$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fef42740-1a47-414a-a917-5efdd54829dd.roa File: fef42740-1a47-414a-a917-5efdd54829dd.roa (raw, json) Hash identifier: Oa205RNf5BrykX3lmkrY6weIEYFF0lygzVTX9/tZiT4= Subject key identifier: B2:2A:03:A6:AA:EE:A5:25:72:8A:CB:EC:90:AE:27:17:15:62:C3:23 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 169A10065D78AA6C2A29588FB3027CB029F9119E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fef42740-1a47-414a-a917-5efdd54829dd.roa Signing time: Thu 13 Nov 2025 00:00:42 +0000 ROA not before: Thu 13 Nov 2025 00:00:42 +0000 ROA not after: Thu 18 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daed:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:9a:10:06:5d:78:aa:6c:2a:29:58:8f:b3:02:7c:b0:29:f9:11:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 13 00:00:42 2025 GMT Not After : Dec 18 23:59:59 2025 GMT Subject: serialNumber=65faa67233ad07caac0863492522f6412a6f7c9ea7a30f1b7331fbb8a8ba3cb3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:13:98:66:69:e7:11:0d:94:bb:5c:8a:7d:7e: 44:69:1d:a5:d6:a8:82:34:36:57:89:0c:e6:a8:9a: ae:9f:2d:a0:bd:d0:d2:9b:ba:1e:84:4f:13:f9:c7: 4a:96:6e:58:9b:9b:8a:66:92:e6:a0:23:fe:69:a8: f4:3b:16:23:45:04:f2:cf:60:8b:dc:86:2a:8a:f7: 9f:69:04:46:39:ae:36:df:e9:6f:3a:97:c2:01:88: 89:8e:b0:28:9b:9c:bd:d6:3e:b5:ca:8b:4c:74:ba: 92:91:bf:7f:89:23:66:5a:18:cf:df:88:01:83:3f: 2d:54:77:ea:dc:48:d6:04:fc:c8:f8:0e:bb:d3:55: c9:0d:52:cf:a6:d8:ad:0a:0c:16:fb:be:f5:ec:a1: 92:7c:d0:f4:ff:c3:de:2b:76:fe:fb:42:5b:45:d9: 9f:b3:50:a6:66:67:8f:33:a9:da:eb:3a:bf:66:86: 97:15:90:d4:45:82:8e:8a:9c:2c:0f:da:56:66:07: 27:9d:93:3a:19:ab:2f:bb:97:38:70:a0:ab:1f:3a: d5:fa:a7:83:59:59:a5:34:dd:7d:41:29:82:b5:fb: 8f:60:f0:b9:78:cb:34:47:b4:63:40:1b:7b:db:d1: 40:5f:78:17:3c:0c:75:81:79:33:e4:bf:b8:c2:95: 70:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:2A:03:A6:AA:EE:A5:25:72:8A:CB:EC:90:AE:27:17:15:62:C3:23 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fef42740-1a47-414a-a917-5efdd54829dd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daed:8000::/40 Signature Algorithm: sha256WithRSAEncryption 0f:0e:1b:25:3b:02:70:92:37:68:7c:f6:02:c4:c8:07:08:3a: bf:8f:1c:ed:52:a4:37:1c:20:2c:0e:c0:63:e1:8a:b5:85:7d: 5c:8b:fa:61:c6:4e:55:5a:84:d9:ae:a2:fc:d7:98:16:78:30: 0b:d6:41:22:07:a4:4b:0d:c5:65:1f:91:4c:d8:1a:82:3c:bf: 78:74:b1:8e:bb:1f:94:e9:eb:ef:fe:57:ab:91:5b:30:9a:48: e5:6d:69:da:4d:fc:31:a1:47:c6:3e:a8:d8:42:49:9e:2a:74: 85:b1:a8:b4:d7:d8:83:8f:bc:c8:39:b6:a3:1e:45:de:8f:d2: cf:80:63:ec:ad:66:b1:91:4f:5e:9c:27:4e:aa:b3:5c:34:90: 6c:a3:42:4f:3f:8c:4f:60:32:45:ae:02:22:30:64:91:26:53: cd:b5:19:f9:95:5b:78:e0:15:2f:78:a7:eb:c9:79:be:b7:fd: cb:55:c8:c6:91:3c:94:bd:f5:0b:6f:41:1c:fd:80:d7:01:8e: ec:a1:ab:89:a6:e9:31:1e:75:de:84:2b:0b:a0:66:a5:0b:05: 49:a4:46:2f:e8:1a:79:ac:e0:72:03:43:e5:d8:b3:d2:06:16: f7:eb:9b:a6:1a:a1:60:d8:77:3a:98:62:68:eb:45:fe:18:3a: 6a:ed:0a:cb -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFpoQBl14qmwqKViPswJ8sCn5EZ4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTExMzAwMDA0MloX DTI1MTIxODIzNTk1OVowejFJMEcGA1UEBRNANjVmYWE2NzIzM2FkMDdjYWFjMDg2 MzQ5MjUyMmY2NDEyYTZmN2M5ZWE3YTMwZjFiNzMzMWZiYjhhOGJhM2NiMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxOYZmnnEQ2Uu1yKfX5EaR2l1qiC NDZXiQzmqJquny2gvdDSm7oehE8T+cdKlm5Ym5uKZpLmoCP+aaj0OxYjRQTyz2CL 3IYqivefaQRGOa423+lvOpfCAYiJjrAom5y91j61yotMdLqSkb9/iSNmWhjP34gB gz8tVHfq3EjWBPzI+A6701XJDVLPptitCgwW+7717KGSfND0/8PeK3b++0JbRdmf s1CmZmePM6na6zq/ZoaXFZDURYKOipwsD9pWZgcnnZM6Gasvu5c4cKCrHzrV+qeD WVmlNN19QSmCtfuPYPC5eMs0R7RjQBt729FAX3gXPAx1gXkz5L+4wpVwdwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLIqA6aq7qUlcorL7JCuJxcVYsMjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZlZjQyNzQwLTFhNDctNDE0YS1hOTE3LTVlZmRkNTQ4MjlkZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7YAwDQYJKoZIhvcNAQELBQADggEBAA8OGyU7AnCSN2h89gLE yAcIOr+PHO1SpDccICwOwGPhirWFfVyL+mHGTlVahNmuovzXmBZ4MAvWQSIHpEsN xWUfkUzYGoI8v3h0sY67H5Tp6+/+V6uRWzCaSOVtadpN/DGhR8Y+qNhCSZ4qdIWx qLTX2IOPvMg5tqMeRd6P0s+AY+ytZrGRT16cJ06qs1w0kGyjQk8/jE9gMkWuAiIw ZJEmU821GfmVW3jgFS94p+vJeb63/ctVyMaRPJS99QtvQRz9gNcBjuyhq4mm6TEe dd6EKwugZqULBUmkRi/oGnms4HIDQ+XYs9IGFvfrm6YaoWDYdzqYYmjrRf4YOmrt Css= -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:40 2025 by rpki-client