$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f37abb36-5149-4944-8faa-1e2f0ea2950e.roa File: f37abb36-5149-4944-8faa-1e2f0ea2950e.roa (raw, json) Hash identifier: 56UfqbdpGUViT55FbT+G12h1gtVRxKPrZnEm0QQmmVY= Subject key identifier: 8F:1D:67:26:2A:88:C1:FD:87:4F:B6:9F:1B:81:92:34:DB:10:32:A4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1C8856B8C6FFE1B9E454C9DDB5ACBCD51978D2DD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f37abb36-5149-4944-8faa-1e2f0ea2950e.roa Signing time: Sat 08 Nov 2025 00:00:44 +0000 ROA not before: Sat 08 Nov 2025 00:00:44 +0000 ROA not after: Sat 13 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:c800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:88:56:b8:c6:ff:e1:b9:e4:54:c9:dd:b5:ac:bc:d5:19:78:d2:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 8 00:00:44 2025 GMT Not After : Dec 13 23:59:59 2025 GMT Subject: serialNumber=6cf8f060aabecce8ebf0dbeb8808d801ed90082d03c55eb0c3cddc60f5e7ee85, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:7f:b4:6b:2f:38:6b:6b:53:6b:09:57:98:0a: da:ce:b0:ec:44:8f:bd:fd:b0:d9:be:54:f8:ad:fb: 26:ef:76:33:e8:17:1e:eb:b4:f3:55:3c:60:36:8a: f3:73:74:4a:86:37:67:12:84:3c:7e:f4:0c:1e:8c: 8e:c7:05:f5:45:58:87:78:77:54:27:d8:a8:db:8c: 23:35:dc:60:36:25:1c:97:1c:02:b5:9a:0f:5b:46: ec:82:30:47:a0:ff:d3:b2:0e:3c:5c:48:74:9e:98: 0a:b6:81:ec:5e:6f:3b:42:85:77:79:bf:49:91:b5: 39:c8:ae:fd:ef:97:4f:57:6c:c8:b3:86:fe:0c:44: 5d:01:9e:05:2f:f3:8d:08:8e:2a:f2:75:dc:c7:4d: 78:36:e4:8f:a7:d9:54:ed:ec:e5:3d:90:8a:6b:df: 73:f1:ae:b7:9d:ed:0c:0a:cf:ef:1b:f4:1a:bb:34: 23:4c:d1:98:97:88:e7:5f:7c:a5:fc:aa:64:97:46: 77:95:cd:85:7a:7b:06:16:96:2d:ed:e9:70:a0:f4: 94:5a:3f:57:83:00:ee:42:58:3f:a4:e2:eb:be:c8: 93:21:5c:3c:3b:d1:f0:75:d5:65:a9:f2:bc:52:a8: ad:9c:8c:65:ea:6a:b1:f4:9c:a0:0e:09:a8:f7:04: 2e:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:1D:67:26:2A:88:C1:FD:87:4F:B6:9F:1B:81:92:34:DB:10:32:A4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f37abb36-5149-4944-8faa-1e2f0ea2950e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:c800::/40 Signature Algorithm: sha256WithRSAEncryption 16:1e:ef:60:2b:1d:77:fb:4d:41:8e:de:d1:c5:40:bc:4e:f9: 5b:fb:9f:af:43:48:c6:ba:ce:66:1d:55:3a:74:7c:f5:ec:a8: a5:33:1d:0e:28:56:25:97:41:52:b5:fb:c4:ee:6c:e7:e5:ff: 82:14:0d:0c:a4:f5:17:48:45:83:45:35:d4:54:a8:6e:cf:51: 31:8d:ac:7c:6a:94:c0:18:81:cf:a4:3c:f0:1a:02:8d:a0:5b: ae:f0:b0:b2:88:c9:87:95:5d:5c:32:37:2c:e2:bf:47:a8:06: 89:f6:f8:d3:9e:44:26:8b:61:54:95:61:80:c0:39:4b:c2:89: 25:0f:fe:43:60:bb:34:bf:f9:f1:85:08:ca:48:c0:2e:77:ef: 64:f4:11:a1:44:10:05:46:fb:ff:04:ea:ff:5d:37:01:5d:ad: 47:1b:ea:54:1c:cf:1e:36:b8:6f:4a:ab:58:c2:40:4c:53:54: ef:bb:6d:ce:05:1e:46:a1:18:7d:a8:af:af:bf:30:66:6a:a5: 5b:2e:10:30:82:fb:bd:5c:2c:b5:4b:57:c6:8c:7e:de:33:13: 2f:3f:f7:cc:ea:c9:ce:00:73:da:2e:c5:4f:d2:36:dd:a1:9e: 36:2a:4e:00:c2:43:ad:00:19:65:6b:ac:a0:79:cf:47:75:5c: 27:e1:64:57 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUHIhWuMb/4bnkVMndtay81Rl40t0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwODAwMDA0NFoX DTI1MTIxMzIzNTk1OVowejFJMEcGA1UEBRNANmNmOGYwNjBhYWJlY2NlOGViZjBk YmViODgwOGQ4MDFlZDkwMDgyZDAzYzU1ZWIwYzNjZGRjNjBmNWU3ZWU4NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsX+0ay84a2tTawlXmArazrDsRI+9 /bDZvlT4rfsm73Yz6Bce67TzVTxgNorzc3RKhjdnEoQ8fvQMHoyOxwX1RViHeHdU J9io24wjNdxgNiUclxwCtZoPW0bsgjBHoP/Tsg48XEh0npgKtoHsXm87QoV3eb9J kbU5yK7975dPV2zIs4b+DERdAZ4FL/ONCI4q8nXcx014NuSPp9lU7ezlPZCKa99z 8a63ne0MCs/vG/QauzQjTNGYl4jnX3yl/Kpkl0Z3lc2FensGFpYt7elwoPSUWj9X gwDuQlg/pOLrvsiTIVw8O9HwddVlqfK8UqitnIxl6mqx9JygDgmo9wQuDwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFI8dZyYqiMH9h0+2nxuBkjTbEDKkMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YzN2FiYjM2LTUxNDktNDk0NC04ZmFhLTFlMmYwZWEyOTUwZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYcgwDQYJKoZIhvcNAQELBQADggEBABYe72ArHXf7TUGO3tHF QLxO+Vv7n69DSMa6zmYdVTp0fPXsqKUzHQ4oViWXQVK1+8TubOfl/4IUDQyk9RdI RYNFNdRUqG7PUTGNrHxqlMAYgc+kPPAaAo2gW67wsLKIyYeVXVwyNyziv0eoBon2 +NOeRCaLYVSVYYDAOUvCiSUP/kNguzS/+fGFCMpIwC5372T0EaFEEAVG+/8E6v9d NwFdrUcb6lQczx42uG9Kq1jCQExTVO+7bc4FHkahGH2or6+/MGZqpVsuEDCC+71c LLVLV8aMft4zEy8/98zqyc4Ac9ouxU/SNt2hnjYqTgDCQ60AGWVrrKB5z0d1XCfh ZFc= -----END CERTIFICATE-----Generated at Tue Nov 18 08:23:54 2025 by rpki-client