$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d0d3d64-afcc-4838-bca0-f7693f145edf.roa File: 4d0d3d64-afcc-4838-bca0-f7693f145edf.roa (raw, json) Hash identifier: I9Hg++QJsYF5NRrmYy4FmrcecuMfx7J2pClrbN4hLjo= Subject key identifier: 99:05:96:E5:C4:55:AF:EC:E9:28:84:E2:18:E4:2E:AE:29:51:61:31 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0D7E1228068942C69CABB69A574DDAC2494E0532 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d0d3d64-afcc-4838-bca0-f7693f145edf.roa Signing time: Sun 09 Nov 2025 01:10:07 +0000 ROA not before: Sun 09 Nov 2025 01:10:07 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 18 Nov 2025 00:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:7e:12:28:06:89:42:c6:9c:ab:b6:9a:57:4d:da:c2:49:4e:05:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 01:10:07 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=6ebfb5871e1117c2f73d1ef40b9404ce1726715c14d8f4cb02ea556d1f8c6957, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:4b:2b:0f:4e:ce:10:6a:cb:03:90:98:e4:0e: 4a:5b:df:47:26:57:d2:7d:9f:f6:56:8a:3e:95:59: 42:b3:b4:83:d4:cc:9d:5f:1e:51:33:13:88:77:4d: 9b:db:f7:f1:93:9d:6d:eb:b1:91:1a:22:c9:41:af: 67:bb:d5:c1:51:fb:44:23:37:79:4a:bf:6b:99:3f: cb:f5:1d:94:01:93:e0:95:4e:d1:18:6c:ef:4b:19: 7d:b2:5b:36:90:c2:15:d0:da:39:d3:80:31:b1:02: 86:7d:28:90:97:da:2f:b5:88:dc:57:bb:f8:01:70: a8:e1:35:30:f1:ba:8f:c3:ba:5f:37:8f:68:2a:21: f4:2e:4d:f5:c6:65:c3:0d:d7:bf:4d:35:ea:e9:37: 29:47:b3:f9:bf:79:23:b1:22:0d:f1:a0:7a:4a:a6: 94:51:bd:a4:16:07:91:9d:ef:1e:aa:54:c1:e3:2c: 88:66:ae:3d:a0:f6:6a:45:94:62:14:fc:f8:0a:f7: 7a:1f:8f:34:8a:04:57:6a:a0:82:31:11:ce:8e:86: 25:cc:81:57:ce:8c:c4:d9:78:67:de:ca:6d:de:33: 77:78:3f:5e:79:19:d0:b9:de:23:6e:b1:de:10:2c: 2c:05:5d:e3:02:8b:01:29:47:84:8f:49:3a:01:83: f7:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:05:96:E5:C4:55:AF:EC:E9:28:84:E2:18:E4:2E:AE:29:51:61:31 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d0d3d64-afcc-4838-bca0-f7693f145edf.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:b000::/40 Signature Algorithm: sha256WithRSAEncryption a1:dc:5c:3d:1e:a8:33:61:04:fc:87:71:fb:8b:c6:12:7e:fc: a6:18:82:93:17:48:7a:f3:98:07:d9:fe:fb:91:ff:23:83:f0: c4:af:e9:6f:c6:06:1f:78:22:86:e4:6f:93:68:cd:e2:dd:a3: ac:8f:6d:61:1e:f5:7b:c2:08:20:c2:b0:30:4a:de:71:ad:47: 11:13:e8:a9:fb:10:5a:5f:ae:de:d3:e3:00:76:ea:ce:00:96: 76:08:93:c2:69:f6:16:70:02:b3:13:d1:a8:0f:a4:d9:e9:8f: d6:b6:a6:a8:5d:a3:8e:ec:fa:60:90:b4:84:52:2d:90:09:52: 2b:8d:c7:79:dc:6f:97:78:5d:f2:ec:e1:1b:59:92:d6:a9:e2: 58:a0:ed:51:e9:f4:70:8d:d2:66:ba:34:e0:53:ed:b6:22:4a: c5:22:54:f7:92:b0:b9:40:0e:4b:54:4a:dd:36:ca:b7:03:7f: e8:73:a3:99:99:88:1a:88:63:7f:e9:b5:89:24:96:45:25:bd: ad:7a:32:e7:f5:79:10:79:6a:8c:af:fe:e2:2d:df:8f:53:81: a7:3f:3f:ee:f8:dd:ac:c8:e2:c1:7f:bf:00:c2:13:fd:a9:52: 02:44:4f:33:c2:2f:c2:1a:d9:59:10:e5:dd:7e:c7:ba:34:4b: b5:00:62:4e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDX4SKAaJQsacq7aaV03awklOBTIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAxMTAwN1oX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNANmViZmI1ODcxZTExMTdjMmY3M2Qx ZWY0MGI5NDA0Y2UxNzI2NzE1YzE0ZDhmNGNiMDJlYTU1NmQxZjhjNjk1NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUsrD07OEGrLA5CY5A5KW99HJlfS fZ/2Voo+lVlCs7SD1MydXx5RMxOId02b2/fxk51t67GRGiLJQa9nu9XBUftEIzd5 Sr9rmT/L9R2UAZPglU7RGGzvSxl9sls2kMIV0No504AxsQKGfSiQl9ovtYjcV7v4 AXCo4TUw8bqPw7pfN49oKiH0Lk31xmXDDde/TTXq6TcpR7P5v3kjsSIN8aB6SqaU Ub2kFgeRne8eqlTB4yyIZq49oPZqRZRiFPz4Cvd6H480igRXaqCCMRHOjoYlzIFX zozE2Xhn3spt3jN3eD9eeRnQud4jbrHeECwsBV3jAosBKUeEj0k6AYP3GQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJkFluXEVa/s6SiE4hjkLq4pUWExMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRkMGQzZDY0LWFmY2MtNDgzOC1iY2EwLWY3NjkzZjE0NWVkZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8bAwDQYJKoZIhvcNAQELBQADggEBAKHcXD0eqDNhBPyHcfuL xhJ+/KYYgpMXSHrzmAfZ/vuR/yOD8MSv6W/GBh94Iobkb5NozeLdo6yPbWEe9XvC CCDCsDBK3nGtRxET6Kn7EFpfrt7T4wB26s4AlnYIk8Jp9hZwArMT0agPpNnpj9a2 pqhdo47s+mCQtIRSLZAJUiuNx3ncb5d4XfLs4RtZktap4lig7VHp9HCN0ma6NOBT 7bYiSsUiVPeSsLlADktUSt02yrcDf+hzo5mZiBqIY3/ptYkklkUlva16Muf1eRB5 aoyv/uIt349Tgac/P+743azI4sF/vwDCE/2pUgJETzPCL8Ia2VkQ5d1+x7o0S7UA Yk4= -----END CERTIFICATE-----Generated at Fri Nov 14 09:56:49 2025 by rpki-client