$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/baa01805-cb98-4c85-9fa0-fdff4c3b18af.roa File: baa01805-cb98-4c85-9fa0-fdff4c3b18af.roa (raw, json) Hash identifier: YKfJEBuDuaopgj45jB8c8QE9qrbnRW8sNvaB8WZpE2Y= Subject key identifier: 36:59:2C:DC:3D:B4:BF:93:C4:F5:90:76:C9:8E:B6:94:29:F0:2E:CC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 775C4C420DB6DEB82FA84183EDEED110D7879B5F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/baa01805-cb98-4c85-9fa0-fdff4c3b18af.roa Signing time: Sat 08 Nov 2025 00:00:04 +0000 ROA not before: Sat 08 Nov 2025 00:00:04 +0000 ROA not after: Sat 13 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daec:7000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:5c:4c:42:0d:b6:de:b8:2f:a8:41:83:ed:ee:d1:10:d7:87:9b:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 8 00:00:04 2025 GMT Not After : Dec 13 23:59:59 2025 GMT Subject: serialNumber=455050d9e50285dbeaf38f20b6882886d27c2ce6271462994f3707ca65b620d3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:ef:2d:d1:3b:02:fa:06:02:f3:07:3e:94:45: 37:42:2e:d1:8e:94:22:ed:b5:bc:d1:b2:c4:b0:90: 18:37:38:7d:c4:3b:89:77:06:27:a7:93:0b:ca:c0: 0a:de:b3:65:4a:a6:37:12:b2:21:63:0a:68:dc:d8: b7:30:07:56:a0:26:aa:78:43:6a:08:ac:ec:b1:62: 56:fc:7a:43:fd:4f:12:e5:50:75:3e:9f:d7:1f:46: c0:8b:db:0d:52:08:eb:13:98:dd:23:7f:45:eb:b9: ed:46:90:80:5a:eb:cf:bf:47:2a:a3:a0:22:f5:92: 29:3a:b4:48:a6:4b:56:03:8b:83:18:45:65:5e:16: d2:86:74:53:3b:4d:1c:6a:9c:ef:d2:5f:c2:fd:66: fb:81:d1:78:53:9c:c7:ad:7a:69:6b:b4:41:7c:70: 73:20:19:72:73:42:59:8c:ac:16:cf:28:b8:72:27: 84:32:54:d8:3e:33:95:08:34:dc:01:5e:0f:38:61: cf:54:89:36:ed:db:02:d6:74:70:3f:89:c0:09:49: 80:75:d4:76:e1:f9:29:3f:85:68:b0:26:cf:90:e7: a9:37:7d:a0:10:47:fb:f6:5e:d1:05:14:b0:61:a2: 60:5e:d4:75:33:6c:65:17:85:59:37:33:82:cd:7e: dc:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:59:2C:DC:3D:B4:BF:93:C4:F5:90:76:C9:8E:B6:94:29:F0:2E:CC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/baa01805-cb98-4c85-9fa0-fdff4c3b18af.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daec:7000::/48 Signature Algorithm: sha256WithRSAEncryption 73:92:60:88:88:29:e1:a3:33:8d:da:0a:9c:c9:0c:8c:57:e0: c1:a6:e1:ae:97:e4:b6:da:d1:38:f5:6a:49:4f:b5:11:38:aa: c0:ce:fb:b3:49:c9:fb:f2:cd:64:76:b8:43:8c:0d:28:5f:80: ef:20:74:22:b0:a0:7c:b4:ba:6c:53:20:67:03:3b:bd:0e:3d: 39:8c:79:05:b2:81:d5:b5:6f:c5:43:b4:46:d8:f6:fa:1b:39: 5a:b5:46:32:51:f0:22:dc:83:33:5c:a2:13:15:4d:b0:ee:0f: 5f:2a:e6:7c:33:9d:e5:99:3b:e8:fd:81:80:a5:6b:8b:06:6d: 3b:43:91:ae:57:52:5b:42:6e:d2:f2:5f:b6:21:7c:9b:1e:b7: 8b:b3:7e:ec:46:43:20:2e:68:10:9b:72:6f:cc:63:ea:2c:e7: 7a:e3:70:ae:df:57:b8:0c:72:e6:6d:0d:96:ae:f5:20:d8:69: 37:74:07:a4:2e:82:a6:dd:76:f4:d0:a3:d2:67:8f:2d:13:bd: f2:ad:38:0c:b0:6d:1d:e9:61:70:d5:9f:13:a8:00:0e:c1:58: cf:fa:68:64:3a:c5:7b:5b:c4:5c:e4:cc:71:fc:02:82:5b:1a: 4a:cd:7a:5b:f4:e0:b4:d4:cf:28:fc:3a:a7:e7:fd:7a:2a:ee: bc:95:9a:7c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUd1xMQg223rgvqEGD7e7RENeHm18wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwODAwMDAwNFoX DTI1MTIxMzIzNTk1OVowejFJMEcGA1UEBRNANDU1MDUwZDllNTAyODVkYmVhZjM4 ZjIwYjY4ODI4ODZkMjdjMmNlNjI3MTQ2Mjk5NGYzNzA3Y2E2NWI2MjBkMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuO8t0TsC+gYC8wc+lEU3Qi7RjpQi 7bW80bLEsJAYNzh9xDuJdwYnp5MLysAK3rNlSqY3ErIhYwpo3Ni3MAdWoCaqeENq CKzssWJW/HpD/U8S5VB1Pp/XH0bAi9sNUgjrE5jdI39F67ntRpCAWuvPv0cqo6Ai 9ZIpOrRIpktWA4uDGEVlXhbShnRTO00capzv0l/C/Wb7gdF4U5zHrXppa7RBfHBz IBlyc0JZjKwWzyi4cieEMlTYPjOVCDTcAV4POGHPVIk27dsC1nRwP4nACUmAddR2 4fkpP4VosCbPkOepN32gEEf79l7RBRSwYaJgXtR1M2xlF4VZNzOCzX7c8QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDZZLNw9tL+TxPWQdsmOtpQp8C7MMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JhYTAxODA1LWNiOTgtNGM4NS05ZmEwLWZkZmY0YzNiMThhZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba7HAAMA0GCSqGSIb3DQEBCwUAA4IBAQBzkmCIiCnhozON2gqc yQyMV+DBpuGul+S22tE49WpJT7UROKrAzvuzScn78s1kdrhDjA0oX4DvIHQisKB8 tLpsUyBnAzu9Dj05jHkFsoHVtW/FQ7RG2Pb6GzlatUYyUfAi3IMzXKITFU2w7g9f KuZ8M53lmTvo/YGApWuLBm07Q5GuV1JbQm7S8l+2IXybHreLs37sRkMgLmgQm3Jv zGPqLOd643Cu31e4DHLmbQ2WrvUg2Gk3dAekLoKm3Xb00KPSZ48tE73yrTgMsG0d 6WFw1Z8TqAAOwVjP+mhkOsV7W8Rc5Mxx/AKCWxpKzXpb9OC01M8o/Dqn5/16Ku68 lZp8 -----END CERTIFICATE-----Generated at Tue Nov 18 09:37:23 2025 by rpki-client