$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8ca371d9-2153-4053-99ac-1bdc0c4294ab.roa File: 8ca371d9-2153-4053-99ac-1bdc0c4294ab.roa (raw, json) Hash identifier: SFN17Y1h/7XiK4GGnhzXGOkv+Ih7gW8SbFbbMOom17U= Subject key identifier: 9F:C4:3C:C2:3F:2A:93:53:D0:97:2F:74:8D:92:90:D1:94:28:9F:0F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4D7501EC7F1F2143E4173751055FADFDFCB8818A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8ca371d9-2153-4053-99ac-1bdc0c4294ab.roa Signing time: Fri 07 Nov 2025 00:50:04 +0000 ROA not before: Fri 07 Nov 2025 00:50:04 +0000 ROA not after: Fri 12 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:8020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:75:01:ec:7f:1f:21:43:e4:17:37:51:05:5f:ad:fd:fc:b8:81:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 7 00:50:04 2025 GMT Not After : Dec 12 23:59:59 2025 GMT Subject: serialNumber=a56681d66f3b396881c1e67b3b980a511c14043803b1c550b9624f470127c922, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:e0:b9:6f:de:f0:86:b7:91:f0:b3:d1:18:a7: 93:d0:82:b5:ac:47:b7:b5:b3:25:3b:29:12:a7:eb: f4:82:37:5c:fd:d6:0a:59:04:fb:4b:a7:7d:7c:7f: b6:c1:d8:64:2c:57:d4:88:0f:78:a7:08:b1:c7:6b: 30:63:45:44:30:1f:e9:cb:5a:a8:e4:82:9a:3d:be: 65:cc:51:fb:79:a9:f6:11:5a:93:fe:9d:73:38:38: eb:e8:d3:30:e8:47:84:6f:82:ee:df:17:31:62:04: ec:64:b1:2a:5f:f3:a6:aa:03:4f:4e:f5:dd:5b:7d: 41:0a:3f:65:82:c0:2e:e8:51:42:bc:3d:c6:60:2b: 21:28:8a:1a:69:1d:d1:40:ab:f0:84:f8:15:63:be: 5d:16:6d:95:f2:3c:ee:e7:d9:7a:61:1b:d2:2e:6f: d3:f9:8c:34:8b:1d:5b:f4:5c:33:33:3c:43:ec:98: b1:66:4b:55:d0:00:ae:fe:57:ab:18:63:80:ee:55: 30:a6:4c:1c:88:0f:27:49:f6:46:29:9e:eb:c2:c2: 6b:87:a0:b8:c4:4a:e8:d2:7c:b7:a4:a7:5f:ee:df: 78:62:0b:58:18:86:c4:b6:09:46:d2:f9:32:4b:2d: e5:6c:3d:e1:d5:48:fd:f3:2e:b9:08:0c:51:23:f8: 6c:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:C4:3C:C2:3F:2A:93:53:D0:97:2F:74:8D:92:90:D1:94:28:9F:0F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8ca371d9-2153-4053-99ac-1bdc0c4294ab.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:8020::/48 Signature Algorithm: sha256WithRSAEncryption 5c:96:ee:cd:8d:4a:ef:f8:c1:4a:4d:96:f4:fa:0d:3c:ae:55: 76:f8:23:ca:ed:e6:83:ab:15:a7:8c:78:1f:21:d8:a5:07:89: d2:68:0e:11:42:25:70:40:09:20:2c:f3:db:a6:05:a0:63:ca: 2f:38:b9:a2:0a:4d:0e:55:94:5e:06:15:29:49:33:a7:95:74: 72:c5:8b:92:d7:f5:6d:73:c3:f2:e2:d8:f3:b9:67:a2:44:dd: 62:9c:0c:d1:1d:6c:57:7f:24:03:b3:70:ae:1e:f5:eb:e6:7a: fc:12:dc:2b:cf:15:5d:9a:88:d8:d2:32:8f:78:37:f6:24:45: da:27:6a:41:7d:04:48:fd:89:e8:bb:44:79:25:3f:a3:f1:d7: 64:97:45:a2:56:e4:2a:57:85:f6:3e:02:6c:69:5a:9b:da:5a: 26:83:b2:a0:42:72:91:de:06:ee:23:00:1e:37:40:77:28:d1: 61:a0:8b:b4:e0:6f:bf:47:27:72:8e:28:89:ae:04:60:72:cf: 11:74:6f:44:21:6c:1a:0f:79:44:57:4d:a7:ce:78:3c:32:34: bc:ba:7c:ab:5e:d6:ec:0d:f5:9f:6e:91:07:29:42:f6:82:4d: 85:ed:f6:d5:80:a1:60:cb:25:c7:90:2f:ae:b4:bb:f0:41:88: e3:d7:94:6d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUTXUB7H8fIUPkFzdRBV+t/fy4gYowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNzAwNTAwNFoX DTI1MTIxMjIzNTk1OVowejFJMEcGA1UEBRNAYTU2NjgxZDY2ZjNiMzk2ODgxYzFl NjdiM2I5ODBhNTExYzE0MDQzODAzYjFjNTUwYjk2MjRmNDcwMTI3YzkyMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeC5b97whreR8LPRGKeT0IK1rEe3 tbMlOykSp+v0gjdc/dYKWQT7S6d9fH+2wdhkLFfUiA94pwixx2swY0VEMB/py1qo 5IKaPb5lzFH7ean2EVqT/p1zODjr6NMw6EeEb4Lu3xcxYgTsZLEqX/OmqgNPTvXd W31BCj9lgsAu6FFCvD3GYCshKIoaaR3RQKvwhPgVY75dFm2V8jzu59l6YRvSLm/T +Yw0ix1b9FwzMzxD7JixZktV0ACu/lerGGOA7lUwpkwciA8nSfZGKZ7rwsJrh6C4 xEro0ny3pKdf7t94YgtYGIbEtglG0vkySy3lbD3h1Uj98y65CAxRI/hsDwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJ/EPMI/KpNT0JcvdI2SkNGUKJ8PMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhjYTM3MWQ5LTIxNTMtNDA1My05OWFjLTFiZGMwYzQyOTRhYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAIAgMA0GCSqGSIb3DQEBCwUAA4IBAQBclu7NjUrv+MFKTZb0 +g08rlV2+CPK7eaDqxWnjHgfIdilB4nSaA4RQiVwQAkgLPPbpgWgY8ovOLmiCk0O VZReBhUpSTOnlXRyxYuS1/Vtc8Py4tjzuWeiRN1inAzRHWxXfyQDs3CuHvXr5nr8 EtwrzxVdmojY0jKPeDf2JEXaJ2pBfQRI/Ynou0R5JT+j8ddkl0WiVuQqV4X2PgJs aVqb2lomg7KgQnKR3gbuIwAeN0B3KNFhoIu04G+/RydyjiiJrgRgcs8RdG9EIWwa D3lEV02nzng8MjS8unyrXtbsDfWfbpEHKUL2gk2F7fbVgKFgyyXHkC+utLvwQYjj 15Rt -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:21 2025 by rpki-client