$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7e9fa435-b2ca-4846-8c84-dd6ad902a20c.roa File: 7e9fa435-b2ca-4846-8c84-dd6ad902a20c.roa (raw, json) Hash identifier: OsztbQlevljYZPfQfwBDiGZZshWgC77e5NeMLxZw81c= Subject key identifier: 35:4F:C3:B0:14:FB:6D:08:AC:6F:10:FB:64:D0:6A:86:9C:FF:84:20 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6CB10EA22EC87D844C6511F48094496B8DDE060C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7e9fa435-b2ca-4846-8c84-dd6ad902a20c.roa Signing time: Sat 08 Nov 2025 00:20:57 +0000 ROA not before: Sat 08 Nov 2025 00:20:57 +0000 ROA not after: Sat 13 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:b1:0e:a2:2e:c8:7d:84:4c:65:11:f4:80:94:49:6b:8d:de:06:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 8 00:20:57 2025 GMT Not After : Dec 13 23:59:59 2025 GMT Subject: serialNumber=f2b14fe2e1154577c6da4715cdd4737af4982f16d4f5879dd294e988a3859f7e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:c0:1c:8b:a4:13:2e:87:89:1b:63:4c:61:a1: 34:79:4e:9d:52:ec:d1:8a:2d:0b:cf:a6:8d:80:36: 9e:bc:4c:6d:42:bb:dd:3d:9a:7c:6d:c2:a7:6b:3b: de:e9:75:bc:6e:17:7f:a1:89:86:7c:bb:56:c3:54: 68:3a:22:52:44:c1:e6:67:60:c3:22:aa:01:ba:b1: fc:06:a3:a7:10:50:ba:dc:cc:0d:40:53:5a:1c:6a: 09:dc:47:a6:3b:d6:24:be:0f:0b:03:24:f8:5f:38: 49:ab:80:53:6e:2a:20:bc:9e:0f:0a:2f:5f:6d:69: dd:c8:4f:e2:b7:99:83:11:75:db:2e:f8:07:88:1f: 60:dc:1b:a1:e9:47:21:88:51:d6:0d:f4:79:c1:d0: cd:8e:c7:fe:29:61:35:60:7f:6a:07:d5:46:f7:56: a9:55:51:33:54:c3:b1:c4:e4:62:6c:12:63:08:09: 87:0d:eb:be:2d:86:c0:6b:35:be:90:40:06:7a:17: d9:ab:44:e9:0b:e1:f9:04:37:fc:aa:31:35:56:2c: 7d:40:b8:01:92:ea:16:22:77:99:5f:7f:ae:3e:8b: 0a:9d:55:48:a7:e9:2f:ad:8f:a7:61:71:1a:5e:08: 55:ad:c8:9c:64:2b:bc:a5:68:a7:a4:9a:75:e4:03: b7:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:4F:C3:B0:14:FB:6D:08:AC:6F:10:FB:64:D0:6A:86:9C:FF:84:20 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7e9fa435-b2ca-4846-8c84-dd6ad902a20c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:b000::/40 Signature Algorithm: sha256WithRSAEncryption 27:3b:9e:4b:b6:96:45:2c:87:51:dd:4b:79:97:77:80:5f:d5: 38:9e:57:81:1c:d2:07:bb:62:81:20:42:39:0b:b1:90:85:8e: 9e:71:0d:90:dd:e0:1a:77:cf:9c:18:5b:a0:88:8d:3a:5b:0a: 3b:0c:06:91:63:92:55:30:ed:82:07:af:37:17:6b:10:b2:bf: 63:dd:86:13:0d:4d:29:2f:04:27:1c:85:cc:45:2b:5d:c8:4b: 59:d1:3b:94:51:fd:c1:68:d7:16:23:3a:65:7e:da:02:2c:38: cc:e1:fe:dd:28:f6:bd:7b:18:a0:52:ed:df:cf:32:1d:67:1b: 78:3b:9b:07:41:f9:7e:9c:f2:2e:db:b8:82:22:2f:b3:81:81: 27:6b:4c:d1:01:cb:f4:ac:9a:cc:38:89:b7:4d:e5:72:6f:69: 27:a3:5e:6d:55:58:dd:6d:65:03:a1:eb:8d:41:63:4e:20:07: 1c:af:0c:e6:89:f1:c7:f7:7c:07:dd:f5:92:7f:f3:3a:63:21: 85:aa:7e:96:88:51:ed:93:e8:11:9d:6e:d0:b1:e6:67:77:e4: 9f:bf:9e:0e:3e:f4:79:62:31:1a:c8:04:81:96:c4:21:89:3e: c7:97:42:7c:97:df:32:f0:96:61:10:37:9b:3e:b5:97:1c:80: 80:f9:de:ad -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbLEOoi7IfYRMZRH0gJRJa43eBgwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwODAwMjA1N1oX DTI1MTIxMzIzNTk1OVowejFJMEcGA1UEBRNAZjJiMTRmZTJlMTE1NDU3N2M2ZGE0 NzE1Y2RkNDczN2FmNDk4MmYxNmQ0ZjU4NzlkZDI5NGU5ODhhMzg1OWY3ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycAci6QTLoeJG2NMYaE0eU6dUuzR ii0Lz6aNgDaevExtQrvdPZp8bcKnazve6XW8bhd/oYmGfLtWw1RoOiJSRMHmZ2DD IqoBurH8BqOnEFC63MwNQFNaHGoJ3EemO9Ykvg8LAyT4XzhJq4BTbiogvJ4PCi9f bWndyE/it5mDEXXbLvgHiB9g3Buh6UchiFHWDfR5wdDNjsf+KWE1YH9qB9VG91ap VVEzVMOxxORibBJjCAmHDeu+LYbAazW+kEAGehfZq0TpC+H5BDf8qjE1Vix9QLgB kuoWIneZX3+uPosKnVVIp+kvrY+nYXEaXghVrcicZCu8pWinpJp15AO3KwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDVPw7AU+20IrG8Q+2TQaoac/4QgMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzdlOWZhNDM1LWIyY2EtNDg0Ni04Yzg0LWRkNmFkOTAyYTIwYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYbAwDQYJKoZIhvcNAQELBQADggEBACc7nku2lkUsh1HdS3mX d4Bf1TieV4Ec0ge7YoEgQjkLsZCFjp5xDZDd4Bp3z5wYW6CIjTpbCjsMBpFjklUw 7YIHrzcXaxCyv2PdhhMNTSkvBCcchcxFK13IS1nRO5RR/cFo1xYjOmV+2gIsOMzh /t0o9r17GKBS7d/PMh1nG3g7mwdB+X6c8i7buIIiL7OBgSdrTNEBy/Ssmsw4ibdN 5XJvaSejXm1VWN1tZQOh641BY04gBxyvDOaJ8cf3fAfd9ZJ/8zpjIYWqfpaIUe2T 6BGdbtCx5md35J+/ng4+9HliMRrIBIGWxCGJPseXQnyX3zLwlmEQN5s+tZccgID5 3q0= -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:24 2025 by rpki-client