$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bb4fc6d-b270-4df7-a776-77d2795dda17.roa File: 8bb4fc6d-b270-4df7-a776-77d2795dda17.roa (raw, json) Hash identifier: LUXdPmkkFXn+P5AZhwCdZmMuF5oAVXy1BUohwevF69A= Subject key identifier: 6D:E5:7D:F0:D4:AB:20:AA:91:6C:D4:4C:CC:BE:5D:5A:91:90:A4:0C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 19552DBEC258EF925DEF3BAF896DB12DA30EFCE7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bb4fc6d-b270-4df7-a776-77d2795dda17.roa Signing time: Sun 09 Nov 2025 00:10:04 +0000 ROA not before: Sun 09 Nov 2025 00:10:04 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da16:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:55:2d:be:c2:58:ef:92:5d:ef:3b:af:89:6d:b1:2d:a3:0e:fc:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:10:04 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=b3ac47e62094b1b39a390a3ee121782cbc66920446d858d52a81a07e60a67b83, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:6a:0d:3b:cd:f4:55:df:80:dc:9a:f1:b4:c5: 8f:26:7e:1e:f4:ef:91:ea:e4:1b:2a:6b:5f:ac:6b: f2:69:d0:a8:51:05:cf:01:27:10:33:79:23:20:62: cd:6d:7a:71:fa:3e:bd:d9:9a:ad:08:9b:7e:82:c8: 26:6e:57:42:de:28:6a:99:c1:ca:42:43:a7:89:9c: 49:80:98:69:41:cd:65:11:93:0f:16:00:b7:63:16: f5:b2:98:a0:88:65:f0:3a:c1:c0:2f:7f:53:1d:9a: 04:b9:bf:e3:ed:41:01:c3:dd:5a:4d:ab:5d:27:c4: 14:28:01:ae:02:32:ed:f6:f3:1d:2a:a3:fa:da:70: dc:93:25:52:05:f6:6a:cb:91:27:0d:bd:7a:5e:c7: 61:a8:cd:cd:fa:a4:81:e0:61:c4:01:c8:28:87:f2: 94:1f:20:f3:60:78:9c:81:fc:d0:35:c1:4f:6e:9f: 5d:1c:e6:77:1d:4c:16:49:3f:31:bb:98:0b:23:6f: 02:5b:df:fe:51:80:25:86:c2:d9:f7:c1:1e:7f:5b: 54:cd:b8:15:b0:35:dd:9c:de:70:5f:a0:d0:dc:3b: 1e:d9:9f:e1:f2:b8:d9:df:0e:c0:ff:a9:a4:ab:98: cc:70:f0:d3:e4:44:6e:9a:1a:d7:d1:0a:3b:59:aa: 60:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:E5:7D:F0:D4:AB:20:AA:91:6C:D4:4C:CC:BE:5D:5A:91:90:A4:0C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bb4fc6d-b270-4df7-a776-77d2795dda17.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da16:c00::/38 Signature Algorithm: sha256WithRSAEncryption 9a:c7:17:42:82:d8:c5:f9:e3:ee:f7:36:91:26:e8:96:f2:3c: f7:58:54:32:e2:9f:1b:55:16:0f:4c:81:23:cf:0e:19:a3:7e: 27:7f:f6:db:09:b8:83:9a:3b:8b:8a:d3:1d:37:93:6e:86:a0: 26:a5:72:28:9c:98:c1:f4:40:4d:4f:57:aa:ec:11:89:65:04: 1a:33:ca:44:4c:c5:37:de:12:ec:f0:44:ef:a1:c7:2b:3e:cb: 72:05:fc:e8:92:1a:5d:ba:49:b9:1b:b0:80:00:1e:55:be:9e: be:3b:90:2b:a5:87:6e:2f:be:c6:44:08:c1:c7:13:56:b7:be: 67:62:cf:19:57:a8:9d:e0:d4:84:e1:24:b3:3e:fb:10:86:c0: 56:ad:b8:11:eb:57:5d:16:f8:d9:73:2a:4a:15:97:05:65:6f: 38:05:df:44:09:bf:8c:47:1e:4c:7c:ba:d4:fe:69:5c:a8:44: 57:f2:46:cc:66:0f:86:66:e8:b1:4f:19:f7:03:9f:29:4b:ab: 89:91:22:72:3f:76:19:7c:7f:46:4c:aa:2b:b1:1b:4c:d4:d2: 6b:16:b4:4f:a9:b3:41:7f:e3:ae:9f:35:aa:26:fe:49:f5:24: c6:2a:6a:51:aa:a3:15:66:0b:c2:3d:de:e2:b9:33:d4:30:34: 4a:92:56:d9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGVUtvsJY75Jd7zuviW2xLaMO/OcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwMTAwNFoX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAYjNhYzQ3ZTYyMDk0YjFiMzlhMzkw YTNlZTEyMTc4MmNiYzY2OTIwNDQ2ZDg1OGQ1MmE4MWEwN2U2MGE2N2I4MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGoNO830Vd+A3JrxtMWPJn4e9O+R 6uQbKmtfrGvyadCoUQXPAScQM3kjIGLNbXpx+j692ZqtCJt+gsgmbldC3ihqmcHK QkOniZxJgJhpQc1lEZMPFgC3Yxb1spigiGXwOsHAL39THZoEub/j7UEBw91aTatd J8QUKAGuAjLt9vMdKqP62nDckyVSBfZqy5EnDb16XsdhqM3N+qSB4GHEAcgoh/KU HyDzYHicgfzQNcFPbp9dHOZ3HUwWST8xu5gLI28CW9/+UYAlhsLZ98Eef1tUzbgV sDXdnN5wX6DQ3Dse2Z/h8rjZ3w7A/6mkq5jMcPDT5ERumhrX0Qo7WapgxwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG3lffDUqyCqkWzUTMy+XVqRkKQMMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhiYjRmYzZkLWIyNzAtNGRmNy1hNzc2LTc3ZDI3OTVkZGExNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaFgwwDQYJKoZIhvcNAQELBQADggEBAJrHF0KC2MX54+73NpEm 6JbyPPdYVDLinxtVFg9MgSPPDhmjfid/9tsJuIOaO4uK0x03k26GoCalciicmMH0 QE1PV6rsEYllBBozykRMxTfeEuzwRO+hxys+y3IF/OiSGl26SbkbsIAAHlW+nr47 kCulh24vvsZECMHHE1a3vmdizxlXqJ3g1IThJLM++xCGwFatuBHrV10W+NlzKkoV lwVlbzgF30QJv4xHHkx8utT+aVyoRFfyRsxmD4Zm6LFPGfcDnylLq4mRInI/dhl8 f0ZMqiuxG0zU0msWtE+ps0F/466fNaom/kn1JMYqalGqoxVmC8I93uK5M9QwNEqS Vtk= -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:23 2025 by rpki-client