$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/880212bb-51a8-4111-9ffb-f1fce2a3315f.roa File: 880212bb-51a8-4111-9ffb-f1fce2a3315f.roa (raw, json) Hash identifier: eJyI4JfEiqkSoc5jqQlG18qRPrHpLo+6JtN/B5sr3jY= Subject key identifier: D7:4F:71:AF:CE:01:F0:82:B4:00:40:1D:CD:36:F3:7A:09:44:19:D0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7061FB5F0A7FCBDF393DC4FA761EC017C1E1F305 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/880212bb-51a8-4111-9ffb-f1fce2a3315f.roa Signing time: Sun 09 Nov 2025 00:50:05 +0000 ROA not before: Sun 09 Nov 2025 00:50:05 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:7000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:61:fb:5f:0a:7f:cb:df:39:3d:c4:fa:76:1e:c0:17:c1:e1:f3:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:50:05 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=8e2a6606d2194ab108b79fb976df1eb3464f43b4190fbac935bc877f65636ca5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:30:7c:64:01:14:bc:48:78:99:af:c6:c6:68: a4:e3:61:3d:b4:98:b4:8a:c1:17:e6:a9:b4:e1:a6: ce:b1:66:ef:42:0c:42:48:d6:3d:e0:c5:7b:28:8d: 04:d2:4d:54:49:04:a9:d9:44:d4:a6:a6:f3:ec:e3: e5:15:4c:a2:96:a2:bd:30:28:cc:62:06:64:22:de: 4c:8c:b2:a4:27:f6:33:0a:85:b6:4c:f2:13:ea:e4: f4:d2:3b:df:d7:98:c2:52:7f:ff:17:0a:ee:dd:be: a2:82:96:a0:f0:c0:42:f0:19:dd:ee:54:3e:75:d1: 4a:db:90:d6:ed:a9:87:d7:d8:62:a6:62:aa:73:13: f7:d0:2f:08:9f:f7:27:01:fe:90:dd:6a:2e:67:ec: 15:e3:73:c7:3e:43:d0:f5:fc:50:77:19:65:c7:c5: 76:a7:0e:25:17:87:ef:7a:c5:13:b7:90:28:7a:0a: 95:ed:f2:a6:45:5d:43:f8:41:3f:c5:6c:be:ba:77: 73:ab:36:64:64:7e:aa:4c:c9:2f:b6:b5:e4:17:c0: 04:c9:e2:0a:3c:99:78:16:d2:40:c6:79:37:15:de: fe:4a:1b:0f:8a:20:74:66:89:b2:f1:41:eb:ad:bc: 53:42:6b:e0:e0:b2:fb:7b:d4:a6:1e:cf:95:0f:54: 5d:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:4F:71:AF:CE:01:F0:82:B4:00:40:1D:CD:36:F3:7A:09:44:19:D0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/880212bb-51a8-4111-9ffb-f1fce2a3315f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:7000::/40 Signature Algorithm: sha256WithRSAEncryption 2d:68:91:9f:44:0c:09:70:37:a4:87:53:c3:ad:62:73:0f:1f: ae:b1:3e:15:90:ef:b6:91:88:62:60:e7:cf:ed:06:90:e5:a4: 81:8c:09:7d:97:53:e9:65:b9:3e:52:27:a5:a7:25:ee:9a:9e: 34:0b:55:ba:8a:96:30:53:00:13:ca:da:d5:33:cc:ba:ff:07: 32:ea:64:61:69:f3:4d:b7:82:0d:f2:f5:f6:d4:b0:de:ce:d0: 43:30:25:92:fb:ca:e9:ea:39:de:cc:60:cd:e7:6f:d1:95:b5: 8f:cf:df:49:f4:e4:c8:d5:2b:63:f9:28:91:0a:0c:0b:6f:dc: 8f:11:bf:a3:de:4a:a8:1e:bb:22:9f:dd:84:cb:ac:07:77:ee: c3:45:ff:7c:be:f4:ee:60:36:c8:07:75:96:0b:9e:12:b4:85: fe:aa:fe:5d:ee:81:7a:73:70:bd:7a:01:6b:4b:92:85:ed:cd: f9:e4:f2:ca:91:d3:00:40:61:0b:6b:41:a5:c1:d3:49:9e:9a: 5e:43:4e:c7:92:29:05:30:ab:89:e4:5e:5e:88:42:8f:9b:cf: 46:93:fd:38:9b:83:85:aa:c6:26:4d:0e:a2:1b:98:11:30:7f: b6:1f:db:e0:4f:a4:86:93:9b:88:ba:d5:f6:56:a3:f6:a7:6b: 6b:fc:4b:a3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcGH7Xwp/y985PcT6dh7AF8Hh8wUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwNTAwNVoX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAOGUyYTY2MDZkMjE5NGFiMTA4Yjc5 ZmI5NzZkZjFlYjM0NjRmNDNiNDE5MGZiYWM5MzViYzg3N2Y2NTYzNmNhNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjB8ZAEUvEh4ma/Gxmik42E9tJi0 isEX5qm04abOsWbvQgxCSNY94MV7KI0E0k1USQSp2UTUpqbz7OPlFUyilqK9MCjM YgZkIt5MjLKkJ/YzCoW2TPIT6uT00jvf15jCUn//Fwru3b6igpag8MBC8Bnd7lQ+ ddFK25DW7amH19hipmKqcxP30C8In/cnAf6Q3WouZ+wV43PHPkPQ9fxQdxllx8V2 pw4lF4fvesUTt5AoegqV7fKmRV1D+EE/xWy+undzqzZkZH6qTMkvtrXkF8AEyeIK PJl4FtJAxnk3Fd7+ShsPiiB0Zomy8UHrrbxTQmvg4LL7e9SmHs+VD1Rd9wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNdPca/OAfCCtABAHc0283oJRBnQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg4MDIxMmJiLTUxYTgtNDExMS05ZmZiLWYxZmNlMmEzMzE1Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacHAwDQYJKoZIhvcNAQELBQADggEBAC1okZ9EDAlwN6SHU8Ot YnMPH66xPhWQ77aRiGJg58/tBpDlpIGMCX2XU+lluT5SJ6WnJe6anjQLVbqKljBT ABPK2tUzzLr/BzLqZGFp8023gg3y9fbUsN7O0EMwJZL7yunqOd7MYM3nb9GVtY/P 30n05MjVK2P5KJEKDAtv3I8Rv6PeSqgeuyKf3YTLrAd37sNF/3y+9O5gNsgHdZYL nhK0hf6q/l3ugXpzcL16AWtLkoXtzfnk8sqR0wBAYQtrQaXB00meml5DTseSKQUw q4nkXl6IQo+bz0aT/Tibg4WqxiZNDqIbmBEwf7Yf2+BPpIaTm4i61fZWo/ana2v8 S6M= -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:59 2025 by rpki-client