$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c92d86f-d096-414c-bd9a-599ba8ca213f.roa File: 5c92d86f-d096-414c-bd9a-599ba8ca213f.roa (raw, json) Hash identifier: H4qaeWO4ujGjWz0QBj4uom+xn5xtrhNsv23z1cA2cbU= Subject key identifier: AD:6C:1B:70:42:65:65:97:56:57:37:81:68:AB:08:52:F2:82:9B:07 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4E1430129DE76FDDE4D02A0854C2EAEBD5F12596 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c92d86f-d096-414c-bd9a-599ba8ca213f.roa Signing time: Sun 09 Nov 2025 00:41:21 +0000 ROA not before: Sun 09 Nov 2025 00:41:21 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:2800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:14:30:12:9d:e7:6f:dd:e4:d0:2a:08:54:c2:ea:eb:d5:f1:25:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:41:21 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=96fcba437ab9b0f4b6ec67adc94d6eb57caac23fc5deefc0a8a37d2158d89931, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:50:ca:59:ea:23:d1:69:72:82:98:43:9d:fc: 7f:7b:14:c8:1e:43:31:7c:ca:dd:f3:f3:ba:77:94: f2:09:75:53:d9:bb:9f:72:af:32:2d:39:7b:7b:2f: ea:93:5e:63:23:7a:b7:46:3b:a4:27:cc:3e:f7:a9: df:5b:96:3d:ff:91:37:29:55:a6:b7:50:58:e2:f6: 73:5a:6a:e5:81:43:c2:6c:00:be:36:48:77:ef:74: 7a:70:ee:b5:a6:66:2d:6a:1e:db:de:8b:9d:f7:f4: e5:89:48:4c:ce:dd:b8:bc:b9:2c:03:ed:95:ac:28: 0d:71:01:ad:b7:be:81:24:e0:af:55:ee:62:a1:d7: 58:38:a6:53:b7:78:53:9d:49:ed:4b:d1:6e:48:74: fe:6d:3e:75:03:30:dc:f6:6f:79:59:f4:3e:2b:a6: 6d:fa:99:70:82:cd:9d:d5:03:21:c2:91:a6:9e:38: 1b:a0:96:9e:5e:89:1d:b3:54:ca:29:7c:b2:f7:20: f7:dd:09:60:80:4d:42:52:63:61:7e:94:a4:47:f8: 9d:3b:37:24:35:aa:2c:a7:8b:78:e4:ca:3e:ab:46: b4:a5:a1:e5:5d:3c:e9:cd:d4:d7:52:a7:83:e2:ef: d4:79:a3:8d:82:74:0c:6f:21:e1:f9:d4:48:35:1d: 1f:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:6C:1B:70:42:65:65:97:56:57:37:81:68:AB:08:52:F2:82:9B:07 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c92d86f-d096-414c-bd9a-599ba8ca213f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:2800::/40 Signature Algorithm: sha256WithRSAEncryption b5:0d:a0:3f:84:81:9d:ad:30:af:42:0f:ed:32:ba:72:75:42: 90:16:93:e6:11:42:62:ed:c7:c7:b3:fe:85:70:24:b9:dc:d8: f3:ac:72:7e:1b:b2:67:a6:62:0e:b3:31:43:98:72:61:f5:eb: f9:57:c7:06:35:50:4b:c1:98:fc:35:eb:8b:54:75:b0:f1:c8: 6d:b8:d7:21:9e:cb:b4:36:a8:95:5b:a8:ea:b3:df:12:b4:e4: 92:f1:b7:6c:1a:eb:a3:c7:c5:cf:7e:18:9b:4d:1a:48:bd:f0: 54:20:49:66:71:ad:5f:95:4a:5e:e7:fc:ef:dc:37:b0:a2:95: 51:71:03:00:a0:48:23:51:85:ed:02:de:b4:4d:a1:ed:da:61: 01:81:47:97:e8:1b:13:33:e9:a0:87:22:ad:23:ae:59:4c:7d: 48:55:bf:07:7b:b9:66:ba:be:d7:94:24:cf:e8:9d:a4:a7:26: 46:77:4e:bc:e4:37:2a:3c:5c:09:7a:b9:0a:bb:72:6d:90:0e: c5:e8:5b:62:2f:93:00:e9:03:14:84:e8:b9:4e:97:0b:eb:55: 9e:50:49:1f:3e:9e:28:13:1b:7a:03:85:af:5f:3d:f5:b4:ea: af:16:59:54:e7:7f:84:f4:20:cf:05:c8:26:4d:27:21:f1:96: 38:47:e5:0e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUThQwEp3nb93k0CoIVMLq69XxJZYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwNDEyMVoX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAOTZmY2JhNDM3YWI5YjBmNGI2ZWM2 N2FkYzk0ZDZlYjU3Y2FhYzIzZmM1ZGVlZmMwYThhMzdkMjE1OGQ4OTkzMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlDKWeoj0WlygphDnfx/exTIHkMx fMrd8/O6d5TyCXVT2bufcq8yLTl7ey/qk15jI3q3RjukJ8w+96nfW5Y9/5E3KVWm t1BY4vZzWmrlgUPCbAC+Nkh373R6cO61pmYtah7b3oud9/TliUhMzt24vLksA+2V rCgNcQGtt76BJOCvVe5ioddYOKZTt3hTnUntS9FuSHT+bT51AzDc9m95WfQ+K6Zt +plwgs2d1QMhwpGmnjgboJaeXokds1TKKXyy9yD33QlggE1CUmNhfpSkR/idOzck Naosp4t45Mo+q0a0paHlXTzpzdTXUqeD4u/UeaONgnQMbyHh+dRINR0fWwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFK1sG3BCZWWXVlc3gWirCFLygpsHMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVjOTJkODZmLWQwOTYtNDE0Yy1iZDlhLTU5OWJhOGNhMjEzZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacCgwDQYJKoZIhvcNAQELBQADggEBALUNoD+EgZ2tMK9CD+0y unJ1QpAWk+YRQmLtx8ez/oVwJLnc2POscn4bsmemYg6zMUOYcmH16/lXxwY1UEvB mPw164tUdbDxyG241yGey7Q2qJVbqOqz3xK05JLxt2wa66PHxc9+GJtNGki98FQg SWZxrV+VSl7n/O/cN7CilVFxAwCgSCNRhe0C3rRNoe3aYQGBR5foGxMz6aCHIq0j rllMfUhVvwd7uWa6vteUJM/onaSnJkZ3TrzkNyo8XAl6uQq7cm2QDsXoW2IvkwDp AxSE6LlOlwvrVZ5QSR8+nigTG3oDha9fPfW06q8WWVTnf4T0IM8FyCZNJyHxljhH 5Q4= -----END CERTIFICATE-----Generated at Tue Nov 18 10:40:27 2025 by rpki-client