$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ac94887b-5f68-400d-969c-c7c686f570d1.roa File: ac94887b-5f68-400d-969c-c7c686f570d1.roa (raw, json) Hash identifier: raQqOUJOnqbQPwNCQLKO5oU0SHX3/kFPlzCn8p8tOnU= Subject key identifier: C7:48:F8:F9:05:AC:5E:EE:82:ED:53:51:FF:30:45:41:96:6C:7B:23 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 218F6EB6222E42C1B6A006543465E6F8EEF0C18D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ac94887b-5f68-400d-969c-c7c686f570d1.roa Signing time: Sat 08 Nov 2025 00:10:30 +0000 ROA not before: Sat 08 Nov 2025 00:10:30 +0000 ROA not after: Sat 13 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:8f:6e:b6:22:2e:42:c1:b6:a0:06:54:34:65:e6:f8:ee:f0:c1:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 8 00:10:30 2025 GMT Not After : Dec 13 23:59:59 2025 GMT Subject: serialNumber=a576507566c9814dae37f2d4e291e7d0aae41f8cd706d5b9783794edbf5eba68, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:00:18:7b:43:0f:a9:62:63:69:16:c8:a6:c9: 1a:ea:02:44:8c:43:17:ae:05:66:58:89:53:ae:29: 3b:04:9a:f0:75:2f:18:70:e0:2b:95:3c:ad:90:3e: 8b:a3:f1:a9:57:92:6e:eb:c5:8e:3c:84:11:78:dd: fc:14:2f:76:5b:55:88:7d:ca:3f:82:2e:2c:8d:6d: 8c:80:27:8d:07:03:00:bf:be:fa:62:6c:d1:6a:51: 24:47:d2:24:e1:bb:29:1b:4b:90:3b:c0:68:89:c4: c5:67:d8:3f:a9:d8:c1:9b:89:1c:ed:6a:ef:91:82: 80:88:29:9e:38:0d:6a:af:aa:0c:2c:06:4f:54:01: ae:c9:81:b2:19:5e:22:cc:9e:93:c4:a9:b7:77:fe: f9:16:49:a3:8e:7b:af:ed:61:e3:03:76:2d:4d:80: 60:de:de:d9:f4:48:d5:de:8e:64:ee:59:5c:e1:e0: 16:70:8f:53:ac:9c:90:f5:7f:0a:3c:6e:8a:b7:ad: cf:27:f4:71:e1:93:69:82:40:85:9d:10:6d:5e:6a: 8f:21:c2:de:33:9e:bc:98:80:b5:53:ed:b8:a6:70: d7:bc:0a:20:da:f8:91:41:40:b7:93:a1:23:92:de: 9f:bf:09:1e:3c:68:47:61:8e:0d:18:c4:69:38:b4: 30:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:48:F8:F9:05:AC:5E:EE:82:ED:53:51:FF:30:45:41:96:6C:7B:23 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ac94887b-5f68-400d-969c-c7c686f570d1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:1000::/40 Signature Algorithm: sha256WithRSAEncryption 22:12:4a:c9:45:f4:a5:9d:04:7e:d2:2a:5f:f7:16:73:5d:79: 1b:da:5d:4a:91:0f:01:af:ae:b5:e1:67:a9:8d:a2:6e:97:89: 59:a5:4b:81:4f:b5:94:8b:f3:a3:aa:f1:5e:16:df:5b:c4:71: f6:71:c5:65:78:c0:1c:b6:e9:31:f5:0d:4c:df:93:a9:6b:62: 8a:fd:b9:8a:aa:5f:35:ac:d4:f8:b7:39:1d:3a:e2:26:0d:82: e2:94:f9:34:8a:8c:a3:6c:8a:62:8e:ce:3c:a4:1f:b2:0e:16: 86:68:e2:de:57:e3:ad:3e:3a:c9:97:98:a9:c1:85:75:53:51: c2:8a:f6:c8:93:0a:ec:cb:03:b9:ce:e8:c4:09:47:f0:43:11: ca:fa:b4:91:68:f7:c5:e4:4f:4e:cb:b7:58:9e:c6:16:2d:e9: bb:03:db:7d:d0:1a:6e:f8:d8:b9:2e:2a:82:26:70:f8:b5:00: 16:8b:bd:e3:95:6f:1a:fd:7e:87:62:82:a6:78:f0:91:f0:cf: 96:94:dc:a4:3d:af:c5:7d:66:2e:b9:2f:cf:b8:6f:74:32:e1: 3a:3e:d4:f3:d5:c8:b3:38:dc:f9:04:20:af:de:1c:17:71:4f: 70:4d:cb:0e:af:69:ea:af:e9:ba:54:c6:ed:56:34:56:ed:be: 9d:ef:d3:a2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIY9utiIuQsG2oAZUNGXm+O7wwY0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwODAwMTAzMFoX DTI1MTIxMzIzNTk1OVowejFJMEcGA1UEBRNAYTU3NjUwNzU2NmM5ODE0ZGFlMzdm MmQ0ZTI5MWU3ZDBhYWU0MWY4Y2Q3MDZkNWI5NzgzNzk0ZWRiZjVlYmE2ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgAYe0MPqWJjaRbIpska6gJEjEMX rgVmWIlTrik7BJrwdS8YcOArlTytkD6Lo/GpV5Ju68WOPIQReN38FC92W1WIfco/ gi4sjW2MgCeNBwMAv776YmzRalEkR9Ik4bspG0uQO8BoicTFZ9g/qdjBm4kc7Wrv kYKAiCmeOA1qr6oMLAZPVAGuyYGyGV4izJ6TxKm3d/75Fkmjjnuv7WHjA3YtTYBg 3t7Z9EjV3o5k7llc4eAWcI9TrJyQ9X8KPG6Kt63PJ/Rx4ZNpgkCFnRBtXmqPIcLe M568mIC1U+24pnDXvAog2viRQUC3k6Ejkt6fvwkePGhHYY4NGMRpOLQw5wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMdI+PkFrF7ugu1TUf8wRUGWbHsjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FjOTQ4ODdiLTVmNjgtNDAwZC05NjljLWM3YzY4NmY1NzBkMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8hAwDQYJKoZIhvcNAQELBQADggEBACISSslF9KWdBH7SKl/3 FnNdeRvaXUqRDwGvrrXhZ6mNom6XiVmlS4FPtZSL86Oq8V4W31vEcfZxxWV4wBy2 6TH1DUzfk6lrYor9uYqqXzWs1Pi3OR064iYNguKU+TSKjKNsimKOzjykH7IOFoZo 4t5X460+OsmXmKnBhXVTUcKK9siTCuzLA7nO6MQJR/BDEcr6tJFo98XkT07Lt1ie xhYt6bsD233QGm742LkuKoImcPi1ABaLveOVbxr9fodigqZ48JHwz5aU3KQ9r8V9 Zi65L8+4b3Qy4To+1PPVyLM43PkEIK/eHBdxT3BNyw6vaeqv6bpUxu1WNFbtvp3v 06I= -----END CERTIFICATE-----Generated at Tue Nov 18 10:40:23 2025 by rpki-client