:de:d3:18:d5:69:43:f5:c5:56:1e:4f:a0:a1: be:36:27:e6:1b:2a:e3:1e:c5:0d:1a:7f:7d:0a:55:d1:16:eb: 9e:02:04:ee:d2:6a:32:a8:ba:0f:7b:44:13:77:4f:57:eb:cb: cb:85:1e:3d:51:ef:1f:c4:d9:99:6e:88:4c:da:35:20:6b:43: ea:91:58:0e:82:03:80:a3:97:d4:c5:35:b4:e6:41:f9:47:93: 04:de:2d:60:de:a7:66:07:d3:20:3f:6b:6d:37:10:5d:73:f8: ec:3c:4d:5e:ce:bd:d4:80:2f:99:85:5d:e0:fc:66:9f:a0:93: 39:4d:93:1e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUf9lZLcR8qupmLBMgNHCGDU89YOMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTExMDE2MjA0NloX DTI1MTIxNTIzNTk1OVowejFJMEcGA1UEBRNAYTE2ODgyODBlM2Y3MTg4NDFmYWQ2 NGEyYjZkMjE2Zjk4NTc0MjY4ZWVhYTI0YWZiZDk3YzgxNTU1MDhiNjc2ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCYd77AhbJxKDtRKCgXZhCa1sr4x OxCaaEu6GO2VpK6bonKABCblPRlsR/p42jYgLwAulY4hNndOulJYSZ69d8r8LJSc 6aQo6n0955QXoPqv/H0+akvRVhYEc0SUzxFxwgA7daeZWhbnf7O9Rpat89cBRt0m 2AoQAh4e4rc8FGwP4sUV1yzE5rtvjVeBmy2eRVCMdxvvHUjFhAcLIGTIg+1vUjr6 hRh2fU6cIvgKgZopvF42gQLtfVtvQlUxH5AhRFSRT8qJPoKj5IXtM25SqRZixYzR T7Ib72WElC7lTe19mMEXsoGD49FCoaSww/+MX/q2bCFMg3NTuMVuzJmE9QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJftfZKCAmJO0KlSeSyOsENWeV5lMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU4MzcwYTM2LWJmNWEtNDMxNC04MTYzLTEyYjM4MGU1ZWJlNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacEAwDQYJKoZIhvcNAQELBQADggEBAHcGaGwJwzgzeTFgBmOB 6hG2mA+rdcYUdeEqr3rwiG4XXPffQeeByWM00F6AfneAJRJe4o/ewOIPmz7cEoxT vMqBCmxDEHXXzzRCyfM2ZqWJx7HYMC6oyjbpyiar81lOltQlJETBFKv431PGPZZp Qezpljui+y3YiGg+IpGW7kGHzuIn3tMY1WlD9cVWHk+gob42J+YbKuMexQ0af30K VdEW654CBO7SajKoug97RBN3T1fry8uFHj1R7x/E2ZluiEzaNSBrQ+qRWA6CA4Cj l9TFNbTmQflHkwTeLWDep2YH0yA/a203EF1z+Ow8TV7OvdSAL5mFXeD8Zp+gkzlN kx4= -----END CERTIFICATE-----Generated at Tue Nov 18 08:23:38 2025 by rpki-client