$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa File: 6966423c-fa27-4cd5-898f-a147e75cdcb6.roa (raw, json) Hash identifier: fQjEwg7gdDxRNkJv3IQ1HHgtXj9fdn+BbE3KGzLc9/o= Subject key identifier: A6:F8:EE:7E:8D:A0:E8:15:F0:CA:CD:B5:1D:34:70:CA:8D:F4:2E:F7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 15EEA644A7C712EFA0D7AA04BD5A55F808074A87 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa Signing time: Sun 09 Nov 2025 00:50:45 +0000 ROA not before: Sun 09 Nov 2025 00:50:45 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:ee:a6:44:a7:c7:12:ef:a0:d7:aa:04:bd:5a:55:f8:08:07:4a:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:50:45 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=a80bf832baadeba2203c573ba4cfd45a8760f5b1944765b4a525a68db9259ce0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:28:8f:ba:41:f6:df:62:f9:ab:aa:e0:43:25: 11:b9:04:2c:62:5f:49:b3:2d:88:7c:33:16:b2:50: 9a:ed:e6:a4:d9:21:5c:a9:ee:ef:b4:5d:64:e6:d7: 67:5c:b5:e3:91:7b:a2:26:37:8f:96:5b:ef:c9:a1: 70:f1:19:1c:3a:a1:ef:e8:c1:69:a3:97:2e:59:22: 61:7b:64:27:31:5f:26:93:f3:5b:45:44:fb:2f:0d: d1:b5:c9:07:2d:75:a8:d4:98:98:97:29:55:69:c6: cb:1c:b0:b0:a6:4a:ca:f6:7f:08:b5:ed:bd:ed:da: 7f:e7:b8:5f:89:8d:89:4b:c4:a0:76:7c:94:5f:0f: 84:9e:2f:d4:00:d6:aa:ec:bf:69:c0:10:38:1a:9d: a5:f6:96:63:f2:05:bd:ff:08:c6:a0:ef:6e:b6:65: a5:bf:6f:f0:f1:db:0e:73:f3:bd:8b:09:be:0a:14: 54:b2:a6:24:85:ae:3e:3e:56:9f:5b:c7:09:3e:08: 53:09:46:d1:ba:4f:b2:46:79:b3:3b:21:bc:c7:5c: 9f:ed:cf:d4:85:8c:f4:60:7d:cf:cc:a1:2c:52:29: f7:88:07:02:8b:c1:4e:66:6b:d8:73:eb:6c:cb:75: 19:e8:93:47:8e:53:68:23:ba:5d:e0:c6:de:99:3c: d2:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:F8:EE:7E:8D:A0:E8:15:F0:CA:CD:B5:1D:34:70:CA:8D:F4:2E:F7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:a000::/40 Signature Algorithm: sha256WithRSAEncryption 75:ed:0d:6a:7f:8a:25:65:48:0c:28:97:60:a9:b0:06:ce:cd: c8:b1:8a:6d:e2:f4:e0:d0:7b:d2:fa:2f:47:24:66:99:1f:95: 51:d7:07:ad:39:28:a7:6e:cf:72:40:55:c5:e4:91:60:f3:f8: 82:46:bf:21:63:8e:c7:08:24:45:1f:3c:e6:f7:5d:f1:de:56: e5:f8:90:ac:a3:2e:d0:1a:80:ae:dc:d7:d6:ac:5e:30:b0:26: 2c:31:16:47:0d:3a:9c:8b:67:6f:b8:76:14:3f:b4:9f:36:c1: 9b:ec:b1:fc:a0:83:47:db:1c:9f:2d:21:05:95:96:be:19:17: 8a:74:db:08:75:fc:68:93:bf:4b:ac:6b:4a:60:2f:93:99:a2: ce:3b:10:54:94:a2:3d:2d:e4:32:c3:fe:de:d9:0a:ee:e5:51: aa:94:42:c5:06:9e:19:d4:26:2f:81:84:5f:8d:c1:7c:9d:be: 1c:a3:11:c8:c2:10:83:f5:72:35:30:3c:a1:ff:2e:8b:6b:94: b6:66:dc:0a:22:b0:45:e7:a8:af:61:96:8d:5e:b7:22:e8:82: 61:ea:69:e3:c2:d9:8d:b8:70:f2:34:15:eb:6f:cf:a3:a7:cd: e2:00:ce:0d:6a:1f:12:ab:83:39:4d:5c:e4:6e:08:a0:b8:ef: 32:b1:7b:83 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFe6mRKfHEu+g16oEvVpV+AgHSocwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwNTA0NVoX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAYTgwYmY4MzJiYWFkZWJhMjIwM2M1 NzNiYTRjZmQ0NWE4NzYwZjViMTk0NDc2NWI0YTUyNWE2OGRiOTI1OWNlMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyiPukH232L5q6rgQyURuQQsYl9J sy2IfDMWslCa7eak2SFcqe7vtF1k5tdnXLXjkXuiJjePllvvyaFw8RkcOqHv6MFp o5cuWSJhe2QnMV8mk/NbRUT7Lw3RtckHLXWo1JiYlylVacbLHLCwpkrK9n8Ite29 7dp/57hfiY2JS8SgdnyUXw+Eni/UANaq7L9pwBA4Gp2l9pZj8gW9/wjGoO9utmWl v2/w8dsOc/O9iwm+ChRUsqYkha4+PlafW8cJPghTCUbRuk+yRnmzOyG8x1yf7c/U hYz0YH3PzKEsUin3iAcCi8FOZmvYc+tsy3UZ6JNHjlNoI7pd4MbemTzSYwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKb47n6NoOgV8MrNtR00cMqN9C73MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY5NjY0MjNjLWZhMjctNGNkNS04OThmLWExNDdlNzVjZGNiNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauaAwDQYJKoZIhvcNAQELBQADggEBAHXtDWp/iiVlSAwol2Cp sAbOzcixim3i9ODQe9L6L0ckZpkflVHXB605KKduz3JAVcXkkWDz+IJGvyFjjscI JEUfPOb3XfHeVuX4kKyjLtAagK7c19asXjCwJiwxFkcNOpyLZ2+4dhQ/tJ82wZvs sfygg0fbHJ8tIQWVlr4ZF4p02wh1/GiTv0usa0pgL5OZos47EFSUoj0t5DLD/t7Z Cu7lUaqUQsUGnhnUJi+BhF+NwXydvhyjEcjCEIP1cjUwPKH/LotrlLZm3AoisEXn qK9hlo1etyLogmHqaePC2Y24cPI0Fetvz6OnzeIAzg1qHxKrgzlNXORuCKC47zKx e4M= -----END CERTIFICATE-----Generated at Tue Nov 18 10:40:21 2025 by rpki-client