$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/590bbdd1-35ba-48a7-9d01-91fa16220f4e.roa File: 590bbdd1-35ba-48a7-9d01-91fa16220f4e.roa (raw, json) Hash identifier: bxqKMMPq+Dg7y4fUUI/1ZoWphAlP/wmo8JuVyqokxTw= Subject key identifier: 06:03:67:CE:8C:27:2C:09:75:B3:F6:DC:46:D6:11:B7:35:2B:CF:4E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7E2BD4B7094C75AB5FC7C66C03B6084FD77FD1A4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/590bbdd1-35ba-48a7-9d01-91fa16220f4e.roa Signing time: Thu 13 Nov 2025 00:00:13 +0000 ROA not before: Thu 13 Nov 2025 00:00:13 +0000 ROA not after: Thu 18 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daed:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:2b:d4:b7:09:4c:75:ab:5f:c7:c6:6c:03:b6:08:4f:d7:7f:d1:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 13 00:00:13 2025 GMT Not After : Dec 18 23:59:59 2025 GMT Subject: serialNumber=cf260befcac426ac528712be6f0aa406012874c8ccca3e4bad9b42a5a2b0c7be, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:25:63:bc:7b:df:5f:51:d3:29:34:bc:d0:a1: 50:bf:48:90:fe:aa:2f:79:6d:a1:11:d4:58:23:79: 99:7d:d0:4e:d7:23:4b:a8:27:03:c9:de:ee:fc:12: 2f:f9:9c:7d:6f:ec:79:3c:25:a5:4a:4d:19:0f:f0: 13:0b:5e:1f:b0:44:6a:ed:86:96:5f:23:27:19:5e: 61:1e:a0:03:02:1a:03:91:ae:a0:0e:7b:0f:91:38: ae:09:34:36:62:4d:5b:ac:be:8c:2a:e0:f3:26:2e: f3:54:aa:cb:21:b9:51:8a:1a:1c:d2:c1:8f:f9:ff: e1:06:6b:0a:9b:89:f2:7e:b9:f6:3b:6b:cd:d6:76: 9d:c9:ba:25:9c:0b:fd:97:42:74:af:79:bb:2d:89: 4c:ea:29:1e:1e:d0:af:c9:e7:7c:42:ce:25:20:e5: 7a:2c:e7:58:10:e5:50:30:01:1f:fe:c9:e2:0c:34: d1:40:98:8a:fd:fe:39:58:db:8b:8c:91:c1:85:45: eb:58:68:fb:dc:87:e5:fe:dd:db:55:6e:45:80:03: 43:cd:98:57:66:00:37:a1:2f:c0:ac:47:64:aa:36: c9:c9:4f:9f:b4:e8:b1:6d:da:a5:3d:6e:69:f6:08: cf:f0:cb:25:bc:99:21:86:e2:6a:22:3f:72:8c:12: ca:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:03:67:CE:8C:27:2C:09:75:B3:F6:DC:46:D6:11:B7:35:2B:CF:4E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/590bbdd1-35ba-48a7-9d01-91fa16220f4e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daed:e000::/40 Signature Algorithm: sha256WithRSAEncryption 03:81:a7:5b:47:bb:68:30:24:4b:60:ff:50:dc:90:c1:cf:cb: 0c:b4:97:f9:24:2c:f9:39:aa:42:ec:3f:5b:e2:bf:54:48:17: df:13:9a:ab:a4:29:01:05:2c:86:57:ad:11:75:8b:45:b4:18: 71:1f:7e:df:a9:aa:5c:a7:57:87:a8:a2:c6:b8:e5:50:ed:35: 3a:5d:0a:7d:57:3f:04:6c:08:50:0c:64:6f:29:6c:ff:e6:aa: 41:b8:f3:d0:69:08:e0:7c:1c:5d:9a:67:fe:54:bc:79:49:a6: d1:2a:6c:92:9b:a1:28:91:1a:97:e4:3f:4d:a2:da:c9:f2:18: 63:c6:8d:55:5c:ec:f4:97:76:ea:4c:76:83:67:d5:68:56:cf: 49:0c:2e:1b:d0:2a:7c:25:41:ea:46:dd:59:d0:4e:02:a9:e5: 10:d6:7d:c4:9f:1c:6a:7b:e3:64:f4:d9:de:97:5c:67:29:62: c8:e0:0c:9a:64:21:25:eb:05:54:5a:0b:bd:5d:d1:15:e4:d4: 9b:50:02:b3:75:1d:2d:71:0d:75:41:59:80:32:fc:f6:94:a6: 91:d2:4f:22:ba:80:8b:7e:02:e9:8a:38:99:bc:8b:c6:3d:c3: 77:cf:d4:df:f9:2a:87:1a:e5:f4:00:2b:7b:32:ab:8a:38:53: fd:e8:93:c1 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfivUtwlMdatfx8ZsA7YIT9d/0aQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTExMzAwMDAxM1oX DTI1MTIxODIzNTk1OVowejFJMEcGA1UEBRNAY2YyNjBiZWZjYWM0MjZhYzUyODcx MmJlNmYwYWE0MDYwMTI4NzRjOGNjY2EzZTRiYWQ5YjQyYTVhMmIwYzdiZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSVjvHvfX1HTKTS80KFQv0iQ/qov eW2hEdRYI3mZfdBO1yNLqCcDyd7u/BIv+Zx9b+x5PCWlSk0ZD/ATC14fsERq7YaW XyMnGV5hHqADAhoDka6gDnsPkTiuCTQ2Yk1brL6MKuDzJi7zVKrLIblRihoc0sGP +f/hBmsKm4nyfrn2O2vN1nadybolnAv9l0J0r3m7LYlM6ikeHtCvyed8Qs4lIOV6 LOdYEOVQMAEf/sniDDTRQJiK/f45WNuLjJHBhUXrWGj73Ifl/t3bVW5FgANDzZhX ZgA3oS/ArEdkqjbJyU+ftOixbdqlPW5p9gjP8MslvJkhhuJqIj9yjBLKYQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAYDZ86MJywJdbP23EbWEbc1K89OMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU5MGJiZGQxLTM1YmEtNDhhNy05ZDAxLTkxZmExNjIyMGY0ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7eAwDQYJKoZIhvcNAQELBQADggEBAAOBp1tHu2gwJEtg/1Dc kMHPywy0l/kkLPk5qkLsP1viv1RIF98TmqukKQEFLIZXrRF1i0W0GHEfft+pqlyn V4eoosa45VDtNTpdCn1XPwRsCFAMZG8pbP/mqkG489BpCOB8HF2aZ/5UvHlJptEq bJKboSiRGpfkP02i2snyGGPGjVVc7PSXdupMdoNn1WhWz0kMLhvQKnwlQepG3VnQ TgKp5RDWfcSfHGp742T02d6XXGcpYsjgDJpkISXrBVRaC71d0RXk1JtQArN1HS1x DXVBWYAy/PaUppHSTyK6gIt+AumKOJm8i8Y9w3fP1N/5Koca5fQAK3syq4o4U/3o k8E= -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:20 2025 by rpki-client