$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b0ce5dd-b814-404d-834f-cb4ff6e69c73.roa File: 2b0ce5dd-b814-404d-834f-cb4ff6e69c73.roa (raw, json) Hash identifier: rmpSBXPKWNNV8pfIgVa+43NsY1IDpcqeJy9INg09gmE= Subject key identifier: F0:6D:D3:F0:F3:B5:84:0E:B2:E5:17:4C:50:F2:2E:BB:87:6B:C3:93 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 01A8BA82EE5AF3BD6F2609158744F5F1386CAE6D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b0ce5dd-b814-404d-834f-cb4ff6e69c73.roa Signing time: Sun 09 Nov 2025 00:10:06 +0000 ROA not before: Sun 09 Nov 2025 00:10:06 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 18 Nov 2025 00:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:a8:ba:82:ee:5a:f3:bd:6f:26:09:15:87:44:f5:f1:38:6c:ae:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:10:06 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=85e253c59e16aa68e0e5f3a8a29985d1f6b594dc840bca74d18d57327bb737ad, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:aa:87:49:a5:28:d8:0a:c6:36:27:c2:ea:c8: 91:83:9e:12:d7:46:0a:f0:83:16:f1:c5:0c:7f:52: f9:c7:b3:59:bf:53:27:80:cc:43:98:d5:3c:cf:a1: 1d:3a:60:0e:86:8e:c2:5d:b4:85:b5:f7:29:3e:cf: 57:3c:08:fe:e2:35:eb:57:fd:c6:7b:05:31:93:14: d4:57:da:df:97:05:94:08:8c:69:d3:36:6c:1d:18: 3c:fd:14:a0:48:d7:94:80:98:0a:0d:8d:ff:35:b3: 3d:64:28:e0:c4:ae:4d:0a:5e:18:ea:0c:10:a5:6a: a9:86:23:bd:cd:4f:6f:22:3f:31:66:f5:e1:b4:56: af:d8:88:8c:c8:b5:14:84:9d:31:60:9f:07:34:7d: 70:df:a9:63:57:c0:1d:97:d8:ec:b7:53:22:08:32: 1e:f7:21:62:17:da:4d:e8:02:72:cd:32:d2:ef:54: eb:64:d4:f6:41:9e:8e:be:83:3f:3c:44:de:d5:2f: 1c:c1:96:7d:ac:73:49:42:4b:15:9d:bc:b4:ba:bf: 2b:f8:80:b0:7b:b3:0f:6f:72:eb:c8:64:14:64:bd: 22:14:f0:ca:7d:02:90:05:fa:6f:3b:0d:2f:8b:2a: b6:ce:75:43:6a:4e:aa:44:94:59:7d:3b:51:6f:fd: bc:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:6D:D3:F0:F3:B5:84:0E:B2:E5:17:4C:50:F2:2E:BB:87:6B:C3:93 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b0ce5dd-b814-404d-834f-cb4ff6e69c73.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:1000::/40 Signature Algorithm: sha256WithRSAEncryption 07:a8:57:c2:a7:f8:a9:ff:31:69:22:73:44:75:09:a6:6f:3c: 8e:76:dd:15:d3:cf:28:0e:ec:22:1f:d8:29:a4:8f:a4:34:46: c2:2a:64:6c:f3:df:13:bd:90:76:7e:ea:4d:1f:cf:96:0b:30: 9a:c3:f1:ea:9b:22:b2:a4:f7:ff:1e:4f:06:9b:12:2d:df:cf: 1f:10:d3:e3:3c:bf:de:3b:fc:0b:fe:d4:d4:e5:21:30:61:2b: 77:a2:ca:08:0a:76:56:14:f9:ae:ab:60:68:8d:54:df:7b:26: fd:b4:8b:4a:3c:06:a1:1c:83:aa:53:e9:0f:a9:88:37:7f:b3: 66:e0:1a:a6:b0:d4:45:12:c0:2d:7a:b3:ea:24:8b:48:df:c4: eb:e0:96:bc:02:8f:94:dc:10:08:01:25:9f:45:03:d9:32:3f: 18:70:33:21:89:03:a0:7d:4e:f7:5f:41:e0:2f:e2:d7:39:87: 8f:a3:24:ba:cc:14:de:74:9c:02:2d:f8:cf:8d:f6:a5:2d:50: dd:21:ba:d1:af:95:49:6b:a3:31:c5:7e:74:69:93:9c:25:e2: ff:c7:16:4c:7c:57:91:3d:e3:4a:2b:3b:60:77:60:91:dc:22: d6:dd:6c:b6:af:5c:56:be:98:07:63:28:ba:55:19:1c:6c:a2: 11:44:8d:ba -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUAai6gu5a871vJgkVh0T18Thsrm0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwMTAwNloX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAODVlMjUzYzU5ZTE2YWE2OGUwZTVm M2E4YTI5OTg1ZDFmNmI1OTRkYzg0MGJjYTc0ZDE4ZDU3MzI3YmI3MzdhZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqqHSaUo2ArGNifC6siRg54S10YK 8IMW8cUMf1L5x7NZv1MngMxDmNU8z6EdOmAOho7CXbSFtfcpPs9XPAj+4jXrV/3G ewUxkxTUV9rflwWUCIxp0zZsHRg8/RSgSNeUgJgKDY3/NbM9ZCjgxK5NCl4Y6gwQ pWqphiO9zU9vIj8xZvXhtFav2IiMyLUUhJ0xYJ8HNH1w36ljV8Adl9jst1MiCDIe 9yFiF9pN6AJyzTLS71TrZNT2QZ6OvoM/PETe1S8cwZZ9rHNJQksVnby0ur8r+ICw e7MPb3LryGQUZL0iFPDKfQKQBfpvOw0viyq2znVDak6qRJRZfTtRb/28IwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPBt0/DztYQOsuUXTFDyLruHa8OTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJiMGNlNWRkLWI4MTQtNDA0ZC04MzRmLWNiNGZmNmU2OWM3My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoBAwDQYJKoZIhvcNAQELBQADggEBAAeoV8Kn+Kn/MWkic0R1 CaZvPI523RXTzygO7CIf2Cmkj6Q0RsIqZGzz3xO9kHZ+6k0fz5YLMJrD8eqbIrKk 9/8eTwabEi3fzx8Q0+M8v947/Av+1NTlITBhK3eiyggKdlYU+a6rYGiNVN97Jv20 i0o8BqEcg6pT6Q+piDd/s2bgGqaw1EUSwC16s+oki0jfxOvglrwCj5TcEAgBJZ9F A9kyPxhwMyGJA6B9TvdfQeAv4tc5h4+jJLrMFN50nAIt+M+N9qUtUN0hutGvlUlr ozHFfnRpk5wl4v/HFkx8V5E940orO2B3YJHcItbdbLavXFa+mAdjKLpVGRxsohFE jbo= -----END CERTIFICATE-----Generated at Fri Nov 14 20:59:29 2025 by rpki-client