$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d73c0a51-ab7b-4878-bdff-e08b6181edbd.roa File: d73c0a51-ab7b-4878-bdff-e08b6181edbd.roa (raw, json) Hash identifier: Olpoxk2WNKbMdUzpDwRlMjBAPH/88tgdAHFAqhXdG/g= Subject key identifier: 4E:DB:30:1D:6A:CB:AE:4E:C7:16:D2:1F:34:9F:24:ED:79:C9:B4:8C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5DB48E69C66805B9C4393D44A24C844D1A4D34D2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d73c0a51-ab7b-4878-bdff-e08b6181edbd.roa Signing time: Tue 11 Nov 2025 00:00:08 +0000 ROA not before: Tue 11 Nov 2025 00:00:08 +0000 ROA not after: Tue 16 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da20::/28 maxlen: 28 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:b4:8e:69:c6:68:05:b9:c4:39:3d:44:a2:4c:84:4d:1a:4d:34:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 11 00:00:08 2025 GMT Not After : Dec 16 23:59:59 2025 GMT Subject: serialNumber=379669d0073f32b41fd5a50b9a4957e07cc03b6f8acfd4ef15baa73d28ef0fd3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:8b:15:3d:af:68:4f:6f:d7:6b:fd:5e:80:a6: a2:77:50:51:3e:5b:32:4b:66:f0:2a:7b:f7:bd:3d: e0:f0:5f:af:d4:7e:f0:aa:8f:37:dc:f1:a2:7c:13: 78:5a:02:f2:78:c3:9b:60:21:65:09:ba:9a:d9:9b: 75:d3:70:bf:d4:75:74:a8:95:99:2c:cc:f4:a5:32: 77:8a:2b:9b:ba:3f:57:a0:a7:1a:79:57:62:41:cc: 7e:38:b6:fa:db:49:9c:19:7a:ff:e1:f7:76:42:14: 25:bf:a9:a6:24:62:99:bb:0f:ca:bb:eb:e4:33:c5: 72:72:ee:7d:7e:a6:6e:d1:c3:3f:69:ac:6c:d0:93: 8f:97:da:48:a2:f0:17:e2:f6:32:69:45:c7:25:12: 5b:03:58:eb:dd:fc:7b:6a:ac:c0:06:85:7b:9a:ed: 94:44:79:68:c7:21:58:68:1a:b2:be:9b:f0:d4:2d: cb:3a:9c:37:29:5f:28:29:cc:3d:44:6d:81:b1:27: f7:ff:69:0c:4f:d4:22:75:a5:01:2f:eb:ae:c4:9c: 4d:e5:a7:3b:2d:b8:3d:e9:86:f5:23:7c:75:fe:2c: 80:51:29:cf:46:57:58:0c:0b:f1:df:54:b6:f5:e7: ad:d5:31:a4:e6:e6:b8:ab:b9:53:f6:5c:d0:2c:26: 3e:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:DB:30:1D:6A:CB:AE:4E:C7:16:D2:1F:34:9F:24:ED:79:C9:B4:8C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d73c0a51-ab7b-4878-bdff-e08b6181edbd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da20::/28 Signature Algorithm: sha256WithRSAEncryption 5f:b3:46:3b:d6:24:ef:83:c1:94:78:b1:bf:8c:17:8e:a6:2c: e6:b1:a2:5b:ae:ad:b6:81:10:cd:67:28:a1:d4:63:86:1e:28: f6:a7:47:06:57:ec:68:6a:5e:5a:18:bc:a0:de:c4:53:6f:8b: be:b5:70:8b:19:e1:a5:33:e8:33:14:52:d4:13:76:c9:33:87: 4a:67:b6:9f:95:a5:8a:81:05:88:b8:b9:78:c1:4f:27:62:f0: 67:90:bd:d4:ca:01:f4:3a:bb:db:2e:d3:c6:09:56:d0:5d:00: 88:a8:76:e5:e3:fc:e4:1e:f6:70:16:e2:b8:3d:03:82:84:6d: 79:1c:34:7b:27:be:c6:6f:a9:35:03:13:71:d3:58:1b:6e:6a: 62:04:84:a0:7b:10:fd:6b:1b:ee:a7:4d:5b:69:d7:55:4b:16: 79:9e:6d:7f:71:72:56:3f:b2:76:51:db:cb:45:c1:15:9f:39: 5c:74:33:00:cf:02:36:b5:77:d9:b9:01:28:91:48:f9:28:cd: fa:45:c3:71:a5:3b:88:a0:26:6d:00:90:51:df:54:e6:d7:45: c0:c3:62:d8:a6:6a:40:e2:5c:78:ec:57:a0:75:13:64:58:6e: 2f:3e:8f:98:3e:6a:00:73:ec:79:df:67:7f:f4:23:83:5d:97: f6:a9:11:27 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUXbSOacZoBbnEOT1EokyETRpNNNIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTExMTAwMDAwOFoX DTI1MTIxNjIzNTk1OVowejFJMEcGA1UEBRNAMzc5NjY5ZDAwNzNmMzJiNDFmZDVh NTBiOWE0OTU3ZTA3Y2MwM2I2ZjhhY2ZkNGVmMTViYWE3M2QyOGVmMGZkMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4sVPa9oT2/Xa/1egKaid1BRPlsy S2bwKnv3vT3g8F+v1H7wqo833PGifBN4WgLyeMObYCFlCbqa2Zt103C/1HV0qJWZ LMz0pTJ3iiubuj9XoKcaeVdiQcx+OLb620mcGXr/4fd2QhQlv6mmJGKZuw/Ku+vk M8Vycu59fqZu0cM/aaxs0JOPl9pIovAX4vYyaUXHJRJbA1jr3fx7aqzABoV7mu2U RHloxyFYaBqyvpvw1C3LOpw3KV8oKcw9RG2BsSf3/2kMT9QidaUBL+uuxJxN5ac7 Lbg96Yb1I3x1/iyAUSnPRldYDAvx31S29eet1TGk5ua4q7lT9lzQLCY+swIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFE7bMB1qy65OxxbSHzSfJO15ybSMMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q3M2MwYTUxLWFiN2ItNDg3OC1iZGZmLWUwOGI2MTgxZWRiZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUEJAbaIDANBgkqhkiG9w0BAQsFAAOCAQEAX7NGO9Yk74PBlHixv4wX jqYs5rGiW66ttoEQzWcoodRjhh4o9qdHBlfsaGpeWhi8oN7EU2+LvrVwixnhpTPo MxRS1BN2yTOHSme2n5WlioEFiLi5eMFPJ2LwZ5C91MoB9Dq72y7TxglW0F0AiKh2 5eP85B72cBbiuD0DgoRteRw0eye+xm+pNQMTcdNYG25qYgSEoHsQ/Wsb7qdNW2nX VUsWeZ5tf3FyVj+ydlHby0XBFZ85XHQzAM8CNrV32bkBKJFI+SjN+kXDcaU7iKAm bQCQUd9U5tdFwMNi2KZqQOJceOxXoHUTZFhuLz6PmD5qAHPsed9nf/Qjg12X9qkR Jw== -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:47 2025 by rpki-client