$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cebc5290-288e-4f33-9035-a2d651433cdd.roa File: cebc5290-288e-4f33-9035-a2d651433cdd.roa (raw, json) Hash identifier: CSzNST6V32wpf7O85iQG6De4OKHqgfQUluYyQI9Rj2I= Subject key identifier: A2:C3:93:81:95:A8:FE:CF:81:23:7F:F2:0C:8E:8C:2F:E7:F0:4E:39 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 070BFD31532A535BA0C785399370282453BCE5F1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cebc5290-288e-4f33-9035-a2d651433cdd.roa Signing time: Fri 07 Nov 2025 00:00:13 +0000 ROA not before: Fri 07 Nov 2025 00:00:13 +0000 ROA not after: Fri 12 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:c000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:0b:fd:31:53:2a:53:5b:a0:c7:85:39:93:70:28:24:53:bc:e5:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 7 00:00:13 2025 GMT Not After : Dec 12 23:59:59 2025 GMT Subject: serialNumber=30707fb0a39ec35891af6a71a83e81aafd1531e09e72e42face05faf8aa4e2f3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:08:7a:6c:b0:d3:f6:52:3f:3a:2b:ee:bf:b8: 0c:b2:ba:2e:4b:35:f0:9e:2e:a4:e6:0a:18:cb:b1: 75:ca:b2:d3:ce:79:f5:fa:30:64:3a:01:9e:3e:b5: 2b:c8:32:b9:e0:d5:30:ac:ea:de:4a:58:98:61:39: f3:98:00:c2:8a:6c:8c:a8:8f:2a:37:86:fb:86:b0: 31:35:e0:67:59:6b:e2:46:9a:ef:6a:ce:71:22:1e: d5:7f:1b:b6:2d:f9:50:19:88:46:cd:70:06:ee:74: ab:cb:46:47:5e:df:75:73:ad:51:a8:54:59:a4:79: 5e:a0:2d:d5:31:9c:8b:4c:fa:75:e5:7d:e8:bb:b6: 9d:94:b3:a1:ec:cf:f1:b6:ee:3f:1c:63:7a:7a:95: 54:dc:dc:aa:d4:13:ce:bb:9e:19:c3:5d:ec:c8:d4: c7:36:b1:d9:81:3a:12:c8:5b:d4:7c:1b:8d:bc:d5: 61:51:1f:24:2b:1d:f8:27:65:f5:d0:30:95:fa:8b: 65:c4:01:96:d1:2d:6e:54:27:ea:48:77:cf:24:9e: 53:22:2d:34:e9:aa:e1:d7:b0:09:9b:23:d6:81:b8: ab:fa:c1:b7:ff:99:5f:77:7f:c7:c5:8a:d4:27:8e: ac:88:04:39:f0:35:64:a2:5f:ef:0b:ba:e8:7a:ec: 46:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:C3:93:81:95:A8:FE:CF:81:23:7F:F2:0C:8E:8C:2F:E7:F0:4E:39 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cebc5290-288e-4f33-9035-a2d651433cdd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:c000::/40 Signature Algorithm: sha256WithRSAEncryption 9a:e8:e4:ca:c3:1a:2b:34:4a:1e:5b:85:55:96:88:41:a5:0b: a9:d7:69:66:02:22:a2:53:40:54:a4:87:aa:82:b7:82:0e:fe: e5:6e:05:62:6b:c5:53:3d:69:44:83:50:2e:46:09:f1:98:fe: f0:9a:92:fe:bc:ef:9a:8f:ae:eb:d5:5e:e0:e2:7b:c7:26:d8: 57:72:0a:43:d0:7a:f5:a2:be:6d:2d:7a:96:fd:0f:31:cb:a6: c3:ab:ca:db:b6:67:ee:3e:64:27:66:94:06:4a:b7:a0:55:4d: 8c:0f:34:94:a0:fe:41:fa:11:17:d0:86:bd:bc:21:0f:45:ed: 74:20:f8:95:a8:79:60:a1:63:0b:2f:29:66:2a:d7:7b:2a:34: 28:d1:f2:46:3c:2a:ef:67:75:24:41:2c:54:35:25:f1:56:56: ae:70:14:93:95:40:e7:dc:c0:e6:f9:87:b4:93:4b:b7:7c:09: 59:61:ec:2f:4f:d7:a7:ae:ca:5e:e2:83:f9:18:de:1e:81:3e: bd:bf:53:ab:85:75:df:b7:3a:f6:20:1a:a7:13:3a:2e:ce:c6: 93:77:5b:49:90:10:19:5c:d3:85:48:62:2d:0c:a5:1b:9b:4d: 6b:aa:ec:71:7f:d4:ae:90:76:20:46:19:a7:38:fa:5e:6f:59: 6e:63:29:20 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBwv9MVMqU1ugx4U5k3AoJFO85fEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNzAwMDAxM1oX DTI1MTIxMjIzNTk1OVowejFJMEcGA1UEBRNAMzA3MDdmYjBhMzllYzM1ODkxYWY2 YTcxYTgzZTgxYWFmZDE1MzFlMDllNzJlNDJmYWNlMDVmYWY4YWE0ZTJmMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwh6bLDT9lI/Oivuv7gMsrouSzXw ni6k5goYy7F1yrLTznn1+jBkOgGePrUryDK54NUwrOreSliYYTnzmADCimyMqI8q N4b7hrAxNeBnWWviRprvas5xIh7Vfxu2LflQGYhGzXAG7nSry0ZHXt91c61RqFRZ pHleoC3VMZyLTPp15X3ou7adlLOh7M/xtu4/HGN6epVU3Nyq1BPOu54Zw13syNTH NrHZgToSyFvUfBuNvNVhUR8kKx34J2X10DCV+otlxAGW0S1uVCfqSHfPJJ5TIi00 6arh17AJmyPWgbir+sG3/5lfd3/HxYrUJ46siAQ58DVkol/vC7roeuxGVwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKLDk4GVqP7PgSN/8gyOjC/n8E45MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NlYmM1MjkwLTI4OGUtNGYzMy05MDM1LWEyZDY1MTQzM2NkZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAMAwDQYJKoZIhvcNAQELBQADggEBAJro5MrDGis0Sh5bhVWW iEGlC6nXaWYCIqJTQFSkh6qCt4IO/uVuBWJrxVM9aUSDUC5GCfGY/vCakv6875qP ruvVXuDie8cm2FdyCkPQevWivm0tepb9DzHLpsOrytu2Z+4+ZCdmlAZKt6BVTYwP NJSg/kH6ERfQhr28IQ9F7XQg+JWoeWChYwsvKWYq13sqNCjR8kY8Ku9ndSRBLFQ1 JfFWVq5wFJOVQOfcwOb5h7STS7d8CVlh7C9P16euyl7ig/kY3h6BPr2/U6uFdd+3 OvYgGqcTOi7OxpN3W0mQEBlc04VIYi0MpRubTWuq7HF/1K6QdiBGGac4+l5vWW5j KSA= -----END CERTIFICATE-----Generated at Tue Nov 18 10:40:07 2025 by rpki-client