$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e416e754-5d9f-4eae-8938-0af1310f45b2.roa File: e416e754-5d9f-4eae-8938-0af1310f45b2.roa (raw, json) Hash identifier: udSgf/hPEyiJOOYKRB05nKFEE9/mQkJU9PMNunzVKVc= Subject key identifier: 25:61:08:8C:A4:94:A9:A0:48:23:21:CB:E1:73:5E:92:4D:C1:A9:BD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 32F3A8B92BF04ECCF2F094E34FCED6ED9AD6EF7F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e416e754-5d9f-4eae-8938-0af1310f45b2.roa Signing time: Sat 08 Nov 2025 00:20:57 +0000 ROA not before: Sat 08 Nov 2025 00:20:57 +0000 ROA not after: Sat 13 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:a800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:f3:a8:b9:2b:f0:4e:cc:f2:f0:94:e3:4f:ce:d6:ed:9a:d6:ef:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 8 00:20:57 2025 GMT Not After : Dec 13 23:59:59 2025 GMT Subject: serialNumber=b57bd033dc5530847ddaf9af4fd80e44b09010806bb0190e97017b3ba5486dae, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:f1:69:01:89:31:2e:fb:c7:66:23:07:24:9a: 75:c1:6a:8b:f1:93:8a:1f:da:e9:37:1f:75:af:24: f1:9f:fb:0e:06:12:bd:05:0e:1a:c9:f1:1a:11:0f: c7:fc:88:4a:2e:de:39:35:77:5d:7e:c8:56:5b:a1: d0:06:04:27:46:0e:16:d7:5a:8c:31:0f:74:64:86: 4c:05:b7:30:b5:33:1e:12:da:a7:77:b7:09:9d:d2: 5e:75:2e:b5:4c:d0:c7:1d:d5:89:f6:98:3a:59:1d: 67:78:51:9d:7e:bf:6f:ec:ad:7c:cf:94:8d:f1:f3: 05:75:23:15:2f:cc:6a:51:df:ba:28:ce:a5:d2:9d: 40:6e:55:c1:01:0e:82:11:ae:27:df:ab:dc:c8:c4: 4b:ee:f4:e7:de:dd:b6:fc:1a:65:90:09:60:cb:6b: a5:5b:bb:53:13:9a:97:7a:25:bb:a1:84:aa:73:79: 4f:f9:bc:89:17:90:b5:81:24:dd:c1:36:17:a7:fa: 83:13:fd:bd:c5:47:bb:ec:f3:88:ff:ff:51:a8:76: d3:34:ec:6c:3d:ce:c4:ca:3a:9e:cc:c2:9c:86:b2: fb:57:b8:25:94:c9:f8:47:a3:7a:a9:dc:09:4e:54: 85:f3:b1:17:fa:01:e5:b4:5a:4a:5f:16:ae:1d:23: 4b:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:61:08:8C:A4:94:A9:A0:48:23:21:CB:E1:73:5E:92:4D:C1:A9:BD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e416e754-5d9f-4eae-8938-0af1310f45b2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:a800::/40 Signature Algorithm: sha256WithRSAEncryption 0d:87:af:07:95:7a:6c:cb:b5:78:ae:f5:e0:12:04:f2:02:8a: f7:4b:3c:e3:fa:90:35:1c:f8:3e:81:35:f2:00:88:bf:3e:b8: 1c:e6:77:c7:bd:40:67:b6:40:72:17:bd:2f:a9:d1:dd:13:b6: 2b:98:83:dc:5e:5d:9e:4f:cb:c1:19:af:48:fc:20:ff:01:ea: 32:ec:3f:67:2f:1b:ae:29:ca:b5:f0:76:4e:fc:c7:b6:33:09: 8b:04:cf:c4:ea:1b:1c:4a:81:3b:e0:71:c1:2c:49:dd:41:ca: e6:bc:88:5b:8e:54:34:81:e3:d2:1d:c0:17:0b:5b:f9:03:e1: 40:42:67:b4:6c:f8:78:75:ba:6e:4d:fa:1b:e7:18:6d:3e:ff: 5c:a8:f4:fc:b2:2f:d8:fe:d0:88:e9:89:f2:cb:d7:82:f4:a2: 0c:71:06:37:8e:95:81:58:87:39:50:d9:b4:d0:61:6f:f6:ee: 59:e2:31:ed:eb:42:73:b0:58:bf:d1:d2:31:1a:30:5e:3d:c0: ea:88:21:fc:7c:59:18:f8:f9:96:f3:f7:46:d9:5b:7f:88:29: f7:2c:d2:8a:19:29:9d:a8:d8:30:10:52:20:eb:c8:78:6a:5d: d7:ff:53:0c:71:14:af:cf:5c:c4:35:a0:97:44:57:e9:e9:0a: 6e:e6:0f:25 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUMvOouSvwTszy8JTjT87W7ZrW738wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwODAwMjA1N1oX DTI1MTIxMzIzNTk1OVowejFJMEcGA1UEBRNAYjU3YmQwMzNkYzU1MzA4NDdkZGFm OWFmNGZkODBlNDRiMDkwMTA4MDZiYjAxOTBlOTcwMTdiM2JhNTQ4NmRhZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/FpAYkxLvvHZiMHJJp1wWqL8ZOK H9rpNx91ryTxn/sOBhK9BQ4ayfEaEQ/H/IhKLt45NXddfshWW6HQBgQnRg4W11qM MQ90ZIZMBbcwtTMeEtqnd7cJndJedS61TNDHHdWJ9pg6WR1neFGdfr9v7K18z5SN 8fMFdSMVL8xqUd+6KM6l0p1AblXBAQ6CEa4n36vcyMRL7vTn3t22/BplkAlgy2ul W7tTE5qXeiW7oYSqc3lP+byJF5C1gSTdwTYXp/qDE/29xUe77POI//9RqHbTNOxs Pc7EyjqezMKchrL7V7gllMn4R6N6qdwJTlSF87EX+gHltFpKXxauHSNL4wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCVhCIyklKmgSCMhy+FzXpJNwam9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2U0MTZlNzU0LTVkOWYtNGVhZS04OTM4LTBhZjEzMTBmNDViMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/qgwDQYJKoZIhvcNAQELBQADggEBAA2HrweVemzLtXiu9eAS BPICivdLPOP6kDUc+D6BNfIAiL8+uBzmd8e9QGe2QHIXvS+p0d0TtiuYg9xeXZ5P y8EZr0j8IP8B6jLsP2cvG64pyrXwdk78x7YzCYsEz8TqGxxKgTvgccEsSd1Byua8 iFuOVDSB49IdwBcLW/kD4UBCZ7Rs+Hh1um5N+hvnGG0+/1yo9PyyL9j+0IjpifLL 14L0ogxxBjeOlYFYhzlQ2bTQYW/27lniMe3rQnOwWL/R0jEaMF49wOqIIfx8WRj4 +Zbz90bZW3+IKfcs0ooZKZ2o2DAQUiDryHhqXdf/UwxxFK/PXMQ1oJdEV+npCm7m DyU= -----END CERTIFICATE-----Generated at Tue Nov 18 10:40:07 2025 by rpki-client