$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ca4eb16d-fca2-4f9e-b9ca-a6a72479a4f9.roa File: ca4eb16d-fca2-4f9e-b9ca-a6a72479a4f9.roa (raw, json) Hash identifier: zxKRNbxNtBa+uAdtkHRuVWuL3spgSWnrKA4S3jvqZNs= Subject key identifier: 24:61:5A:45:22:86:5F:C3:AF:83:49:31:56:6B:71:AD:DF:8F:54:01 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0F0652F21B679BDED304FD6BE9970B44867D1B1A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ca4eb16d-fca2-4f9e-b9ca-a6a72479a4f9.roa Signing time: Sun 09 Nov 2025 00:50:40 +0000 ROA not before: Sun 09 Nov 2025 00:50:40 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:c000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:06:52:f2:1b:67:9b:de:d3:04:fd:6b:e9:97:0b:44:86:7d:1b:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:50:40 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=37e6303e45455bdb64ebe324f9bff9e757f007de70ad808c3cbb3b561cf16f53, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:a1:40:9b:36:86:a5:91:e5:6b:c2:51:ea:5f: 10:e2:cc:f0:90:4f:18:85:46:65:9f:cd:17:4f:34: 42:90:07:9b:ec:cf:cc:3d:13:3b:cc:16:6a:91:75: c0:02:ae:62:f0:95:05:43:ee:6a:c2:3f:68:39:4e: 44:66:7e:6e:42:d7:1b:de:f0:c8:2b:ac:c8:02:43: ee:c6:07:48:eb:9b:d9:80:2c:62:4f:6b:d8:22:c2: 37:0e:24:48:4a:a0:37:c1:3b:5a:44:fa:62:b2:ff: fe:45:d4:d7:f4:dd:39:f3:68:80:df:92:31:f2:e2: 8a:cd:04:7a:52:33:ab:da:f4:1e:ca:76:43:df:9c: 11:bd:47:72:a9:06:c4:e8:18:68:86:b9:ad:72:3c: aa:61:a8:d5:c7:01:13:55:23:3d:b1:d1:59:2e:bf: a8:83:ed:4b:07:9f:fd:fb:55:b2:bd:ca:38:3b:d7: 22:be:82:d1:e2:ae:61:94:1c:4e:8d:ae:07:81:19: 36:77:fa:96:e8:9b:f9:ff:e7:88:08:21:18:9f:06: c7:1e:e2:47:e7:6b:78:e3:11:92:a7:9e:24:86:ec: f5:84:77:08:3b:5f:7c:da:fd:f9:53:44:13:3e:ac: 0f:88:58:c5:06:a9:65:5a:c9:1d:b5:2c:f1:c4:e5: e7:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:61:5A:45:22:86:5F:C3:AF:83:49:31:56:6B:71:AD:DF:8F:54:01 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ca4eb16d-fca2-4f9e-b9ca-a6a72479a4f9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:c000::/40 Signature Algorithm: sha256WithRSAEncryption 19:d8:42:87:4f:48:c0:f0:2f:7b:b1:bc:08:50:03:4b:d5:34: 01:fc:a0:bc:c3:2c:a1:e3:7b:d5:a1:eb:d2:02:3b:5b:f7:26: 84:04:0f:f7:75:b5:d5:70:1f:8a:89:d6:df:b7:a5:8b:2f:a9: ba:f3:e5:4e:69:7a:04:e2:5f:4b:20:e1:81:df:24:ec:44:24: 8f:22:c9:23:7f:69:f2:ad:e7:1c:06:44:af:08:c9:93:b8:cb: 49:2a:10:47:53:15:86:bf:e4:dd:3d:c5:5a:ce:d9:6c:f7:71: 10:1d:05:ae:21:ad:f5:0d:9c:08:56:e9:cd:57:c4:88:27:bf: df:70:59:f7:5f:92:6c:60:50:20:fd:34:43:c3:fb:e5:aa:f5: 52:0d:80:f1:ff:fa:e3:be:27:cd:49:c8:7d:fd:83:64:d4:40: 2b:2d:83:47:7b:48:79:b9:ed:fc:c5:24:30:89:28:86:b9:f1: a9:fd:3d:f4:e3:a0:35:fa:ae:7e:d4:83:1d:dd:9b:74:72:65: b7:bb:97:49:9e:d5:19:fd:cb:5f:35:77:b1:cb:2f:8e:c2:40: 3a:ce:45:ec:56:3f:95:13:7f:04:ad:b3:24:5d:f8:7a:7e:c7: a8:f9:77:18:91:de:68:a6:25:62:65:74:e0:47:04:1d:ac:4f: a4:91:48:02 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDwZS8htnm97TBP1r6ZcLRIZ9GxowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwNTA0MFoX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAMzdlNjMwM2U0NTQ1NWJkYjY0ZWJl MzI0ZjliZmY5ZTc1N2YwMDdkZTcwYWQ4MDhjM2NiYjNiNTYxY2YxNmY1MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqFAmzaGpZHla8JR6l8Q4szwkE8Y hUZln80XTzRCkAeb7M/MPRM7zBZqkXXAAq5i8JUFQ+5qwj9oOU5EZn5uQtcb3vDI K6zIAkPuxgdI65vZgCxiT2vYIsI3DiRISqA3wTtaRPpisv/+RdTX9N0582iA35Ix 8uKKzQR6UjOr2vQeynZD35wRvUdyqQbE6BhohrmtcjyqYajVxwETVSM9sdFZLr+o g+1LB5/9+1Wyvco4O9civoLR4q5hlBxOja4HgRk2d/qW6Jv5/+eICCEYnwbHHuJH 52t44xGSp54khuz1hHcIO1982v35U0QTPqwPiFjFBqllWskdtSzxxOXnwwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCRhWkUihl/Dr4NJMVZrca3fj1QBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NhNGViMTZkLWZjYTItNGY5ZS1iOWNhLWE2YTcyNDc5YTRmOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacMAwDQYJKoZIhvcNAQELBQADggEBABnYQodPSMDwL3uxvAhQ A0vVNAH8oLzDLKHje9Wh69ICO1v3JoQED/d1tdVwH4qJ1t+3pYsvqbrz5U5pegTi X0sg4YHfJOxEJI8iySN/afKt5xwGRK8IyZO4y0kqEEdTFYa/5N09xVrO2Wz3cRAd Ba4hrfUNnAhW6c1XxIgnv99wWfdfkmxgUCD9NEPD++Wq9VINgPH/+uO+J81JyH39 g2TUQCstg0d7SHm57fzFJDCJKIa58an9PfTjoDX6rn7Ugx3dm3RyZbe7l0me1Rn9 y181d7HLL47CQDrORexWP5UTfwStsyRd+Hp+x6j5dxiR3mimJWJldOBHBB2sT6SR SAI= -----END CERTIFICATE-----Generated at Tue Nov 18 10:40:04 2025 by rpki-client