$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b2c4a732-dc00-4f72-ba69-6114e24b0802.roa File: b2c4a732-dc00-4f72-ba69-6114e24b0802.roa (raw, json) Hash identifier: Cpm0XoTmPGogSTV+0IcGzTX09q2Bzgg5R/JgRKb8uvc= Subject key identifier: 7E:55:A1:7F:EC:0E:79:40:C3:08:C0:9B:C8:7D:66:DB:27:2C:CB:1C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 37A9B4FF185FD9ACDA245F2287BF8656D1D25186 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b2c4a732-dc00-4f72-ba69-6114e24b0802.roa Signing time: Sun 09 Nov 2025 00:10:24 +0000 ROA not before: Sun 09 Nov 2025 00:10:24 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da12:8800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:a9:b4:ff:18:5f:d9:ac:da:24:5f:22:87:bf:86:56:d1:d2:51:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:10:24 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=8b0ca7482c4fe967f5d782d46893dfcddf6cefebf33ceda4cd40959992bee7c9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:43:62:ea:df:6d:8e:8e:a1:75:10:5e:8d:3a: b6:d2:d6:d7:d5:dc:c0:8c:14:a7:b2:0a:05:f3:ce: c3:04:a4:f4:38:8f:b4:1e:2b:85:c9:fc:2c:7e:e8: 90:07:1b:c9:0a:f8:3b:6d:b6:8b:ee:b6:e5:36:1d: ec:8f:cc:b7:6e:4a:90:c5:fb:c4:a5:25:69:97:f5: c3:17:d3:51:de:05:3d:63:4a:bf:ad:b4:82:51:65: 0d:73:bc:c6:63:1f:8e:f3:c7:7f:d1:d3:d3:4f:8b: 99:6c:16:d5:76:29:5d:c5:3c:76:77:da:91:48:e1: 77:71:89:89:15:72:cc:19:37:59:17:cf:8c:7b:58: 55:f7:82:59:2d:ae:24:e0:d3:64:24:0c:01:c5:7f: 28:ad:bc:27:c3:5e:63:30:ff:6b:a5:a4:41:dd:95: 05:6d:a0:bc:05:d9:34:6e:f5:a0:be:88:b1:b8:a5: 58:cf:d6:37:07:f2:6f:26:59:fa:a7:30:3e:86:e8: 23:18:cd:ec:38:86:4b:7e:b5:44:5f:9f:17:e8:ba: 8c:f3:88:11:07:26:8b:63:45:8d:47:b0:7f:07:bb: 19:b3:15:f6:1a:82:9c:66:fa:10:6e:5a:36:be:5b: fa:b4:e2:5d:99:ef:de:c4:7f:7b:10:5c:88:51:0f: 80:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:55:A1:7F:EC:0E:79:40:C3:08:C0:9B:C8:7D:66:DB:27:2C:CB:1C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b2c4a732-dc00-4f72-ba69-6114e24b0802.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da12:8800::/38 Signature Algorithm: sha256WithRSAEncryption 24:a2:77:c9:7b:d6:a3:e5:23:8d:e1:1f:e5:d3:50:0a:cd:93: 9a:a7:48:5f:7c:a6:79:3b:23:8e:38:88:84:0f:02:c0:0a:fd: 62:ae:b3:8b:9e:96:80:eb:cd:c6:f4:19:ac:0e:07:c4:9c:dc: e6:90:9d:24:a2:6b:62:95:f0:91:a6:bb:8f:c5:21:f2:e9:8a: 07:72:11:e7:1f:09:a6:06:67:00:62:4e:70:7b:36:be:4c:e7: 72:a9:70:d7:d0:09:00:b4:70:cf:14:a5:f2:32:52:8c:bc:08: 68:1e:b5:7b:96:fb:29:ef:22:34:c5:a2:77:aa:e7:0f:c3:aa: ac:4d:3e:b9:ee:d0:e4:c2:ae:b7:81:4d:eb:61:e9:ac:43:2c: d1:f6:94:23:ab:b7:c9:2a:01:ab:f7:3e:a2:ba:c0:54:bf:93: 56:6a:ee:07:bd:a1:3c:ac:2d:92:ca:b2:98:29:cf:c5:8d:57: 89:85:dc:2e:9c:f3:03:fe:86:a8:9f:b8:b2:b1:48:bf:33:6d: 06:f5:2e:d4:8e:54:fd:28:af:69:71:31:ba:8f:b1:76:6e:90: 11:b8:89:9f:61:cc:38:d3:49:ad:3a:73:82:8f:c0:5e:78:06: 02:ec:27:05:ae:1f:5e:7c:11:92:53:bc:67:61:4a:c3:80:50: 12:bd:55:02 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUN6m0/xhf2azaJF8ih7+GVtHSUYYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwMTAyNFoX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAOGIwY2E3NDgyYzRmZTk2N2Y1ZDc4 MmQ0Njg5M2RmY2RkZjZjZWZlYmYzM2NlZGE0Y2Q0MDk1OTk5MmJlZTdjOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8kNi6t9tjo6hdRBejTq20tbX1dzA jBSnsgoF887DBKT0OI+0HiuFyfwsfuiQBxvJCvg7bbaL7rblNh3sj8y3bkqQxfvE pSVpl/XDF9NR3gU9Y0q/rbSCUWUNc7zGYx+O88d/0dPTT4uZbBbVdildxTx2d9qR SOF3cYmJFXLMGTdZF8+Me1hV94JZLa4k4NNkJAwBxX8orbwnw15jMP9rpaRB3ZUF baC8Bdk0bvWgvoixuKVYz9Y3B/JvJln6pzA+hugjGM3sOIZLfrVEX58X6LqM84gR ByaLY0WNR7B/B7sZsxX2GoKcZvoQblo2vlv6tOJdme/exH97EFyIUQ+AlwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFH5VoX/sDnlAwwjAm8h9ZtsnLMscMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IyYzRhNzMyLWRjMDAtNGY3Mi1iYTY5LTYxMTRlMjRiMDgwMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaEogwDQYJKoZIhvcNAQELBQADggEBACSid8l71qPlI43hH+XT UArNk5qnSF98pnk7I444iIQPAsAK/WKus4ueloDrzcb0GawOB8Sc3OaQnSSia2KV 8JGmu4/FIfLpigdyEecfCaYGZwBiTnB7Nr5M53KpcNfQCQC0cM8UpfIyUoy8CGge tXuW+ynvIjTFoneq5w/DqqxNPrnu0OTCrreBTeth6axDLNH2lCOrt8kqAav3PqK6 wFS/k1Zq7ge9oTysLZLKspgpz8WNV4mF3C6c8wP+hqifuLKxSL8zbQb1LtSOVP0o r2lxMbqPsXZukBG4iZ9hzDjTSa06c4KPwF54BgLsJwWuH158EZJTvGdhSsOAUBK9 VQI= -----END CERTIFICATE-----Generated at Tue Nov 18 09:37:35 2025 by rpki-client