$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa File: 02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa (raw, json) Hash identifier: 5db9hZa+AoNjhxkQBU85NUzUMtYXDE1BjTStwnii624= Subject key identifier: FD:7D:F6:D4:ED:79:EE:2E:D1:A0:FE:05:20:75:64:0E:C9:4E:F9:48 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 382FB96DB2341FB1AA866971D9D06C8DF385E78B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa Signing time: Sun 09 Nov 2025 00:30:49 +0000 ROA not before: Sun 09 Nov 2025 00:30:49 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Nov 2025 00:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:2f:b9:6d:b2:34:1f:b1:aa:86:69:71:d9:d0:6c:8d:f3:85:e7:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:30:49 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=ae21199370a44f01c61f74a38ffff08687c7a73cb2b131e3911aa616bd7dc689, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:c2:f1:a6:fe:23:6b:e3:51:d0:f6:fa:f1:58: 51:b5:3e:a1:ad:b2:45:63:a6:be:f1:7b:ec:58:27: c1:5f:b8:48:e2:2d:8c:aa:3a:30:16:4b:2e:d3:d2: d1:8f:43:ee:03:5e:3b:5e:e4:a8:9d:5f:a4:2e:69: 05:b2:2f:06:f4:78:07:8a:d9:1f:09:c4:2e:f6:61: e7:08:24:40:8c:34:10:31:b0:b4:e3:c3:2c:a4:bb: 1b:62:0f:71:3f:8e:0b:b3:ce:2b:70:11:e6:c2:9a: 9c:64:78:4a:dc:2c:8a:3f:d7:9f:4c:ae:aa:44:db: 97:c4:7b:8c:25:d9:fe:01:1d:04:03:97:c4:2b:00: 23:57:d0:c1:ce:45:cf:0e:5a:e0:23:b9:e6:2c:ae: 5d:e3:f0:5f:df:66:7f:08:5e:0f:b5:89:c5:58:e4: 58:c7:bc:62:c0:18:0b:a5:14:6c:e6:45:58:5f:27: 5d:89:de:ab:c9:32:1f:8a:cd:35:99:13:17:8c:89: be:0c:02:cb:d4:8b:62:28:95:58:37:c2:11:ef:0d: 8b:81:e5:b7:85:f5:0e:22:ed:64:9e:c5:ea:5c:ae: 7c:6d:65:bd:1a:32:11:54:c8:20:39:7d:39:40:81: ef:56:01:fb:cd:1c:e8:55:0a:96:43:8f:4b:f2:59: 89:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:7D:F6:D4:ED:79:EE:2E:D1:A0:FE:05:20:75:64:0E:C9:4E:F9:48 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/02a51e54-6bb5-43e7-94d0-a8e95771f2a3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:2000::/40 Signature Algorithm: sha256WithRSAEncryption 6a:1c:1b:07:76:3c:6b:75:d8:25:36:0c:e9:51:25:6b:3f:6c: 52:74:f2:66:6f:b2:dd:81:56:3e:3f:89:24:34:02:0f:46:20: c1:ab:5f:9f:5a:11:b8:d8:3c:40:9e:b8:9f:6f:ce:eb:d0:fc: 61:1d:65:98:ca:6b:9b:00:ff:9e:58:ae:1e:e9:2c:4e:ec:84: d2:91:ff:33:65:03:64:ca:ec:72:b8:c4:63:2f:e9:a0:36:23: 50:0d:c4:39:30:ee:76:f4:3c:1f:81:63:88:f6:94:65:9d:fe: 6d:f1:e7:e3:74:61:68:b1:63:c3:25:11:03:d7:63:45:be:a9: a6:3c:4d:ba:56:dd:57:2f:37:6c:6f:86:3b:bd:4e:87:bd:0b: 06:cb:1f:d6:47:8b:2c:86:da:86:b6:1e:fa:58:e4:ec:27:10: cd:57:61:f4:9f:52:2a:30:ad:fe:2f:1c:79:79:1f:be:30:e8: 70:4a:70:e9:86:e0:a5:5b:4c:fb:e1:3b:fa:64:0d:64:61:ae: c4:7d:cc:1f:a5:43:98:f7:50:99:5b:55:fe:6a:29:ba:e1:79: b7:ce:a1:74:3b:7f:91:21:e0:a9:62:e6:f6:b7:2b:e7:35:6a: 6c:e9:e0:6c:0b:8b:e0:9b:5d:25:36:52:d6:fa:f9:94:9a:30: e2:db:01:30 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOC+5bbI0H7Gqhmlx2dBsjfOF54swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwMzA0OVoX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAYWUyMTE5OTM3MGE0NGYwMWM2MWY3 NGEzOGZmZmYwODY4N2M3YTczY2IyYjEzMWUzOTExYWE2MTZiZDdkYzY4OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsLxpv4ja+NR0Pb68VhRtT6hrbJF Y6a+8XvsWCfBX7hI4i2MqjowFksu09LRj0PuA147XuSonV+kLmkFsi8G9HgHitkf CcQu9mHnCCRAjDQQMbC048MspLsbYg9xP44Ls84rcBHmwpqcZHhK3CyKP9efTK6q RNuXxHuMJdn+AR0EA5fEKwAjV9DBzkXPDlrgI7nmLK5d4/Bf32Z/CF4PtYnFWORY x7xiwBgLpRRs5kVYXyddid6ryTIfis01mRMXjIm+DALL1ItiKJVYN8IR7w2LgeW3 hfUOIu1knsXqXK58bWW9GjIRVMggOX05QIHvVgH7zRzoVQqWQ49L8lmJSwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFP199tTtee4u0aD+BSB1ZA7JTvlIMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAyYTUxZTU0LTZiYjUtNDNlNy05NGQwLWE4ZTk1NzcxZjJhMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8SAwDQYJKoZIhvcNAQELBQADggEBAGocGwd2PGt12CU2DOlR JWs/bFJ08mZvst2BVj4/iSQ0Ag9GIMGrX59aEbjYPECeuJ9vzuvQ/GEdZZjKa5sA /55Yrh7pLE7shNKR/zNlA2TK7HK4xGMv6aA2I1ANxDkw7nb0PB+BY4j2lGWd/m3x 5+N0YWixY8MlEQPXY0W+qaY8TbpW3VcvN2xvhju9Toe9CwbLH9ZHiyyG2oa2HvpY 5OwnEM1XYfSfUiowrf4vHHl5H74w6HBKcOmG4KVbTPvhO/pkDWRhrsR9zB+lQ5j3 UJlbVf5qKbrhebfOoXQ7f5Eh4Kli5va3K+c1amzp4GwLi+CbXSU2Utb6+ZSaMOLb ATA= -----END CERTIFICATE-----Generated at Sat Nov 15 22:22:12 2025 by rpki-client