$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c521a465-b961-4d95-8077-65fb2bae529e.roa File: c521a465-b961-4d95-8077-65fb2bae529e.roa (raw, json) Hash identifier: SQfKlGmfjtrCKDCO6n2DoPUmOPc/tG6l9uEHMsA16vg= Subject key identifier: 44:8C:0A:30:DF:36:8D:9B:E2:54:67:56:25:ED:C6:2D:A8:A9:1C:2C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 028111AE2BCC21BE176155C086BE10A6DECFE1F8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c521a465-b961-4d95-8077-65fb2bae529e.roa Signing time: Sat 08 Nov 2025 00:00:42 +0000 ROA not before: Sat 08 Nov 2025 00:00:42 +0000 ROA not after: Sat 13 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daec:3000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:81:11:ae:2b:cc:21:be:17:61:55:c0:86:be:10:a6:de:cf:e1:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 8 00:00:42 2025 GMT Not After : Dec 13 23:59:59 2025 GMT Subject: serialNumber=e4b8caeb0c9a4b83cb7723e75a2b800930313f6678087b41b9a76dd7769d75b6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:3e:94:5e:cb:2f:e6:b5:9f:42:62:f3:98:32: 3f:6a:2d:ed:76:e1:21:28:6e:bb:f8:29:d4:35:48: 2e:4f:6a:12:66:a5:55:94:75:c9:88:2a:c3:9b:95: ad:30:7e:5b:1d:7c:d1:b5:25:0d:46:61:c0:c8:7e: 88:b9:fe:50:38:37:fb:77:b9:b8:a6:aa:a0:2f:9d: 1a:71:c2:c4:0e:81:5a:63:33:23:22:fa:dd:23:8b: 06:6c:f0:7e:14:86:79:ae:65:1b:e3:04:70:b0:69: a9:5a:57:c2:68:3f:d7:42:21:f9:f9:75:fc:94:09: bc:bd:b7:23:6b:aa:52:01:ae:d3:7b:8f:78:ac:0e: ff:b8:ef:cd:29:41:8c:e4:43:b8:35:88:7c:bd:32: 79:e8:aa:75:c6:2f:5e:65:bf:a1:a6:bc:7a:a2:ac: 38:ff:99:5e:d6:09:36:6a:d1:ec:4b:ce:69:e1:59: 8f:65:ca:66:c4:d2:91:66:fe:af:92:63:e5:3a:08: f2:67:e4:22:07:ba:ab:a2:d3:2a:71:8f:88:ed:7b: 11:66:f5:95:5e:a3:11:6b:2c:da:c0:56:00:fa:83: 4e:6b:bc:f1:8b:da:8e:fd:74:f6:5a:c3:51:7c:8c: 87:c5:fd:58:03:87:b1:aa:a1:c3:79:eb:1f:94:46: c9:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:8C:0A:30:DF:36:8D:9B:E2:54:67:56:25:ED:C6:2D:A8:A9:1C:2C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c521a465-b961-4d95-8077-65fb2bae529e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daec:3000::/48 Signature Algorithm: sha256WithRSAEncryption 6f:23:a1:2b:c8:85:3a:08:b4:61:29:2c:cf:fc:04:13:14:0f: a1:e2:fc:d4:c2:25:5f:fb:4a:4b:7c:6f:f9:9d:68:f9:cb:29: 16:72:4c:99:c7:5f:e1:3f:d4:78:91:92:5d:8d:5b:b5:c7:cb: 86:50:34:c1:1c:38:50:e7:2c:22:81:91:bb:0d:65:42:c1:4f: 6b:55:2f:2c:99:ed:cf:5b:de:02:78:b1:e3:34:04:22:38:fb: f0:49:e7:35:86:6c:00:a2:de:41:ad:4a:d7:56:15:92:7d:f8: 10:03:ae:82:03:e8:4b:60:cf:6d:bd:a4:8d:c5:f3:c0:7b:49: fc:9e:af:cd:04:08:a4:f3:7c:c8:1b:78:2a:d6:76:16:a2:02: e1:5d:01:f1:33:a9:90:49:2d:56:6a:d6:68:36:6f:2b:ea:39: 95:27:08:a3:bc:21:c0:19:85:e1:5b:26:9e:a9:ec:5d:6f:68: 72:44:e9:63:4a:00:f8:d4:e8:c7:e8:43:f5:a7:b2:52:1b:90: c8:ee:b2:7c:f7:aa:65:6c:03:d7:17:ed:b6:b3:fc:83:4c:18: 9e:23:75:5a:db:32:09:87:50:bd:74:08:9a:86:f1:71:60:32: f9:8d:75:61:69:d2:17:2f:8d:27:c0:38:a8:a4:84:19:84:df: c3:ba:d7:5c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUAoERrivMIb4XYVXAhr4Qpt7P4fgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwODAwMDA0MloX DTI1MTIxMzIzNTk1OVowejFJMEcGA1UEBRNAZTRiOGNhZWIwYzlhNGI4M2NiNzcy M2U3NWEyYjgwMDkzMDMxM2Y2Njc4MDg3YjQxYjlhNzZkZDc3NjlkNzViNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmj6UXssv5rWfQmLzmDI/ai3tduEh KG67+CnUNUguT2oSZqVVlHXJiCrDm5WtMH5bHXzRtSUNRmHAyH6Iuf5QODf7d7m4 pqqgL50accLEDoFaYzMjIvrdI4sGbPB+FIZ5rmUb4wRwsGmpWlfCaD/XQiH5+XX8 lAm8vbcja6pSAa7Te494rA7/uO/NKUGM5EO4NYh8vTJ56Kp1xi9eZb+hprx6oqw4 /5le1gk2atHsS85p4VmPZcpmxNKRZv6vkmPlOgjyZ+QiB7qrotMqcY+I7XsRZvWV XqMRayzawFYA+oNOa7zxi9qO/XT2WsNRfIyHxf1YA4exqqHDeesflEbJsQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFESMCjDfNo2b4lRnViXtxi2oqRwsMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M1MjFhNDY1LWI5NjEtNGQ5NS04MDc3LTY1ZmIyYmFlNTI5ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba7DAAMA0GCSqGSIb3DQEBCwUAA4IBAQBvI6EryIU6CLRhKSzP /AQTFA+h4vzUwiVf+0pLfG/5nWj5yykWckyZx1/hP9R4kZJdjVu1x8uGUDTBHDhQ 5ywigZG7DWVCwU9rVS8sme3PW94CeLHjNAQiOPvwSec1hmwAot5BrUrXVhWSffgQ A66CA+hLYM9tvaSNxfPAe0n8nq/NBAik83zIG3gq1nYWogLhXQHxM6mQSS1WatZo Nm8r6jmVJwijvCHAGYXhWyaeqexdb2hyROljSgD41OjH6EP1p7JSG5DI7rJ896pl bAPXF+22s/yDTBieI3Va2zIJh1C9dAiahvFxYDL5jXVhadIXL40nwDiopIQZhN/D utdc -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:29 2025 by rpki-client