$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b923745f-93bb-45fc-8b61-62862ac40205.roa File: b923745f-93bb-45fc-8b61-62862ac40205.roa (raw, json) Hash identifier: taZ9K9o+5bDJMUJFgvCCrPMbrS9vy4G8M8YqwNcR1Vk= Subject key identifier: 38:E8:BE:70:2E:62:B0:59:C1:57:29:32:08:04:00:E1:AE:C2:77:9C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 14C623C9285F47C1F99E68CEC45FDFBA073F7298 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b923745f-93bb-45fc-8b61-62862ac40205.roa Signing time: Sun 09 Nov 2025 00:30:16 +0000 ROA not before: Sun 09 Nov 2025 00:30:16 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1c::/35 maxlen: 35 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:c6:23:c9:28:5f:47:c1:f9:9e:68:ce:c4:5f:df:ba:07:3f:72:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:30:16 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=fca1674773b2d407d9a2707b25f78f022465161e1557fa4a1c5d1a94c3aa59a4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:be:10:1c:3a:0d:e8:86:33:18:0e:d1:96:02: 9a:c3:3d:eb:7d:dc:fd:2c:6f:23:f0:0d:27:db:c3: cd:7d:12:7f:84:0a:03:20:e4:55:cf:67:7e:17:57: 04:a3:ce:1e:09:ea:6d:c5:42:f9:69:30:ea:38:00: cf:59:8e:a2:f2:63:e1:16:6a:c6:29:0b:3e:31:33: e9:28:b3:9c:a2:e0:ec:49:5d:33:ae:6e:18:3f:e5: 65:db:2a:3c:a7:8a:8a:63:22:66:38:a4:97:a8:3e: 89:a7:0c:1c:1a:9d:dd:44:7e:9f:5e:ea:dd:20:2d: e5:4c:7e:92:67:87:4e:cd:28:77:0d:24:23:f3:a0: f4:98:f1:e2:b9:12:44:a1:6a:32:cd:39:d5:9d:d5: 2b:5d:6e:41:60:a8:39:f5:4c:60:8b:21:a2:18:c7: ed:3c:0e:6f:37:d6:d4:fd:a6:5d:83:8a:5a:b1:26: e8:5e:4e:dc:14:d9:74:34:76:55:26:fa:c5:17:8f: e2:2c:b9:01:eb:67:70:5b:26:c5:63:73:12:4d:e0: 8f:4b:f0:b0:ae:86:55:9f:94:1a:3e:da:cd:31:14: 5e:88:14:bc:00:4c:41:44:c0:d5:4d:a8:80:6d:07: 3b:8b:25:b9:66:67:d7:1c:4d:fb:65:f6:7e:56:69: be:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:E8:BE:70:2E:62:B0:59:C1:57:29:32:08:04:00:E1:AE:C2:77:9C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b923745f-93bb-45fc-8b61-62862ac40205.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1c::/35 Signature Algorithm: sha256WithRSAEncryption cb:d9:b9:51:71:bd:18:7d:d6:76:b3:3e:7d:c0:4f:7a:a7:b2: bd:aa:66:27:2b:71:09:4d:2a:3b:1f:81:55:f7:f7:39:c8:f5: 80:43:02:fd:e4:11:93:89:50:ca:e8:03:ae:38:86:4f:9f:99: 71:3d:ba:ea:f7:06:fc:10:36:bd:2e:ce:26:b6:e0:bd:14:65: 5a:bb:42:a8:68:ed:e2:12:bd:92:a2:cc:ad:83:19:61:2e:3c: a2:37:bc:20:2c:e4:3f:03:da:e8:5d:f7:e0:31:75:f1:7e:da: 17:b7:cc:8e:da:91:0d:28:ba:a1:36:bf:89:28:e7:b1:d8:ce: ce:49:f5:e5:97:dc:56:df:0e:29:a6:20:3b:e6:f3:f2:ba:c8: 92:d9:93:75:50:f2:ad:b2:a3:a4:6d:c5:d2:bf:41:ba:c7:79: c6:9f:4c:17:32:7b:bb:49:62:f2:88:9a:38:74:bf:c6:3c:a3: 99:f1:c0:4b:df:b1:c5:ca:d1:5d:1c:03:1e:0d:b3:bf:18:66: 71:cf:31:af:45:33:36:1e:e5:c9:36:89:39:d5:8b:0f:ec:26: 6e:43:c0:98:a8:4a:37:17:22:39:cd:c4:e5:73:e7:62:8c:f3: 69:6b:e3:71:19:43:9c:67:d8:91:00:26:fd:ac:01:14:4e:66: 2b:57:ce:cd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFMYjyShfR8H5nmjOxF/fugc/cpgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwMzAxNloX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAZmNhMTY3NDc3M2IyZDQwN2Q5YTI3 MDdiMjVmNzhmMDIyNDY1MTYxZTE1NTdmYTRhMWM1ZDFhOTRjM2FhNTlhNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxr4QHDoN6IYzGA7RlgKawz3rfdz9 LG8j8A0n28PNfRJ/hAoDIORVz2d+F1cEo84eCeptxUL5aTDqOADPWY6i8mPhFmrG KQs+MTPpKLOcouDsSV0zrm4YP+Vl2yo8p4qKYyJmOKSXqD6JpwwcGp3dRH6fXurd IC3lTH6SZ4dOzSh3DSQj86D0mPHiuRJEoWoyzTnVndUrXW5BYKg59UxgiyGiGMft PA5vN9bU/aZdg4pasSboXk7cFNl0NHZVJvrFF4/iLLkB62dwWybFY3MSTeCPS/Cw roZVn5QaPtrNMRReiBS8AExBRMDVTaiAbQc7iyW5ZmfXHE37ZfZ+Vmm+/QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDjovnAuYrBZwVcpMggEAOGuwnecMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I5MjM3NDVmLTkzYmItNDVmYy04YjYxLTYyODYyYWM0MDIwNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYFJAbaHAAwDQYJKoZIhvcNAQELBQADggEBAMvZuVFxvRh91nazPn3A T3qnsr2qZicrcQlNKjsfgVX39znI9YBDAv3kEZOJUMroA644hk+fmXE9uur3BvwQ Nr0uzia24L0UZVq7Qqho7eISvZKizK2DGWEuPKI3vCAs5D8D2uhd9+AxdfF+2he3 zI7akQ0ouqE2v4ko57HYzs5J9eWX3FbfDimmIDvm8/K6yJLZk3VQ8q2yo6RtxdK/ QbrHecafTBcye7tJYvKImjh0v8Y8o5nxwEvfscXK0V0cAx4Ns78YZnHPMa9FMzYe 5ck2iTnViw/sJm5DwJioSjcXIjnNxOVz52KM82lr43EZQ5xn2JEAJv2sARROZitX zs0= -----END CERTIFICATE-----Generated at Tue Nov 18 09:37:18 2025 by rpki-client