$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b990f5b3-241d-4db7-8197-5e39d9181be8.roa File: b990f5b3-241d-4db7-8197-5e39d9181be8.roa (raw, json) Hash identifier: CJ4bBKxZUySemyw/Qn+a++0/nedGLuvHYCRZHEUltPY= Subject key identifier: 68:68:BD:C7:8E:72:BE:C2:C8:19:E6:11:92:2D:9C:AC:2E:28:AD:54 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1630C7DC4F73B40A7344B3FD56166E5890B684DB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b990f5b3-241d-4db7-8197-5e39d9181be8.roa Signing time: Fri 07 Nov 2025 00:40:05 +0000 ROA not before: Fri 07 Nov 2025 00:40:05 +0000 ROA not after: Fri 12 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:2840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:30:c7:dc:4f:73:b4:0a:73:44:b3:fd:56:16:6e:58:90:b6:84:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 7 00:40:05 2025 GMT Not After : Dec 12 23:59:59 2025 GMT Subject: serialNumber=449e2e046ec783f6e8eced49f08b5c81cf5403fc3abf803e41f6bb6b0db3be90, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:91:97:3b:1d:f1:a8:46:79:d9:39:e1:43:2b: c0:bb:f9:3a:cb:22:7b:07:29:bb:81:5b:55:ee:3d: 0b:97:5e:7d:55:9c:ae:5c:72:ef:31:be:19:2e:80: dd:44:9d:e5:f1:2b:09:3a:0b:53:24:28:51:32:5d: 9a:30:eb:86:91:ac:f5:c7:90:23:6e:63:cb:44:6a: e3:94:6c:7b:6d:32:91:5c:c9:ca:6f:c6:db:52:56: 83:04:a9:fc:41:6c:0d:73:18:e4:e0:77:0e:da:d2: 6a:c2:b4:dd:47:36:2b:40:1a:7b:6d:1e:b2:25:6e: bb:3d:a9:c3:e0:f2:6a:4b:36:ff:87:7e:3d:65:59: 5c:99:45:3e:a1:6f:8c:e0:5c:f3:3a:e3:7a:c8:99: a4:43:02:d8:a3:2e:ae:b1:78:10:00:64:7f:6b:07: 5f:f3:ec:1c:ca:67:36:10:07:36:b4:e0:ab:d2:d6: 23:32:d5:07:5f:c1:3f:ba:4c:2c:f9:aa:49:00:cc: 1b:3b:14:82:4b:0d:a0:fa:5f:d3:f8:c9:5a:68:8f: a5:17:41:ea:76:fe:fc:81:ee:90:e0:21:93:b1:ff: 28:34:43:3d:e8:46:5d:a1:68:a2:30:9e:e0:dc:ce: c9:bc:99:4a:72:2f:bb:bf:91:f7:78:0f:7c:e1:bf: f8:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:68:BD:C7:8E:72:BE:C2:C8:19:E6:11:92:2D:9C:AC:2E:28:AD:54 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b990f5b3-241d-4db7-8197-5e39d9181be8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:2840::/48 Signature Algorithm: sha256WithRSAEncryption 2d:05:a7:06:2c:a0:1b:96:35:ed:9a:45:30:14:c3:3b:f1:43: 65:4b:9e:1a:9e:90:83:a4:7a:03:fc:ac:0b:76:09:29:84:12: 53:e0:bc:79:1c:8d:86:95:76:17:f1:0e:01:17:21:82:73:dd: 33:0f:75:f3:38:0d:8c:e1:a2:77:ef:23:0b:02:45:59:d2:fe: 15:3d:4c:85:b8:2a:ec:10:77:f0:ee:bb:51:40:48:06:4f:b5: eb:a0:ce:29:3c:31:68:1a:11:0e:43:70:e4:fc:fa:11:84:ee: 14:9f:ec:1f:2b:b7:f0:f3:7a:76:c9:fc:41:8b:b8:63:e8:fa: 7e:35:34:bc:f4:ec:cf:98:10:78:b9:f8:07:cb:bc:f6:a8:1a: 04:69:77:e1:46:07:30:5d:9e:f3:3d:00:93:b9:f2:99:be:e2: 9d:c7:4c:84:5d:87:7b:7e:4a:58:6d:1b:71:ff:8c:c6:0e:71: bc:a5:41:78:3f:e7:52:91:a7:07:ef:81:66:be:e6:59:ba:9f: 35:87:bc:15:40:33:86:ac:f1:38:be:3e:35:7b:8c:b4:6d:df: 2f:49:f9:90:a1:ee:14:a2:30:1b:d0:22:30:46:fe:e5:aa:7c: 3d:5d:75:17:2b:0f:ea:ac:80:eb:e8:5f:be:48:a0:06:bb:6e: d1:49:44:4f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUFjDH3E9ztApzRLP9VhZuWJC2hNswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNzAwNDAwNVoX DTI1MTIxMjIzNTk1OVowejFJMEcGA1UEBRNANDQ5ZTJlMDQ2ZWM3ODNmNmU4ZWNl ZDQ5ZjA4YjVjODFjZjU0MDNmYzNhYmY4MDNlNDFmNmJiNmIwZGIzYmU5MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZGXOx3xqEZ52TnhQyvAu/k6yyJ7 Bym7gVtV7j0Ll159VZyuXHLvMb4ZLoDdRJ3l8SsJOgtTJChRMl2aMOuGkaz1x5Aj bmPLRGrjlGx7bTKRXMnKb8bbUlaDBKn8QWwNcxjk4HcO2tJqwrTdRzYrQBp7bR6y JW67PanD4PJqSzb/h349ZVlcmUU+oW+M4FzzOuN6yJmkQwLYoy6usXgQAGR/awdf 8+wcymc2EAc2tOCr0tYjMtUHX8E/ukws+apJAMwbOxSCSw2g+l/T+MlaaI+lF0Hq dv78ge6Q4CGTsf8oNEM96EZdoWiiMJ7g3M7JvJlKci+7v5H3eA984b/4uQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGhovceOcr7CyBnmEZItnKwuKK1UMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I5OTBmNWIzLTI0MWQtNGRiNy04MTk3LTVlMzlkOTE4MWJlOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8ihAMA0GCSqGSIb3DQEBCwUAA4IBAQAtBacGLKAbljXtmkUw FMM78UNlS54anpCDpHoD/KwLdgkphBJT4Lx5HI2GlXYX8Q4BFyGCc90zD3XzOA2M 4aJ37yMLAkVZ0v4VPUyFuCrsEHfw7rtRQEgGT7XroM4pPDFoGhEOQ3Dk/PoRhO4U n+wfK7fw83p2yfxBi7hj6Pp+NTS89OzPmBB4ufgHy7z2qBoEaXfhRgcwXZ7zPQCT ufKZvuKdx0yEXYd7fkpYbRtx/4zGDnG8pUF4P+dSkacH74FmvuZZup81h7wVQDOG rPE4vj41e4y0bd8vSfmQoe4UojAb0CIwRv7lqnw9XXUXKw/qrIDr6F++SKAGu27R SURP -----END CERTIFICATE-----Generated at Tue Nov 18 09:37:25 2025 by rpki-client