$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9b072caa-75fc-4171-a003-7c2d34288af7.roa File: 9b072caa-75fc-4171-a003-7c2d34288af7.roa (raw, json) Hash identifier: j/CJAk54P6/qGz6eVX3Wgbl+/pHIVcWcGcAEf45FIvc= Subject key identifier: AD:DE:45:FE:48:D9:DB:C4:F5:4B:89:75:9B:32:3E:E6:B2:3D:77:1C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4B2F2226317A8CD09E6E798DF2CCA147B2C85FFB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9b072caa-75fc-4171-a003-7c2d34288af7.roa Signing time: Sun 09 Nov 2025 00:40:08 +0000 ROA not before: Sun 09 Nov 2025 00:40:08 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da18::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:2f:22:26:31:7a:8c:d0:9e:6e:79:8d:f2:cc:a1:47:b2:c8:5f:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:40:08 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=559025e904aee82cd593ef14b23d83561ba82da9a69e40fe8cb67abbc3e4e068, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:0e:40:b8:6c:ce:9b:a7:84:67:e0:a4:be:2d: 1b:6f:11:ee:7e:43:cd:e4:e1:95:82:0b:8d:1c:17: d6:09:fa:05:a6:3d:55:90:e3:88:83:ca:80:ee:6c: 0e:e6:b6:4a:50:48:41:03:84:95:d9:eb:fa:dc:09: f7:17:db:8a:e1:57:7f:8b:d2:37:fd:0c:d3:47:ac: 2d:57:37:d1:54:71:be:23:23:f9:51:41:e6:33:6b: fc:53:96:8b:78:ac:6a:1b:e8:ad:1f:9a:27:80:27: c7:ef:e7:8a:ad:ab:a0:81:04:1a:5e:76:40:a7:1a: 56:ba:5b:11:7b:38:61:5d:73:26:6b:e4:cc:64:55: 5c:51:26:1a:a1:e1:c8:38:58:cc:71:f4:27:71:57: 08:ed:03:22:f9:61:73:76:e7:1d:f5:3a:87:eb:25: 0f:ab:0c:00:ed:b4:e2:eb:89:61:bb:27:38:f4:b1: 99:01:4d:6a:3a:47:9d:63:45:21:99:09:f3:32:ac: c2:1e:d2:fb:d2:bd:d1:65:9d:5b:9f:5e:c6:3f:04: ad:4a:17:43:d2:e5:bb:34:4c:6e:50:95:7e:21:d6: ad:f9:66:0d:b8:dd:02:08:94:fa:1d:11:ae:72:0b: 1a:e2:9a:3e:83:5f:ec:09:14:7c:5b:a8:ad:c1:5c: 1e:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:DE:45:FE:48:D9:DB:C4:F5:4B:89:75:9B:32:3E:E6:B2:3D:77:1C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9b072caa-75fc-4171-a003-7c2d34288af7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da18::/38 Signature Algorithm: sha256WithRSAEncryption 93:23:c7:e2:28:b0:ff:e6:f8:2d:71:42:bc:3b:4d:d1:2b:1f: 0a:95:ec:dc:ab:41:cf:7e:b5:19:9e:a5:bb:cb:7c:4b:67:35: 83:da:fe:14:77:83:67:6b:6b:35:6a:7d:9b:b2:b3:ca:ea:26: 47:fa:c4:b2:32:c4:b5:29:c2:1d:86:00:19:ef:37:a5:a0:04: 2c:b4:d3:4b:9b:7a:3b:00:f6:71:7a:20:2f:58:53:97:75:ee: ca:6e:88:37:10:8f:f5:ee:c0:5e:67:3b:a1:ce:4f:5f:d0:89: f7:38:8c:58:d0:27:42:34:25:0c:6f:23:99:0d:d5:96:b9:e2: f9:94:0f:94:09:e1:27:8f:a6:20:41:2f:09:b3:44:c9:08:29: ac:c9:90:33:42:76:b7:57:ea:6d:91:71:1f:72:5d:8a:4a:b4: 2d:f1:ad:09:61:b7:e5:29:5f:93:35:1c:16:74:4f:39:13:ca: 87:93:70:31:f1:f8:c4:29:7a:41:92:7f:e2:21:07:23:99:e7: e7:29:bc:79:82:c0:d4:65:88:db:4e:f7:45:59:9c:2a:63:ab: b8:1e:1f:ef:ef:db:2c:2c:d6:3c:82:5e:8e:74:d9:fd:c0:7a: 6e:46:3a:fa:e8:1b:fb:18:eb:c0:cc:52:99:25:7f:94:a8:94: b4:a2:9f:ff -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSy8iJjF6jNCebnmN8syhR7LIX/swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwNDAwOFoX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNANTU5MDI1ZTkwNGFlZTgyY2Q1OTNl ZjE0YjIzZDgzNTYxYmE4MmRhOWE2OWU0MGZlOGNiNjdhYmJjM2U0ZTA2ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQ5AuGzOm6eEZ+Ckvi0bbxHufkPN 5OGVgguNHBfWCfoFpj1VkOOIg8qA7mwO5rZKUEhBA4SV2ev63An3F9uK4Vd/i9I3 /QzTR6wtVzfRVHG+IyP5UUHmM2v8U5aLeKxqG+itH5ongCfH7+eKrauggQQaXnZA pxpWulsRezhhXXMma+TMZFVcUSYaoeHIOFjMcfQncVcI7QMi+WFzducd9TqH6yUP qwwA7bTi64lhuyc49LGZAU1qOkedY0UhmQnzMqzCHtL70r3RZZ1bn17GPwStShdD 0uW7NExuUJV+Idat+WYNuN0CCJT6HRGucgsa4po+g1/sCRR8W6itwVweTQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFK3eRf5I2dvE9UuJdZsyPuayPXccMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzliMDcyY2FhLTc1ZmMtNDE3MS1hMDAzLTdjMmQzNDI4OGFmNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaGAAwDQYJKoZIhvcNAQELBQADggEBAJMjx+IosP/m+C1xQrw7 TdErHwqV7NyrQc9+tRmepbvLfEtnNYPa/hR3g2drazVqfZuys8rqJkf6xLIyxLUp wh2GABnvN6WgBCy000ubejsA9nF6IC9YU5d17spuiDcQj/XuwF5nO6HOT1/Qifc4 jFjQJ0I0JQxvI5kN1Za54vmUD5QJ4SePpiBBLwmzRMkIKazJkDNCdrdX6m2RcR9y XYpKtC3xrQlht+UpX5M1HBZ0TzkTyoeTcDHx+MQpekGSf+IhByOZ5+cpvHmCwNRl iNtO90VZnCpjq7geH+/v2yws1jyCXo502f3Aem5GOvroG/sY68DMUpklf5SolLSi n/8= -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:26 2025 by rpki-client