$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f68129ac-b29d-42ca-8a07-31e4f470e1e4.roa File: f68129ac-b29d-42ca-8a07-31e4f470e1e4.roa (raw, json) Hash identifier: 8qLqSiMNu2HiRQimlNt+WxQVLTZa9PA1pUFUv4i3PTE= Subject key identifier: DB:BA:F5:2F:6B:27:6E:27:E9:64:9C:AE:F8:A9:74:07:C6:4D:7A:74 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 32AEE7E300DBDEC31AA5E7922AF5C96C21BAE87F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f68129ac-b29d-42ca-8a07-31e4f470e1e4.roa Signing time: Sun 09 Nov 2025 01:00:08 +0000 ROA not before: Sun 09 Nov 2025 01:00:08 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:ae:e7:e3:00:db:de:c3:1a:a5:e7:92:2a:f5:c9:6c:21:ba:e8:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 01:00:08 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=ae9c2500c77348112b6caf5e0629cff122b451f3fe9f85bbd297b44a5a29b660, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:ff:d9:e4:7e:d9:f3:a6:3b:bb:51:60:d3:8a: 0e:f7:bc:93:5c:88:95:36:35:b1:ee:bd:18:fa:7c: 83:12:83:31:fe:27:73:1f:fd:f1:6d:f3:55:41:c0: 49:d8:db:e2:08:8d:64:91:d7:38:9c:49:bb:d3:40: 9f:6f:0c:57:73:b3:b8:61:ae:7e:9c:e4:d2:7e:f8: b5:5c:48:bc:62:ba:bc:bb:a3:87:7a:87:13:f9:58: fd:7c:22:79:0a:0d:ea:b6:29:4c:70:50:90:d6:4c: f9:ed:cf:77:bf:5a:37:29:70:6c:61:e4:ba:a4:19: a8:56:21:ee:d5:94:21:66:44:58:48:b6:82:42:49: f6:3e:21:b5:39:28:ed:18:96:16:48:c6:8b:8c:08: 97:16:57:da:1b:40:88:4e:3f:5d:1f:f5:57:e1:fa: 99:08:7f:ef:ba:a3:9e:6d:02:ba:cd:e6:5c:22:63: 3b:75:7b:5d:0f:fe:44:2e:39:f6:25:de:4a:95:6a: 17:66:58:ef:12:b8:9b:92:3e:2a:e5:ee:9d:2c:b8: 59:0e:3a:ec:26:fa:15:3c:2a:3b:6d:6e:66:23:22: 0f:d9:d8:19:1b:12:82:2a:c4:79:a1:2d:5c:71:b5: ad:3c:b7:20:b3:63:b1:a5:65:39:82:69:dd:42:9a: e6:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:BA:F5:2F:6B:27:6E:27:E9:64:9C:AE:F8:A9:74:07:C6:4D:7A:74 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f68129ac-b29d-42ca-8a07-31e4f470e1e4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc::/32 Signature Algorithm: sha256WithRSAEncryption 3c:db:f1:45:dc:fc:f4:e2:c5:64:2f:ec:99:2c:0f:ca:f6:eb: ec:ee:35:42:a3:40:f7:1e:7e:21:02:d2:18:d1:02:1b:c6:54: d3:65:d7:e5:74:bd:92:2a:28:d8:aa:72:80:70:98:71:b5:24: 9f:2a:fe:1b:68:96:86:b6:9b:8d:1c:17:63:ed:07:2c:2c:08: 06:1b:c1:2b:95:ae:fa:e6:51:3a:ec:9d:96:36:88:80:ba:29: 18:86:cb:03:cf:1b:ac:16:04:77:fd:5c:2c:47:83:87:27:46: 0e:bb:cf:0f:27:54:ec:cf:bb:1b:29:c5:61:55:6f:6b:54:bc: 43:27:2d:ca:8a:b6:bf:1a:50:1c:fd:6c:9f:3d:fb:ea:36:30: e4:9f:ba:6e:38:57:d2:b1:11:4c:f4:32:9a:f8:49:8f:e1:ce: 16:78:6e:44:be:24:65:0c:25:18:f0:38:ee:6f:d2:57:30:ae: c0:8b:85:4a:db:7e:85:33:c0:70:27:5e:38:16:ab:7a:f2:1e: 16:55:84:fd:95:25:3f:d2:5f:cb:cb:c9:4b:f7:84:9f:ed:a8: c6:fc:1f:d1:36:26:ac:49:0d:78:c9:b7:f7:8f:0c:f9:f9:96: ab:4f:25:e6:25:cf:6c:ca:f0:97:29:75:60:df:38:ab:37:84: 07:70:7b:51 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUMq7n4wDb3sMapeeSKvXJbCG66H8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAxMDAwOFoX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAYWU5YzI1MDBjNzczNDgxMTJiNmNh ZjVlMDYyOWNmZjEyMmI0NTFmM2ZlOWY4NWJiZDI5N2I0NGE1YTI5YjY2MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2P/Z5H7Z86Y7u1Fg04oO97yTXIiV NjWx7r0Y+nyDEoMx/idzH/3xbfNVQcBJ2NviCI1kkdc4nEm700CfbwxXc7O4Ya5+ nOTSfvi1XEi8Yrq8u6OHeocT+Vj9fCJ5Cg3qtilMcFCQ1kz57c93v1o3KXBsYeS6 pBmoViHu1ZQhZkRYSLaCQkn2PiG1OSjtGJYWSMaLjAiXFlfaG0CITj9dH/VX4fqZ CH/vuqOebQK6zeZcImM7dXtdD/5ELjn2Jd5KlWoXZljvEribkj4q5e6dLLhZDjrs JvoVPCo7bW5mIyIP2dgZGxKCKsR5oS1ccbWtPLcgs2OxpWU5gmndQprmSwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFNu69S9rJ24n6WScrvipdAfGTXp0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y2ODEyOWFjLWIyOWQtNDJjYS04YTA3LTMxZTRmNDcwZTFlNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAba/DANBgkqhkiG9w0BAQsFAAOCAQEAPNvxRdz89OLFZC/smSwP yvbr7O41QqNA9x5+IQLSGNECG8ZU02XX5XS9kioo2KpygHCYcbUknyr+G2iWhrab jRwXY+0HLCwIBhvBK5Wu+uZROuydljaIgLopGIbLA88brBYEd/1cLEeDhydGDrvP DydU7M+7GynFYVVva1S8Qyctyoq2vxpQHP1snz376jYw5J+6bjhX0rERTPQymvhJ j+HOFnhuRL4kZQwlGPA47m/SVzCuwIuFStt+hTPAcCdeOBarevIeFlWE/ZUlP9Jf y8vJS/eEn+2oxvwf0TYmrEkNeMm3948M+fmWq08l5iXPbMrwlyl1YN84qzeEB3B7 UQ== -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:16 2025 by rpki-client