$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e762903c-ed87-4cd6-af8f-90ac5c482df2.roa File: e762903c-ed87-4cd6-af8f-90ac5c482df2.roa (raw, json) Hash identifier: dA2ct8bGSTFwX71PgzxRXwL9Ks+vTSz5oW+uQHTUb+Q= Subject key identifier: 74:5F:99:27:90:AB:1E:AB:E4:15:91:5E:7A:39:A0:CB:18:BC:8F:A5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 548E23C4D5CD9CBD2274E45776884A98DC8D399B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e762903c-ed87-4cd6-af8f-90ac5c482df2.roa Signing time: Fri 07 Nov 2025 00:41:00 +0000 ROA not before: Fri 07 Nov 2025 00:41:00 +0000 ROA not after: Fri 12 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:8e:23:c4:d5:cd:9c:bd:22:74:e4:57:76:88:4a:98:dc:8d:39:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 7 00:41:00 2025 GMT Not After : Dec 12 23:59:59 2025 GMT Subject: serialNumber=d7fc01288fe6e5c5142dab71a4103179460037c22325d8c17e3ced09d7c6aa4d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:65:0e:60:2f:72:42:62:52:5b:89:b9:97:ef: 27:d5:23:3f:cc:95:34:34:42:1d:49:4e:55:8f:8a: 37:20:7e:c5:14:0c:e8:b1:bb:66:d2:6e:d1:6f:44: 4b:ed:a8:39:5d:6b:8b:9a:49:7d:ec:c1:fe:cf:4f: 15:c3:30:a6:e0:98:14:47:1a:93:0b:92:1c:c1:30: 55:ff:ed:af:29:47:ec:46:c3:21:ba:ae:a1:fc:90: 57:0b:85:d9:53:45:92:68:ce:ba:29:1a:89:c7:a2: af:2f:51:a0:c6:7e:bb:5f:79:c5:97:7d:65:67:7a: c3:16:9d:f7:5f:f2:ed:2e:b5:65:9a:32:6a:f0:b4: f2:5e:ab:f7:6f:8c:88:f1:cc:7b:86:55:ee:a0:4c: c9:0c:d5:91:cc:44:81:70:0f:0a:d6:21:de:b0:38: b2:ba:39:56:5a:e7:1e:c4:9a:3b:94:47:f6:90:e6: 05:bc:56:b4:5e:80:a1:2a:70:99:7f:8b:ef:b9:b3: dd:68:09:3e:32:ec:b7:84:ff:a7:15:cc:96:f7:23: 63:fd:02:c1:96:cc:e9:0b:7e:af:74:7c:d1:0b:3e: d6:4f:84:40:2b:b1:04:93:e7:6d:5c:20:15:99:ce: 39:a3:b3:84:d4:fb:20:28:29:2c:97:e6:30:17:5f: c5:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:5F:99:27:90:AB:1E:AB:E4:15:91:5E:7A:39:A0:CB:18:BC:8F:A5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e762903c-ed87-4cd6-af8f-90ac5c482df2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:8c0::/48 Signature Algorithm: sha256WithRSAEncryption 0e:da:4c:8f:c3:df:b3:b4:62:42:db:2d:ba:52:70:d9:52:8c: 8e:7b:cf:50:07:80:de:27:9c:90:48:b5:82:b9:e9:3c:86:1d: aa:d0:dc:04:62:df:85:c4:49:5a:5c:cf:26:3c:c8:be:6f:fc: 4f:44:2f:31:66:8a:eb:e7:52:93:ef:22:20:d9:e6:56:95:4f: 48:76:ca:5d:04:cd:98:27:6f:09:56:81:4d:4b:6a:5a:77:93: 38:00:6c:8a:d7:72:25:f7:ab:66:9d:73:86:00:42:e2:22:f7: 6e:a8:66:d6:56:c5:c3:d9:96:2e:74:6b:fa:93:28:73:ed:d7: ee:d4:fb:3e:89:03:fe:bf:91:88:e5:97:41:31:c4:ac:ba:fe: 5c:69:4f:f6:5a:8e:e9:80:c1:03:00:19:f6:c8:6b:d8:88:67: 52:5e:25:14:c0:26:d5:12:5d:d9:39:02:09:06:d1:a7:fe:06: 50:8b:ac:fb:3c:24:a7:13:c8:73:d2:a1:7b:ac:31:47:04:d3: 71:42:23:08:05:69:2b:3e:32:6d:b6:9a:e7:ed:68:40:9b:cb: 0e:41:82:39:68:9d:0d:3b:8e:c8:c3:40:66:0c:d4:43:36:fe: 33:be:89:71:f1:8d:20:41:a3:4b:82:dd:22:e3:92:13:50:a0: 16:a2:13:a4 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUVI4jxNXNnL0idORXdohKmNyNOZswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNzAwNDEwMFoX DTI1MTIxMjIzNTk1OVowejFJMEcGA1UEBRNAZDdmYzAxMjg4ZmU2ZTVjNTE0MmRh YjcxYTQxMDMxNzk0NjAwMzdjMjIzMjVkOGMxN2UzY2VkMDlkN2M2YWE0ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGUOYC9yQmJSW4m5l+8n1SM/zJU0 NEIdSU5Vj4o3IH7FFAzosbtm0m7Rb0RL7ag5XWuLmkl97MH+z08VwzCm4JgURxqT C5IcwTBV/+2vKUfsRsMhuq6h/JBXC4XZU0WSaM66KRqJx6KvL1Ggxn67X3nFl31l Z3rDFp33X/LtLrVlmjJq8LTyXqv3b4yI8cx7hlXuoEzJDNWRzESBcA8K1iHesDiy ujlWWucexJo7lEf2kOYFvFa0XoChKnCZf4vvubPdaAk+Muy3hP+nFcyW9yNj/QLB lszpC36vdHzRCz7WT4RAK7EEk+dtXCAVmc45o7OE1PsgKCksl+YwF1/FVQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHRfmSeQqx6r5BWRXno5oMsYvI+lMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2U3NjI5MDNjLWVkODctNGNkNi1hZjhmLTkwYWM1YzQ4MmRmMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAAjAMA0GCSqGSIb3DQEBCwUAA4IBAQAO2kyPw9+ztGJC2y26 UnDZUoyOe89QB4DeJ5yQSLWCuek8hh2q0NwEYt+FxElaXM8mPMi+b/xPRC8xZorr 51KT7yIg2eZWlU9IdspdBM2YJ28JVoFNS2pad5M4AGyK13Il96tmnXOGAELiIvdu qGbWVsXD2ZYudGv6kyhz7dfu1Ps+iQP+v5GI5ZdBMcSsuv5caU/2Wo7pgMEDABn2 yGvYiGdSXiUUwCbVEl3ZOQIJBtGn/gZQi6z7PCSnE8hz0qF7rDFHBNNxQiMIBWkr PjJttprn7WhAm8sOQYI5aJ0NO47Iw0BmDNRDNv4zvolx8Y0gQaNLgt0i45ITUKAW ohOk -----END CERTIFICATE-----Generated at Tue Nov 18 10:40:13 2025 by rpki-client