$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e9cef150-9fbc-4bd4-ba7c-48636358bea6.roa File: e9cef150-9fbc-4bd4-ba7c-48636358bea6.roa (raw, json) Hash identifier: iXSp0Wm2W0Z0rnJqJUTFTBv82rWjOrFfzulZ2WgRZXA= Subject key identifier: 4E:53:69:19:9E:71:D2:0F:4A:81:80:DE:27:8B:1C:58:D0:22:3C:53 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6E4A185E831305A76A8F6D01373E046F300BFBDD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e9cef150-9fbc-4bd4-ba7c-48636358bea6.roa Signing time: Sun 09 Nov 2025 00:41:17 +0000 ROA not before: Sun 09 Nov 2025 00:41:17 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:c800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:4a:18:5e:83:13:05:a7:6a:8f:6d:01:37:3e:04:6f:30:0b:fb:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:41:17 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=32d4661499e27fdf9967657d7b92f992197b479170df2306a1aaba638e050f30, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:09:eb:6a:24:5e:2d:60:44:82:7e:b6:fd:97: c0:54:ac:d9:dc:6c:9c:7f:dd:4c:4d:8f:63:ff:bb: fb:25:cc:e0:e5:4d:96:74:98:79:a8:84:f9:61:8b: d6:44:9a:1b:df:01:29:fe:69:ad:bb:6b:d1:50:08: 22:a0:2c:0a:f9:7b:8e:c3:8b:40:94:de:1f:47:c9: 43:c6:f9:d9:b9:da:d7:26:6c:cf:1e:91:b4:1e:c9: ac:6a:ec:40:b9:da:78:99:6b:8f:cd:11:00:ae:d1: a5:08:aa:c8:93:af:26:26:8a:e4:97:af:6b:ef:4b: 98:6f:47:91:b1:64:7c:08:72:23:64:02:8b:d3:2c: 6c:b2:ca:46:c2:0c:52:ef:f4:23:69:97:ab:21:05: 6a:db:b2:67:f1:88:d5:e7:a9:ed:ec:8b:dc:40:a0: 19:ec:25:9c:4c:13:3b:bb:bd:21:69:60:c7:08:92: 21:b3:c4:70:c4:cc:04:a6:61:81:5f:7c:78:55:58: 37:97:47:cb:95:65:33:90:db:7f:0b:d9:24:8c:5d: 80:d4:79:3c:66:23:0a:7c:13:99:62:e7:94:c2:53: 8e:d3:6f:94:ba:6c:b2:37:dd:be:a4:ed:82:83:3c: 73:d6:84:49:35:78:f2:c5:d5:31:5a:d3:08:76:e3: 6a:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:53:69:19:9E:71:D2:0F:4A:81:80:DE:27:8B:1C:58:D0:22:3C:53 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e9cef150-9fbc-4bd4-ba7c-48636358bea6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:c800::/40 Signature Algorithm: sha256WithRSAEncryption 4b:fa:4e:2a:ba:d9:a2:65:b9:3b:d2:9f:62:05:d2:dd:3b:33: e4:6c:29:51:a8:b9:63:e9:25:69:2d:a6:e0:c1:1c:42:11:f3: 23:aa:fa:9f:30:18:d6:1b:cb:2b:e7:3f:52:a8:f5:8d:ab:e7: a4:35:fb:e3:a9:6e:e2:d4:fc:64:d2:a2:d8:cd:cf:9d:bf:bb: 44:fc:c6:7d:f0:54:96:69:77:cc:8c:6a:cf:d1:c7:dc:9a:a9: b9:fa:76:31:fe:71:69:91:fa:5c:2e:7f:48:5d:fa:4c:5c:a8: 77:c5:b1:c5:c3:d3:92:c8:a8:58:ca:e6:17:d5:90:02:b1:02: ac:f1:87:62:54:12:77:0f:43:40:89:86:71:42:c5:b7:8a:7f: 61:9d:aa:ce:35:c6:0f:09:2c:70:dc:2a:10:60:5c:02:a2:03: 78:b8:88:0d:ef:aa:3c:e0:f4:87:e5:28:2d:ef:33:11:aa:a0: 6b:cc:ad:3e:19:e5:cd:38:fd:6a:b1:8c:62:2c:78:f2:8c:1a: 83:c6:f9:56:e4:eb:39:54:5e:2a:a2:ff:33:81:9d:52:27:c1: a2:cf:7b:29:7a:71:67:a3:7a:8a:a0:5c:91:20:50:dd:d4:0e: 58:4c:b9:d4:73:ac:13:7b:a8:00:54:c8:92:7c:b6:7b:00:cd: 88:66:39:c9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbkoYXoMTBadqj20BNz4EbzAL+90wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwNDExN1oX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAMzJkNDY2MTQ5OWUyN2ZkZjk5Njc2 NTdkN2I5MmY5OTIxOTdiNDc5MTcwZGYyMzA2YTFhYWJhNjM4ZTA1MGYzMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgnraiReLWBEgn62/ZfAVKzZ3Gyc f91MTY9j/7v7Jczg5U2WdJh5qIT5YYvWRJob3wEp/mmtu2vRUAgioCwK+XuOw4tA lN4fR8lDxvnZudrXJmzPHpG0HsmsauxAudp4mWuPzREArtGlCKrIk68mJorkl69r 70uYb0eRsWR8CHIjZAKL0yxssspGwgxS7/QjaZerIQVq27Jn8YjV56nt7IvcQKAZ 7CWcTBM7u70haWDHCJIhs8RwxMwEpmGBX3x4VVg3l0fLlWUzkNt/C9kkjF2A1Hk8 ZiMKfBOZYueUwlOO02+UumyyN92+pO2Cgzxz1oRJNXjyxdUxWtMIduNqCwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFE5TaRmecdIPSoGA3ieLHFjQIjxTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2U5Y2VmMTUwLTlmYmMtNGJkNC1iYTdjLTQ4NjM2MzU4YmVhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8cgwDQYJKoZIhvcNAQELBQADggEBAEv6Tiq62aJluTvSn2IF 0t07M+RsKVGouWPpJWktpuDBHEIR8yOq+p8wGNYbyyvnP1Ko9Y2r56Q1++OpbuLU /GTSotjNz52/u0T8xn3wVJZpd8yMas/Rx9yaqbn6djH+cWmR+lwuf0hd+kxcqHfF scXD05LIqFjK5hfVkAKxAqzxh2JUEncPQ0CJhnFCxbeKf2Gdqs41xg8JLHDcKhBg XAKiA3i4iA3vqjzg9IflKC3vMxGqoGvMrT4Z5c04/WqxjGIsePKMGoPG+Vbk6zlU Xiqi/zOBnVInwaLPeyl6cWejeoqgXJEgUN3UDlhMudRzrBN7qABUyJJ8tnsAzYhm Ock= -----END CERTIFICATE-----Generated at Tue Nov 18 08:23:54 2025 by rpki-client