$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/81ad1b0a-6cf3-4e1e-9269-1278b1e9a286.roa File: 81ad1b0a-6cf3-4e1e-9269-1278b1e9a286.roa (raw, json) Hash identifier: AjCz59Wqlni/Ay7duXzgsFSWOvWQYI5w2hPuMMAX1qw= Subject key identifier: 1A:0F:BE:29:D1:80:3F:DB:C6:B4:D5:58:E7:3D:48:D6:47:4B:CA:BD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2FEC3CAE0D7E46B53961EF0167F1062B12A2BA48 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/81ad1b0a-6cf3-4e1e-9269-1278b1e9a286.roa Signing time: Sat 08 Nov 2025 00:00:45 +0000 ROA not before: Sat 08 Nov 2025 00:00:45 +0000 ROA not after: Sat 13 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daec:c000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:ec:3c:ae:0d:7e:46:b5:39:61:ef:01:67:f1:06:2b:12:a2:ba:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 8 00:00:45 2025 GMT Not After : Dec 13 23:59:59 2025 GMT Subject: serialNumber=dce7f617a8ea243a2842732cb47fc8a1b0d76aa1f2277721a8e0b68be66ad65d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:86:4d:be:93:44:d5:1c:3b:ae:d0:4d:42:d7: cf:cf:2c:31:2b:c5:81:1a:ed:43:72:89:0c:ee:88: 13:bf:69:b1:68:eb:ad:08:18:04:91:ea:f3:ce:c0: 21:ad:94:50:95:5f:25:d3:ca:73:64:1f:21:f1:e8: 0d:87:84:7a:3a:5f:e4:eb:69:dd:69:47:cf:42:63: 30:86:13:47:ab:3c:79:64:43:12:11:70:ba:29:ed: 48:7d:0d:07:f0:45:01:c3:ea:a0:3b:9d:23:fe:8e: d3:5c:fe:c9:51:f2:61:9c:9c:b7:43:1c:a3:2f:4a: 16:13:38:76:9e:98:dc:85:46:2d:56:ff:ea:eb:c8: e0:4c:1f:d7:08:65:d9:80:24:cf:69:ad:48:ee:a9: 92:df:13:25:f9:5d:50:3e:ac:2d:e1:dd:f5:f1:fe: 13:33:15:84:63:93:f2:70:84:e5:a7:d2:b4:f5:2d: d4:98:2b:a9:f4:c8:7d:85:90:9b:b1:8d:c8:e6:91: 0e:fa:da:af:be:bb:dd:45:fd:09:a6:41:d1:aa:97: ef:b5:3f:be:11:52:ee:9a:d3:15:d4:35:24:5b:31: 71:55:e3:d6:4c:62:b8:3f:ac:03:b9:80:0b:0b:18: c4:a3:c1:95:2b:87:4d:90:82:41:cb:8d:a9:9c:ba: d5:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:0F:BE:29:D1:80:3F:DB:C6:B4:D5:58:E7:3D:48:D6:47:4B:CA:BD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/81ad1b0a-6cf3-4e1e-9269-1278b1e9a286.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daec:c000::/48 Signature Algorithm: sha256WithRSAEncryption 68:e0:7e:e1:ac:f2:b9:cb:43:30:18:ae:de:ef:d1:6f:c8:b4: 6f:fa:c9:c3:1b:1d:27:fb:91:05:4b:f0:0b:4f:92:7e:5e:59: 41:5c:20:f0:c6:68:58:b7:36:cd:f7:33:5e:2d:bd:0c:46:19: d0:a8:94:8d:ce:82:5b:c4:87:67:db:61:a6:4b:bb:49:e0:2e: 3d:0e:37:49:ee:f1:4f:d7:83:84:27:ab:1d:94:d9:ee:f9:25: b3:12:7c:f0:ae:c3:d9:6c:cb:44:43:dd:f0:0e:5a:91:84:92: d8:4c:f3:b4:39:f9:65:d8:4a:74:8d:54:c8:0a:5c:c9:84:6e: 51:0e:61:af:db:c5:fe:e9:81:81:97:34:cb:03:7f:b9:03:c2: 5f:c1:5a:e6:7f:26:4c:18:ab:6e:d6:08:25:53:c3:b9:63:b5: 20:f9:cc:c3:93:3e:21:ec:2a:b3:e4:63:31:67:80:4d:95:0d: f3:4a:b9:ba:d4:0d:e7:db:d0:6a:67:3f:24:cf:40:1d:f4:54: 1b:62:d3:2a:bb:60:94:bd:93:fa:bb:89:d2:87:99:c1:9e:6c: f4:2f:bd:f6:1f:0b:0d:64:c1:78:d1:dc:58:ef:88:cc:bc:b4: 44:78:40:ed:f0:1f:55:3f:e8:d0:6e:9a:70:6f:44:24:18:e8: 43:f1:37:2f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUL+w8rg1+RrU5Ye8BZ/EGKxKiukgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwODAwMDA0NVoX DTI1MTIxMzIzNTk1OVowejFJMEcGA1UEBRNAZGNlN2Y2MTdhOGVhMjQzYTI4NDI3 MzJjYjQ3ZmM4YTFiMGQ3NmFhMWYyMjc3NzIxYThlMGI2OGJlNjZhZDY1ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoZNvpNE1Rw7rtBNQtfPzywxK8WB Gu1DcokM7ogTv2mxaOutCBgEkerzzsAhrZRQlV8l08pzZB8h8egNh4R6Ol/k62nd aUfPQmMwhhNHqzx5ZEMSEXC6Ke1IfQ0H8EUBw+qgO50j/o7TXP7JUfJhnJy3Qxyj L0oWEzh2npjchUYtVv/q68jgTB/XCGXZgCTPaa1I7qmS3xMl+V1QPqwt4d318f4T MxWEY5PycITlp9K09S3UmCup9Mh9hZCbsY3I5pEO+tqvvrvdRf0JpkHRqpfvtT++ EVLumtMV1DUkWzFxVePWTGK4P6wDuYALCxjEo8GVK4dNkIJBy42pnLrVTQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBoPvinRgD/bxrTVWOc9SNZHS8q9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzgxYWQxYjBhLTZjZjMtNGUxZS05MjY5LTEyNzhiMWU5YTI4Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba7MAAMA0GCSqGSIb3DQEBCwUAA4IBAQBo4H7hrPK5y0MwGK7e 79FvyLRv+snDGx0n+5EFS/ALT5J+XllBXCDwxmhYtzbN9zNeLb0MRhnQqJSNzoJb xIdn22GmS7tJ4C49DjdJ7vFP14OEJ6sdlNnu+SWzEnzwrsPZbMtEQ93wDlqRhJLY TPO0Ofll2Ep0jVTIClzJhG5RDmGv28X+6YGBlzTLA3+5A8JfwVrmfyZMGKtu1ggl U8O5Y7Ug+czDkz4h7Cqz5GMxZ4BNlQ3zSrm61A3n29BqZz8kz0Ad9FQbYtMqu2CU vZP6u4nSh5nBnmz0L732HwsNZMF40dxY74jMvLREeEDt8B9VP+jQbppwb0QkGOhD 8Tcv -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:46 2025 by rpki-client