$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/68f22ed7-c8a5-4cae-956a-e93f94070791.roa File: 68f22ed7-c8a5-4cae-956a-e93f94070791.roa (raw, json) Hash identifier: q/OanOt3O6iozMXnWvgbvI60ELTe76qq59whR74H/y0= Subject key identifier: BC:67:56:0F:0C:10:E7:98:1D:75:32:E2:6B:96:8A:4D:4D:CC:3F:54 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 055F688A1DCACB8AB65C29E41302183868BD7943 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/68f22ed7-c8a5-4cae-956a-e93f94070791.roa Signing time: Fri 07 Nov 2025 00:20:11 +0000 ROA not before: Fri 07 Nov 2025 00:20:11 +0000 ROA not after: Fri 12 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:e080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:5f:68:8a:1d:ca:cb:8a:b6:5c:29:e4:13:02:18:38:68:bd:79:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 7 00:20:11 2025 GMT Not After : Dec 12 23:59:59 2025 GMT Subject: serialNumber=62b7bb048b670a55594ad83219dc93d3558d3322f70754ada59f6567a73cc83e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:8c:61:37:76:49:13:83:15:19:53:83:fc:ae: ad:37:d2:e3:9d:2f:23:c4:7b:48:d5:b3:05:11:38: 8f:44:2b:19:01:bf:b5:3b:6c:b0:dd:f5:c5:5c:0a: 8b:1a:8e:78:a7:db:70:1b:45:f0:26:ad:91:0e:00: 4d:7b:d5:d1:4c:59:19:fa:c9:33:0a:6e:dd:74:af: fc:0c:b5:2c:5d:a9:63:6c:18:d7:b3:a3:59:51:1e: 49:b4:ee:fc:56:ab:7b:31:b6:b5:15:69:d5:f3:f0: 34:dc:5c:e2:2c:ba:8a:b5:49:f2:54:cc:07:93:ad: f3:a0:ca:8a:b3:13:df:4d:ec:9f:dc:6b:15:e9:3d: a1:a3:4d:4e:89:42:b8:8d:60:fe:b8:44:e4:72:24: f6:eb:2e:96:0c:13:38:2f:b8:c0:79:d1:90:38:7c: e7:39:61:ce:9e:81:8d:7a:23:7a:1b:a4:95:38:5f: e8:f6:59:e8:8a:18:00:d1:5c:4e:06:8b:56:f9:29: 3a:89:77:ba:0a:7d:21:c7:be:bf:80:0d:09:28:00: 2f:a2:42:ae:03:94:28:99:72:94:d6:a0:b5:51:6f: c1:74:e0:d5:b8:09:1d:9d:df:be:e6:6c:8e:8a:55: a8:0e:e4:b6:ac:b1:7b:64:d8:22:a0:1b:9d:37:63: 57:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:67:56:0F:0C:10:E7:98:1D:75:32:E2:6B:96:8A:4D:4D:CC:3F:54 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/68f22ed7-c8a5-4cae-956a-e93f94070791.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:e080::/48 Signature Algorithm: sha256WithRSAEncryption 93:f0:ca:32:05:85:f9:28:39:ae:c0:ef:65:21:82:1d:aa:d5: b1:b7:5f:45:a3:a5:ec:c6:00:3a:17:c4:fb:7e:72:86:9b:38: 25:09:27:47:9e:2d:a2:69:18:f8:d9:70:86:d6:8a:56:3c:fd: 69:3d:e0:ed:c8:71:52:e2:3d:c4:6c:33:86:53:6f:6b:04:8e: eb:fb:7a:02:d9:b2:e7:42:7d:18:22:cd:a6:47:37:c8:ce:f5: f2:09:ab:71:50:e4:c1:63:a7:1e:97:83:a9:ad:a2:60:53:9a: 42:b4:dc:87:e1:a6:15:21:69:0a:18:ee:44:ee:23:ba:21:17: 80:21:05:0a:6e:11:81:8a:5e:2a:ba:78:0c:c7:6c:c0:0f:85: a4:ea:71:bf:ab:e9:ee:ff:a7:94:04:97:d0:fb:81:e9:e6:04: b3:86:7e:dd:92:c0:3e:c4:dd:28:08:10:c6:ce:3f:30:50:ea: 14:57:43:0e:41:82:fc:b8:71:c8:ab:14:42:68:13:a4:45:8d: 4c:da:b6:c7:d3:98:de:93:40:32:66:85:ee:54:5f:ab:8a:d1: 28:ca:66:23:97:4d:73:23:e2:c7:13:63:29:07:9c:96:9e:77: 15:c6:ee:00:da:1c:9f:f9:3e:1d:ad:d9:87:d9:f9:0d:31:38: 9e:0f:17:7a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUBV9oih3Ky4q2XCnkEwIYOGi9eUMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNzAwMjAxMVoX DTI1MTIxMjIzNTk1OVowejFJMEcGA1UEBRNANjJiN2JiMDQ4YjY3MGE1NTU5NGFk ODMyMTlkYzkzZDM1NThkMzMyMmY3MDc1NGFkYTU5ZjY1NjdhNzNjYzgzZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2IxhN3ZJE4MVGVOD/K6tN9LjnS8j xHtI1bMFETiPRCsZAb+1O2yw3fXFXAqLGo54p9twG0XwJq2RDgBNe9XRTFkZ+skz Cm7ddK/8DLUsXaljbBjXs6NZUR5JtO78Vqt7Mba1FWnV8/A03FziLLqKtUnyVMwH k63zoMqKsxPfTeyf3GsV6T2ho01OiUK4jWD+uETkciT26y6WDBM4L7jAedGQOHzn OWHOnoGNeiN6G6SVOF/o9lnoihgA0VxOBotW+Sk6iXe6Cn0hx76/gA0JKAAvokKu A5QomXKU1qC1UW/BdODVuAkdnd++5myOilWoDuS2rLF7ZNgioBudN2NXhwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLxnVg8MEOeYHXUy4muWik1NzD9UMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY4ZjIyZWQ3LWM4YTUtNGNhZS05NTZhLWU5M2Y5NDA3MDc5MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8uCAMA0GCSqGSIb3DQEBCwUAA4IBAQCT8MoyBYX5KDmuwO9l IYIdqtWxt19Fo6XsxgA6F8T7fnKGmzglCSdHni2iaRj42XCG1opWPP1pPeDtyHFS 4j3EbDOGU29rBI7r+3oC2bLnQn0YIs2mRzfIzvXyCatxUOTBY6cel4OpraJgU5pC tNyH4aYVIWkKGO5E7iO6IReAIQUKbhGBil4qungMx2zAD4Wk6nG/q+nu/6eUBJfQ +4Hp5gSzhn7dksA+xN0oCBDGzj8wUOoUV0MOQYL8uHHIqxRCaBOkRY1M2rbH05je k0AyZoXuVF+ritEoymYjl01zI+LHE2MpB5yWnncVxu4A2hyf+T4drdmH2fkNMTie Dxd6 -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:43 2025 by rpki-client