$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a1d2e49b-19af-4fac-9021-489155cff427.roa File: a1d2e49b-19af-4fac-9021-489155cff427.roa (raw, json) Hash identifier: XHDQvWdcfxgDyma3Jt0uiylg0ASFh3LLUls3xV/qM3Y= Subject key identifier: 69:38:45:52:C5:10:D5:A5:72:FC:69:34:28:CC:EE:F5:C6:11:D2:44 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 43D8EFF637C42946A6498A0922A624FE67434276 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a1d2e49b-19af-4fac-9021-489155cff427.roa Signing time: Fri 07 Nov 2025 00:30:16 +0000 ROA not before: Fri 07 Nov 2025 00:30:16 +0000 ROA not after: Fri 12 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:4880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:d8:ef:f6:37:c4:29:46:a6:49:8a:09:22:a6:24:fe:67:43:42:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 7 00:30:16 2025 GMT Not After : Dec 12 23:59:59 2025 GMT Subject: serialNumber=e4ace613a8de5a5647d05499225bf824c0fe251110ce720cbe686609062b745b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:f8:8c:a8:a0:d7:66:26:a5:74:f2:0b:70:c7: 4f:0a:2a:d7:d4:64:d2:32:8f:fc:b3:01:ee:1b:71: e0:c2:ef:07:f4:cf:27:f9:b1:f7:01:7c:57:d6:20: 97:f4:4d:5b:46:7a:1a:cb:05:54:50:96:e4:3c:50: 16:e8:a6:8d:57:aa:17:06:35:32:34:48:34:06:f3: f5:45:b6:29:2a:8a:60:6c:0a:10:cc:4f:ad:00:31: 77:96:36:b4:fd:72:b0:5b:69:0e:11:f7:25:6d:17: d4:33:5f:9b:84:e4:c7:c7:1d:3c:3f:d2:4b:6e:c1: 16:d3:bc:92:f0:41:df:a3:cf:13:18:3e:26:57:b1: 1a:2b:3f:5d:e0:25:c1:0a:8d:07:7b:44:f6:31:67: e7:4e:c0:c1:4d:ac:21:33:3d:0f:79:cd:89:d1:b5: 53:06:05:f8:e9:40:ac:5d:9c:d5:7d:1b:49:98:0b: 0c:2d:ac:0b:e2:bd:3a:29:9e:24:f0:8e:68:00:be: f3:c4:d6:5c:35:ba:83:fd:a7:7e:b7:64:9a:1e:50: 03:7c:43:b5:c0:67:05:02:e1:c9:fd:5c:f1:07:83: 9d:30:60:46:12:3f:cf:50:48:fe:49:dc:9e:f8:de: 36:0a:04:bc:b3:96:2d:45:f0:34:3b:a8:ae:eb:45: 10:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:38:45:52:C5:10:D5:A5:72:FC:69:34:28:CC:EE:F5:C6:11:D2:44 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a1d2e49b-19af-4fac-9021-489155cff427.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:4880::/48 Signature Algorithm: sha256WithRSAEncryption 1d:8d:38:f1:a5:c9:3c:3c:c0:58:1a:55:01:29:cf:4a:e7:f7: 8f:12:5c:57:20:68:38:0a:38:8b:87:96:14:4f:f1:28:6f:df: 2a:2b:f5:21:e7:8c:07:f6:98:eb:ec:fa:c1:32:61:55:75:20: 19:2e:7a:77:6c:75:a9:3a:d7:08:16:05:d3:47:2d:ba:5d:ec: 02:3d:0e:c6:ae:be:f1:61:10:bf:e3:d2:db:a3:43:93:99:fa: 02:2e:b4:45:ea:ce:39:6a:b0:a4:6f:1f:5a:c3:24:3e:57:73: 94:1f:cc:15:de:63:29:26:65:51:b6:cd:72:50:fa:9d:73:29: 99:99:12:e3:dd:3c:3c:8a:a7:4e:38:77:03:6b:c4:92:e2:3b: ca:ca:23:4d:02:2c:71:76:c9:cb:46:eb:ab:dc:17:ec:f2:55: 20:50:38:95:38:ad:82:b1:ae:6a:08:5a:7b:68:d0:65:01:99: 42:f2:08:d9:eb:b7:1b:26:5a:3f:9a:ed:b3:da:10:ee:40:24: 66:5b:23:d7:82:66:94:68:f3:a4:0b:00:63:87:55:19:51:d4: 8d:f5:bf:35:5b:28:4a:85:51:4b:93:21:c5:04:56:aa:ef:fe: e2:3b:da:29:b3:53:b0:85:42:0c:f0:c2:b2:1c:c3:bc:ce:9c: 47:4c:1f:1e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUQ9jv9jfEKUamSYoJIqYk/mdDQnYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNzAwMzAxNloX DTI1MTIxMjIzNTk1OVowejFJMEcGA1UEBRNAZTRhY2U2MTNhOGRlNWE1NjQ3ZDA1 NDk5MjI1YmY4MjRjMGZlMjUxMTEwY2U3MjBjYmU2ODY2MDkwNjJiNzQ1YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/iMqKDXZialdPILcMdPCirX1GTS Mo/8swHuG3Hgwu8H9M8n+bH3AXxX1iCX9E1bRnoaywVUUJbkPFAW6KaNV6oXBjUy NEg0BvP1RbYpKopgbAoQzE+tADF3lja0/XKwW2kOEfclbRfUM1+bhOTHxx08P9JL bsEW07yS8EHfo88TGD4mV7EaKz9d4CXBCo0He0T2MWfnTsDBTawhMz0Pec2J0bVT BgX46UCsXZzVfRtJmAsMLawL4r06KZ4k8I5oAL7zxNZcNbqD/ad+t2SaHlADfEO1 wGcFAuHJ/VzxB4OdMGBGEj/PUEj+Sdye+N42CgS8s5YtRfA0O6iu60UQ2QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGk4RVLFENWlcvxpNCjM7vXGEdJEMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ExZDJlNDliLTE5YWYtNGZhYy05MDIxLTQ4OTE1NWNmZjQyNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/0iAMA0GCSqGSIb3DQEBCwUAA4IBAQAdjTjxpck8PMBYGlUB Kc9K5/ePElxXIGg4CjiLh5YUT/Eob98qK/Uh54wH9pjr7PrBMmFVdSAZLnp3bHWp OtcIFgXTRy26XewCPQ7Grr7xYRC/49Lbo0OTmfoCLrRF6s45arCkbx9awyQ+V3OU H8wV3mMpJmVRts1yUPqdcymZmRLj3Tw8iqdOOHcDa8SS4jvKyiNNAixxdsnLRuur 3Bfs8lUgUDiVOK2Csa5qCFp7aNBlAZlC8gjZ67cbJlo/mu2z2hDuQCRmWyPXgmaU aPOkCwBjh1UZUdSN9b81WyhKhVFLkyHFBFaq7/7iO9ops1OwhUIM8MKyHMO8zpxH TB8e -----END CERTIFICATE-----Generated at Tue Nov 18 09:37:24 2025 by rpki-client