$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ed8cbeea-f5a0-4383-87d7-de8febe599cd.roa File: ed8cbeea-f5a0-4383-87d7-de8febe599cd.roa (raw, json) Hash identifier: hXYignnr69FNdwRq7WexcOPr1/uP3DVxUwnCfQ+hofM= Subject key identifier: 2E:CB:3C:A2:73:C2:6E:0C:15:C6:3B:7A:89:C7:14:BD:AD:97:59:58 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 44D51A34CEAFF15E96197354556710ECBF001213 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ed8cbeea-f5a0-4383-87d7-de8febe599cd.roa Signing time: Fri 07 Nov 2025 00:50:04 +0000 ROA not before: Fri 07 Nov 2025 00:50:04 +0000 ROA not after: Fri 12 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:4080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:d5:1a:34:ce:af:f1:5e:96:19:73:54:55:67:10:ec:bf:00:12:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 7 00:50:04 2025 GMT Not After : Dec 12 23:59:59 2025 GMT Subject: serialNumber=8be0dd277bfc8ccfb16fa246d8d7fdc45645e32e07a1b46e75a9798cd611390a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:70:57:71:b7:d6:a8:43:2a:57:95:db:e4:49: b3:dd:40:cb:e9:cc:99:a4:b5:51:d5:59:ea:e0:91: 3f:1a:b5:ea:fa:2c:65:b9:45:a1:63:7a:04:b4:91: 41:6b:8d:b7:d3:93:97:d4:41:14:0c:50:92:a5:cc: 5c:81:45:c8:a1:57:d1:2b:18:07:d5:ff:01:1a:2e: d1:28:89:92:52:60:ea:d8:a7:a2:e0:9d:bc:5c:87: a9:9f:54:b4:84:03:6a:d1:51:d3:0e:9f:d4:e4:0c: f3:64:1c:57:57:2f:c1:95:fa:77:9c:18:24:b7:d1: 95:b9:50:d8:9a:07:54:79:65:b9:22:e1:95:d4:39: a4:0a:d1:06:18:35:7d:34:85:ce:f0:97:ff:57:b2: 05:5a:14:00:95:da:4c:3b:f9:06:e0:c6:13:1e:dc: 02:83:7c:5e:a7:76:ec:dd:9e:f0:63:82:38:61:5f: 9d:9a:3f:a8:1f:6e:d0:77:b0:a0:87:c5:c8:03:84: c1:b5:2c:78:87:2c:08:3c:27:86:4c:ec:4c:fd:a1: a5:9e:73:48:e4:21:f6:25:b1:40:4a:2c:98:b8:3e: 87:74:3f:2e:64:59:c9:01:a5:5a:68:a0:9a:65:cf: 92:b8:19:2d:08:a0:5a:59:85:92:a3:6f:de:ee:d8: 25:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:CB:3C:A2:73:C2:6E:0C:15:C6:3B:7A:89:C7:14:BD:AD:97:59:58 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ed8cbeea-f5a0-4383-87d7-de8febe599cd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:4080::/48 Signature Algorithm: sha256WithRSAEncryption bd:47:26:03:08:c0:9a:41:d5:a3:0c:47:ae:53:12:2e:09:00: 2d:c2:3d:31:84:16:62:45:f9:21:e3:30:19:76:f6:40:31:d5: 61:04:9c:bc:6f:8b:c2:a9:8a:4e:ed:8c:40:ec:d9:b0:65:fb: 21:cd:9e:ae:7e:1b:8f:14:52:62:f7:27:a3:ac:3a:89:6d:1f: f6:5a:6c:f5:ef:05:8b:a6:c5:26:43:8a:fd:a9:39:b8:27:3f: e6:ef:58:d7:a3:8a:07:ec:f0:2e:ab:99:a8:f8:f4:5e:4a:38: 63:62:b4:3a:83:1f:d7:a7:22:8e:c8:e5:3e:74:98:89:d8:01: 44:23:3f:b1:c1:ee:8b:f5:2b:3c:02:45:db:fb:27:6c:e6:6f: 86:a8:6d:12:6b:1a:b7:ae:fd:31:d7:67:fa:94:b9:e6:e6:2e: c8:29:f2:89:d6:ea:36:e3:e5:0b:0f:29:fc:e6:ef:f7:e2:7d: 0f:c2:77:52:cc:cf:f9:5e:31:f4:0b:de:90:18:57:ef:fb:fb: a6:34:99:6e:b5:09:2c:05:31:f3:a1:3d:0a:f3:dc:e1:90:8e: ec:2e:69:72:a1:7f:c6:2a:7a:d5:73:d5:97:7f:89:64:98:1d: 46:02:ce:00:21:05:a2:09:b4:09:f9:f5:b1:66:fd:ca:e9:e9: 5e:e3:63:5c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIURNUaNM6v8V6WGXNUVWcQ7L8AEhMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNzAwNTAwNFoX DTI1MTIxMjIzNTk1OVowejFJMEcGA1UEBRNAOGJlMGRkMjc3YmZjOGNjZmIxNmZh MjQ2ZDhkN2ZkYzQ1NjQ1ZTMyZTA3YTFiNDZlNzVhOTc5OGNkNjExMzkwYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXBXcbfWqEMqV5Xb5Emz3UDL6cyZ pLVR1Vnq4JE/GrXq+ixluUWhY3oEtJFBa42305OX1EEUDFCSpcxcgUXIoVfRKxgH 1f8BGi7RKImSUmDq2Kei4J28XIepn1S0hANq0VHTDp/U5AzzZBxXVy/Blfp3nBgk t9GVuVDYmgdUeWW5IuGV1DmkCtEGGDV9NIXO8Jf/V7IFWhQAldpMO/kG4MYTHtwC g3xep3bs3Z7wY4I4YV+dmj+oH27Qd7Cgh8XIA4TBtSx4hywIPCeGTOxM/aGlnnNI 5CH2JbFASiyYuD6HdD8uZFnJAaVaaKCaZc+SuBktCKBaWYWSo2/e7tglgwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFC7LPKJzwm4MFcY7eonHFL2tl1lYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VkOGNiZWVhLWY1YTAtNDM4My04N2Q3LWRlOGZlYmU1OTljZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOECAMA0GCSqGSIb3DQEBCwUAA4IBAQC9RyYDCMCaQdWjDEeu UxIuCQAtwj0xhBZiRfkh4zAZdvZAMdVhBJy8b4vCqYpO7YxA7NmwZfshzZ6ufhuP FFJi9yejrDqJbR/2Wmz17wWLpsUmQ4r9qTm4Jz/m71jXo4oH7PAuq5mo+PReSjhj YrQ6gx/XpyKOyOU+dJiJ2AFEIz+xwe6L9Ss8AkXb+yds5m+GqG0Saxq3rv0x12f6 lLnm5i7IKfKJ1uo24+ULDyn85u/34n0PwndSzM/5XjH0C96QGFfv+/umNJlutQks BTHzoT0K89zhkI7sLmlyoX/GKnrVc9WXf4lkmB1GAs4AIQWiCbQJ+fWxZv3K6ele 42Nc -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:41 2025 by rpki-client