$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b2265854-ac1c-4e5a-a794-d4ce1e5833ad.roa File: b2265854-ac1c-4e5a-a794-d4ce1e5833ad.roa (raw, json) Hash identifier: Eighs2JWLZ8uy52wtUM8Ufi/tOKjYq3XMJLIRS0HuKo= Subject key identifier: 0F:E4:FA:CB:F8:10:C3:24:15:C0:22:39:FA:E3:B8:DE:78:F8:67:85 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7EF51F47C76BF4417D553BFBD42AF714ADAB72F3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b2265854-ac1c-4e5a-a794-d4ce1e5833ad.roa Signing time: Fri 07 Nov 2025 00:01:07 +0000 ROA not before: Fri 07 Nov 2025 00:01:07 +0000 ROA not after: Fri 12 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:8800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:f5:1f:47:c7:6b:f4:41:7d:55:3b:fb:d4:2a:f7:14:ad:ab:72:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 7 00:01:07 2025 GMT Not After : Dec 12 23:59:59 2025 GMT Subject: serialNumber=ace5b15f5c86c97165cb409ae8080e094639369c14185b260c9e9b874d936cb4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:8c:f4:93:a2:13:c0:72:44:3e:ca:c2:83:34: 02:61:f5:ce:e6:a4:4c:ed:ed:81:6f:24:fe:ae:21: ca:ae:93:0e:64:f4:b1:ff:d1:b1:d6:df:83:ec:fd: ce:b0:1c:d4:b1:d5:c5:87:88:28:01:22:e1:a9:95: 0b:1e:93:57:70:f7:cd:91:bd:64:61:f4:9f:2d:01: 10:92:93:17:a1:6f:81:97:d2:41:cc:68:dd:74:81: 37:3b:e3:75:73:b2:0c:2a:37:b7:ef:36:86:88:82: 5d:c4:ab:76:73:4e:85:14:a6:9b:6d:75:c9:27:c5: 4e:35:3a:ca:32:84:40:0b:bd:4f:96:a6:25:0b:84: f6:17:88:7d:c9:cd:65:a9:b1:db:71:62:66:57:9d: f9:f0:96:a7:37:56:9b:3a:e7:c9:d8:89:d9:01:b5: 32:13:dd:cb:b2:28:b3:0b:1b:cb:98:c0:66:e1:29: a9:01:d7:ae:e0:d3:84:9f:cd:5d:e3:d0:5f:81:18: 3d:df:a0:cd:94:d6:17:0b:40:f7:d2:b0:de:fb:10: 81:a9:3a:c6:3d:bc:1c:43:95:91:1e:18:a4:1c:25: 60:4b:5c:8a:69:2f:02:17:e0:8e:83:66:b9:3b:37: 0f:89:92:a2:03:d9:30:42:15:15:66:7c:ad:ee:d0: 30:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:E4:FA:CB:F8:10:C3:24:15:C0:22:39:FA:E3:B8:DE:78:F8:67:85 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b2265854-ac1c-4e5a-a794-d4ce1e5833ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:8800::/40 Signature Algorithm: sha256WithRSAEncryption 02:d1:6f:0a:17:60:55:18:15:7a:bd:66:12:79:61:c8:80:d6: 34:7f:b2:df:cd:a3:74:bb:bc:ee:e3:e1:e1:93:1a:c0:3b:cb: 66:be:f0:54:48:52:dc:0e:eb:30:79:0f:ab:f8:28:89:a5:33: e7:f5:f2:1e:5f:a2:9f:79:a1:ba:f5:9e:af:ce:49:6a:62:86: 84:02:ed:e0:df:51:a6:03:5c:17:f0:5f:fd:3e:ed:f8:b5:18: 56:e1:7e:44:90:fc:bb:78:d5:ff:69:49:60:de:6f:14:ba:ae: 72:30:7e:c6:8b:f2:15:5a:6b:a7:8d:b4:92:95:43:c7:fe:0b: 9a:4f:f3:0a:50:27:eb:c2:be:de:8b:d8:07:c1:62:ab:2c:6f: 2a:ce:a7:35:3f:21:c5:3c:e2:60:4e:f3:27:2a:1c:8b:3f:b7: f6:bf:7a:d6:ab:3b:d2:f9:fc:97:15:37:e4:7f:97:3b:55:14: 5d:85:72:a3:4c:dd:81:bc:e6:5f:19:99:af:a7:6e:77:91:41: 08:65:be:5c:05:98:d0:61:30:54:ff:c7:d3:ac:ed:e3:94:b9: 55:f1:4a:fd:62:c9:8c:8c:38:8e:49:f7:55:6c:8c:7a:53:69: 87:0b:07:33:7d:52:a7:b1:e3:87:a0:dc:96:7f:bd:c2:45:dd: 04:ee:1a:6c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfvUfR8dr9EF9VTv71Cr3FK2rcvMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNzAwMDEwN1oX DTI1MTIxMjIzNTk1OVowejFJMEcGA1UEBRNAYWNlNWIxNWY1Yzg2Yzk3MTY1Y2I0 MDlhZTgwODBlMDk0NjM5MzY5YzE0MTg1YjI2MGM5ZTliODc0ZDkzNmNiNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoz0k6ITwHJEPsrCgzQCYfXO5qRM 7e2BbyT+riHKrpMOZPSx/9Gx1t+D7P3OsBzUsdXFh4goASLhqZULHpNXcPfNkb1k YfSfLQEQkpMXoW+Bl9JBzGjddIE3O+N1c7IMKje37zaGiIJdxKt2c06FFKabbXXJ J8VONTrKMoRAC71PlqYlC4T2F4h9yc1lqbHbcWJmV5358JanN1abOufJ2InZAbUy E93LsiizCxvLmMBm4SmpAdeu4NOEn81d49BfgRg936DNlNYXC0D30rDe+xCBqTrG PbwcQ5WRHhikHCVgS1yKaS8CF+COg2a5OzcPiZKiA9kwQhUVZnyt7tAwPQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFA/k+sv4EMMkFcAiOfrjuN54+GeFMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IyMjY1ODU0LWFjMWMtNGU1YS1hNzk0LWQ0Y2UxZTU4MzNhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOIgwDQYJKoZIhvcNAQELBQADggEBAALRbwoXYFUYFXq9ZhJ5 YciA1jR/st/No3S7vO7j4eGTGsA7y2a+8FRIUtwO6zB5D6v4KImlM+f18h5fop95 obr1nq/OSWpihoQC7eDfUaYDXBfwX/0+7fi1GFbhfkSQ/Lt41f9pSWDebxS6rnIw fsaL8hVaa6eNtJKVQ8f+C5pP8wpQJ+vCvt6L2AfBYqssbyrOpzU/IcU84mBO8ycq HIs/t/a/etarO9L5/JcVN+R/lztVFF2FcqNM3YG85l8Zma+nbneRQQhlvlwFmNBh MFT/x9Os7eOUuVXxSv1iyYyMOI5J91VsjHpTaYcLBzN9Uqex44eg3JZ/vcJF3QTu Gmw= -----END CERTIFICATE-----Generated at Tue Nov 18 10:40:17 2025 by rpki-client