$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/768a1d35-dcb0-4972-b5ee-33708b8e02d0.roa File: 768a1d35-dcb0-4972-b5ee-33708b8e02d0.roa (raw, json) Hash identifier: wfNDcGs29jIq5QH9x8iX7Hxargj/uBUk+wkwcZPIah8= Subject key identifier: 6A:05:EC:75:B8:17:6D:64:4B:55:DE:A4:FC:65:14:0D:59:66:3D:ED Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 11141CCC3DB61AB5B21D3669DB87980ED059A63E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/768a1d35-dcb0-4972-b5ee-33708b8e02d0.roa Signing time: Sat 08 Nov 2025 00:20:39 +0000 ROA not before: Sat 08 Nov 2025 00:20:39 +0000 ROA not after: Sat 13 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:b0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:14:1c:cc:3d:b6:1a:b5:b2:1d:36:69:db:87:98:0e:d0:59:a6:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 8 00:20:39 2025 GMT Not After : Dec 13 23:59:59 2025 GMT Subject: serialNumber=acba78334c51cf7f935a09286825b0404e7bd118576ceb4072425cf7288086b5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:1f:be:35:1f:62:8c:61:f2:4e:0e:6c:e0:37: 45:40:ae:e4:12:89:aa:9e:f0:3b:7e:d0:d5:89:39: d2:90:c5:ca:11:f0:ca:52:fc:53:90:4e:df:d7:c8: cf:74:b4:cf:50:0d:22:0f:5c:5f:81:bf:d8:1f:66: fe:b0:ed:50:f6:d0:36:38:ff:6b:5d:dc:9d:73:23: e4:88:d1:a1:db:ee:04:8f:8e:f5:88:86:8f:c8:64: 2c:c8:48:e5:df:7f:ca:6a:fd:b4:cb:04:3b:a6:8e: f7:7a:bc:d8:f7:2e:38:84:4a:76:16:b9:54:1c:bf: e5:2c:4f:39:a1:cb:47:25:a4:6f:08:f9:fa:1d:32: 06:fa:9e:2f:0b:e0:be:3d:cc:59:b8:61:b4:cc:37: c3:fb:1a:d2:dc:af:0a:e9:c1:4f:7a:a1:3b:f4:dc: 28:21:df:f5:9c:a5:97:96:89:10:2c:5f:8d:7b:60: 4f:aa:0a:51:b1:ed:a8:1f:d7:d6:29:c4:97:0e:67: fd:bd:41:b8:60:6e:1d:4c:af:4b:e2:e6:33:32:66: e3:c1:03:1d:4b:ea:7a:1d:15:ac:02:a8:80:f0:1d: a3:8a:15:f5:68:2c:bf:b8:81:c3:91:b3:8f:20:0a: 2c:a6:da:c7:50:ab:aa:9c:e2:e9:ac:dc:a8:0b:41: 16:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:05:EC:75:B8:17:6D:64:4B:55:DE:A4:FC:65:14:0D:59:66:3D:ED X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/768a1d35-dcb0-4972-b5ee-33708b8e02d0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:b0c0::/48 Signature Algorithm: sha256WithRSAEncryption 67:2c:42:ab:1c:89:c8:2a:06:d3:de:3a:2c:45:9b:f5:0f:27: 73:a9:19:fa:57:48:48:8c:ed:28:b2:99:01:6d:e8:56:ee:59: b7:2b:f9:27:2a:1d:cb:30:39:e2:20:ac:00:16:0c:7f:e2:9b: 98:fe:26:f1:7a:44:75:a7:ec:64:88:60:e8:4b:fe:c2:3c:45: 37:cd:48:99:42:e1:17:84:5a:a9:a1:5d:b0:29:37:ea:50:b3: 8a:5f:52:ad:c4:4e:f9:f7:c3:a2:04:32:61:7f:da:10:74:6a: 2e:1d:3f:a5:77:48:22:26:15:dc:54:63:68:ef:30:12:f7:6b: 7d:7d:89:63:31:50:ab:01:11:3e:df:ec:02:6f:30:bc:37:bd: 85:96:2e:ea:ea:33:72:ee:d4:fd:b4:aa:f2:08:de:fe:52:13: 27:3b:4a:c3:72:d1:b8:7f:4b:02:fe:4f:a3:ad:8c:32:b6:7b: 8f:e6:46:e5:10:02:e7:ea:a2:8a:c2:f5:4e:b0:1a:c6:23:f9: 97:f8:79:44:d3:ca:22:53:7d:28:61:d9:ad:5a:6b:fe:d2:97: ce:f7:ee:e6:dc:d1:c7:eb:b2:28:e8:83:ad:e5:a3:69:37:b6: 4d:e0:a5:9b:94:0a:5c:fa:94:0d:71:4a:ef:b9:19:b6:64:7f: c6:0d:78:c5 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUERQczD22GrWyHTZp24eYDtBZpj4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwODAwMjAzOVoX DTI1MTIxMzIzNTk1OVowejFJMEcGA1UEBRNAYWNiYTc4MzM0YzUxY2Y3ZjkzNWEw OTI4NjgyNWIwNDA0ZTdiZDExODU3NmNlYjQwNzI0MjVjZjcyODgwODZiNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoR++NR9ijGHyTg5s4DdFQK7kEomq nvA7ftDViTnSkMXKEfDKUvxTkE7f18jPdLTPUA0iD1xfgb/YH2b+sO1Q9tA2OP9r XdydcyPkiNGh2+4Ej471iIaPyGQsyEjl33/Kav20ywQ7po73erzY9y44hEp2FrlU HL/lLE85octHJaRvCPn6HTIG+p4vC+C+PcxZuGG0zDfD+xrS3K8K6cFPeqE79Nwo Id/1nKWXlokQLF+Ne2BPqgpRse2oH9fWKcSXDmf9vUG4YG4dTK9L4uYzMmbjwQMd S+p6HRWsAqiA8B2jihX1aCy/uIHDkbOPIAosptrHUKuqnOLprNyoC0EWEwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGoF7HW4F21kS1XepPxlFA1ZZj3tMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc2OGExZDM1LWRjYjAtNDk3Mi1iNWVlLTMzNzA4YjhlMDJkMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8rDAMA0GCSqGSIb3DQEBCwUAA4IBAQBnLEKrHInIKgbT3jos RZv1DydzqRn6V0hIjO0ospkBbehW7lm3K/knKh3LMDniIKwAFgx/4puY/ibxekR1 p+xkiGDoS/7CPEU3zUiZQuEXhFqpoV2wKTfqULOKX1KtxE7598OiBDJhf9oQdGou HT+ld0giJhXcVGNo7zAS92t9fYljMVCrARE+3+wCbzC8N72Fli7q6jNy7tT9tKry CN7+UhMnO0rDctG4f0sC/k+jrYwytnuP5kblEALn6qKKwvVOsBrGI/mX+HlE08oi U30oYdmtWmv+0pfO9+7m3NHH67Io6IOt5aNpN7ZN4KWblApc+pQNcUrvuRm2ZH/G DXjF -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:24 2025 by rpki-client