$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8f6f25d8-bda7-4c31-a0ed-ee24700adf3a.roa File: 8f6f25d8-bda7-4c31-a0ed-ee24700adf3a.roa (raw, json) Hash identifier: x6E73l+44eEi19NoOb7LQvzCIwcyDW3AYI27oFnvmQE= Subject key identifier: 04:55:81:E9:B2:46:C9:74:66:13:A8:92:74:BB:52:52:CD:49:52:12 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 65227F9845D4F035811C9004FA5B5A4AFF0C195C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8f6f25d8-bda7-4c31-a0ed-ee24700adf3a.roa Signing time: Fri 07 Nov 2025 00:20:36 +0000 ROA not before: Fri 07 Nov 2025 00:20:36 +0000 ROA not after: Fri 12 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:2880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:22:7f:98:45:d4:f0:35:81:1c:90:04:fa:5b:5a:4a:ff:0c:19:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 7 00:20:36 2025 GMT Not After : Dec 12 23:59:59 2025 GMT Subject: serialNumber=4521b642db5081d1ab5fa56b877b32459957cffc9ba2be2101d633f8b5d7a440, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:e0:2e:d1:19:0c:ae:d4:c9:3d:e6:36:7f:aa: e3:63:da:01:30:a7:4d:4f:66:70:f0:18:db:59:8a: f5:98:a6:7e:d0:8a:3f:50:1a:c5:6d:cc:1f:1b:cc: c7:2d:c5:9f:d1:5b:cf:a3:24:25:9d:79:8a:22:76: 63:b6:c9:42:74:15:4b:14:98:15:f9:77:2e:09:36: eb:07:04:2b:80:03:de:fe:6a:86:29:e0:8c:56:2b: 4a:44:fb:f2:69:f4:18:48:da:dc:fc:0b:4b:69:39: 60:b3:e4:eb:54:c0:11:74:d3:9c:0a:e4:11:26:06: f3:5e:5d:51:da:36:a1:99:f5:cd:6c:fd:df:13:78: 2e:0c:99:02:18:d5:03:65:42:77:00:f0:d9:bb:b4: 9c:5a:21:2a:06:5d:d3:92:fc:70:53:7f:ae:cc:db: 8c:f6:8f:53:af:78:de:b2:a6:b4:31:e0:9b:8b:a2: 21:9b:d3:06:e9:fa:8d:94:70:1b:8e:8f:33:9f:76: bf:3b:e1:5d:af:40:16:2a:dc:75:9a:f5:86:64:0d: c6:a5:90:ca:a7:ea:9c:c2:ba:b3:cb:5e:b2:2f:0f: 0f:18:88:bb:61:7a:03:9f:84:fd:4e:01:59:87:c6: f7:36:11:04:28:87:b3:4e:62:9f:f9:63:b6:34:76: 85:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:55:81:E9:B2:46:C9:74:66:13:A8:92:74:BB:52:52:CD:49:52:12 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8f6f25d8-bda7-4c31-a0ed-ee24700adf3a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:2880::/48 Signature Algorithm: sha256WithRSAEncryption 87:24:0b:ef:18:cd:a4:55:5c:4e:0c:a0:8e:bc:89:07:16:c7: d3:cd:0a:5c:c1:21:15:2e:0a:8b:8c:2b:1d:d5:63:bc:f8:0e: 2b:8e:25:33:be:cb:36:45:49:bd:93:81:44:d1:5f:22:6f:f4: 5d:0a:6c:a3:bc:69:31:de:f2:3d:48:aa:7d:31:4c:61:2a:a0: c1:b7:a4:4f:76:87:5b:a8:86:30:d8:f2:4f:42:48:27:09:0c: eb:0a:1c:af:7c:b1:11:ae:12:d6:c0:60:3b:ea:76:a3:2b:1f: d4:24:6d:42:92:25:15:c3:ee:13:7e:46:b0:1b:33:64:19:ea: 43:a2:1e:d8:51:52:4d:22:b7:f0:b9:51:8f:6b:9b:e4:81:b8: 4e:80:7f:9e:04:f6:a0:6c:9d:af:89:ba:9b:a9:76:65:12:0c: 53:4e:0a:b0:78:03:5a:2f:b1:36:37:db:0e:a4:97:ad:bc:e1: 09:35:68:fc:7d:4b:8f:63:72:b0:0b:72:fd:59:f2:c1:d7:9c: 8e:7a:17:0b:cb:2d:6d:f0:fd:27:6c:ae:46:4a:30:d1:71:9a: 72:7d:cb:86:7f:98:89:25:45:db:34:92:9e:0d:9e:ce:0d:fa: 7d:3c:d1:cd:4c:41:15:7b:7e:52:fc:9f:28:7d:f2:59:b5:81: d4:88:73:71 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZSJ/mEXU8DWBHJAE+ltaSv8MGVwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNzAwMjAzNloX DTI1MTIxMjIzNTk1OVowejFJMEcGA1UEBRNANDUyMWI2NDJkYjUwODFkMWFiNWZh NTZiODc3YjMyNDU5OTU3Y2ZmYzliYTJiZTIxMDFkNjMzZjhiNWQ3YTQ0MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuAu0RkMrtTJPeY2f6rjY9oBMKdN T2Zw8BjbWYr1mKZ+0Io/UBrFbcwfG8zHLcWf0VvPoyQlnXmKInZjtslCdBVLFJgV +XcuCTbrBwQrgAPe/mqGKeCMVitKRPvyafQYSNrc/AtLaTlgs+TrVMARdNOcCuQR JgbzXl1R2jahmfXNbP3fE3guDJkCGNUDZUJ3APDZu7ScWiEqBl3TkvxwU3+uzNuM 9o9Tr3jesqa0MeCbi6Ihm9MG6fqNlHAbjo8zn3a/O+Fdr0AWKtx1mvWGZA3GpZDK p+qcwrqzy16yLw8PGIi7YXoDn4T9TgFZh8b3NhEEKIezTmKf+WO2NHaF4QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFARVgemyRsl0ZhOoknS7UlLNSVISMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhmNmYyNWQ4LWJkYTctNGMzMS1hMGVkLWVlMjQ3MDBhZGYzYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYSiAMA0GCSqGSIb3DQEBCwUAA4IBAQCHJAvvGM2kVVxODKCO vIkHFsfTzQpcwSEVLgqLjCsd1WO8+A4rjiUzvss2RUm9k4FE0V8ib/RdCmyjvGkx 3vI9SKp9MUxhKqDBt6RPdodbqIYw2PJPQkgnCQzrChyvfLERrhLWwGA76najKx/U JG1CkiUVw+4TfkawGzNkGepDoh7YUVJNIrfwuVGPa5vkgbhOgH+eBPagbJ2vibqb qXZlEgxTTgqweANaL7E2N9sOpJetvOEJNWj8fUuPY3KwC3L9WfLB15yOehcLyy1t 8P0nbK5GSjDRcZpyfcuGf5iJJUXbNJKeDZ7ODfp9PNHNTEEVe35S/J8offJZtYHU iHNx -----END CERTIFICATE-----Generated at Tue Nov 18 10:40:25 2025 by rpki-client