$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2514fe3-5779-4174-ba62-2a19e0c7ddf9.roa File: a2514fe3-5779-4174-ba62-2a19e0c7ddf9.roa (raw, json) Hash identifier: f2VWfYmtdDb4ixEX4wvGRC2aN4CJeJIiBVU8Mc39P38= Subject key identifier: B6:D4:EC:1F:4D:73:13:EF:A5:45:23:48:8D:D4:31:30:19:34:9E:C3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2A19987776A3A14A868275C276CBE8A3EA118384 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2514fe3-5779-4174-ba62-2a19e0c7ddf9.roa Signing time: Fri 31 Oct 2025 00:00:03 +0000 ROA not before: Fri 31 Oct 2025 00:00:03 +0000 ROA not after: Fri 05 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da21::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 00:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:19:98:77:76:a3:a1:4a:86:82:75:c2:76:cb:e8:a3:ea:11:83:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 31 00:00:03 2025 GMT Not After : Dec 5 23:59:59 2025 GMT Subject: serialNumber=4bc2a9b36771250e332d74cd36c6b0e9069a8dd37af8a67d628160320c1f58a2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:82:35:42:40:ef:cf:e1:b2:20:50:ce:ca:9e: 47:4b:4d:f0:8b:f4:0a:1f:bb:60:93:b5:5f:25:09: c0:11:6a:5a:16:d9:04:95:ec:22:a5:e9:e6:0b:4f: 84:e3:c8:b0:16:ac:67:ed:ed:f8:f1:01:9f:15:91: 2a:e1:73:14:e7:54:5e:e2:ac:dc:88:3c:f0:60:db: 74:17:76:f9:7e:ac:05:c2:62:1d:4b:3d:1e:fe:0a: 7f:79:16:49:61:12:93:50:9e:8d:70:ee:ea:cc:14: 85:9d:64:51:76:7a:e3:02:79:ad:1f:20:e5:2a:fd: ac:10:a4:79:93:b0:09:99:76:7f:83:4a:ab:aa:c8: 3d:d6:17:5e:2a:b5:c9:f1:5c:39:0c:61:e7:43:65: 93:03:dc:1b:18:47:5a:24:2c:48:14:26:94:44:55: a3:d9:21:c4:d3:2f:d1:fd:4e:43:9a:d8:1e:3e:6c: 1c:8e:4f:67:1e:a8:d6:29:9b:44:c9:6d:e4:21:b3: d0:30:80:3b:e1:b0:37:36:44:69:87:7f:6c:63:11: 80:34:64:e5:8a:08:3a:20:6b:f3:93:96:cf:90:c6: 70:88:58:30:4d:6a:53:50:18:dd:85:2e:35:91:53: b6:c0:15:5d:36:04:cd:e3:7e:5a:7e:ac:bb:86:46: cc:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:D4:EC:1F:4D:73:13:EF:A5:45:23:48:8D:D4:31:30:19:34:9E:C3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2514fe3-5779-4174-ba62-2a19e0c7ddf9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da21::/36 Signature Algorithm: sha256WithRSAEncryption c7:9d:66:57:4e:a3:4d:89:2e:4a:48:33:ba:9e:58:fc:9b:e2: aa:0b:2b:fc:8e:b3:58:fe:76:ce:9f:59:bb:db:f5:d3:31:b9: 51:a9:f7:a6:85:30:9f:35:bc:7f:ed:a0:ae:54:77:09:21:b7: c0:c0:08:a4:fb:77:23:e6:e6:27:ec:94:5c:c7:08:ca:19:22: 54:e4:16:bd:c5:af:ea:b2:bb:f0:6d:52:81:c5:ab:25:e9:80: 09:c8:6c:a6:db:2d:5f:7c:b8:9b:f5:c9:1e:54:7e:16:23:67: 04:66:3c:29:78:6e:e8:52:7f:60:70:eb:bf:61:91:7b:4c:ef: 0b:68:b9:2c:fa:8e:01:74:54:7d:3c:20:0d:81:2e:f8:bd:0e: 93:63:a6:a9:5d:b5:18:17:0f:46:21:fb:7e:67:28:e6:d7:94: 48:f0:df:f4:3b:2e:ff:3a:f0:62:fb:dc:b6:d2:28:a8:e3:80: 45:c0:c3:02:d2:d0:09:2e:15:58:e1:10:53:a6:25:02:69:21: fd:c1:d7:d8:ca:50:69:52:12:9c:2b:a0:1d:5e:22:25:5a:f6: 81:04:c3:a3:8f:1f:17:e3:bb:92:1c:f2:85:49:67:26:a0:5c: fa:99:82:1c:b1:e3:49:26:1a:7d:a7:af:f8:ed:e3:23:1b:c7: a5:a3:95:9a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKhmYd3ajoUqGgnXCdsvoo+oRg4QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAzMTAwMDAwM1oX DTI1MTIwNTIzNTk1OVowejFJMEcGA1UEBRNANGJjMmE5YjM2NzcxMjUwZTMzMmQ3 NGNkMzZjNmIwZTkwNjlhOGRkMzdhZjhhNjdkNjI4MTYwMzIwYzFmNThhMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4I1QkDvz+GyIFDOyp5HS03wi/QK H7tgk7VfJQnAEWpaFtkElewipenmC0+E48iwFqxn7e348QGfFZEq4XMU51Re4qzc iDzwYNt0F3b5fqwFwmIdSz0e/gp/eRZJYRKTUJ6NcO7qzBSFnWRRdnrjAnmtHyDl Kv2sEKR5k7AJmXZ/g0qrqsg91hdeKrXJ8Vw5DGHnQ2WTA9wbGEdaJCxIFCaURFWj 2SHE0y/R/U5DmtgePmwcjk9nHqjWKZtEyW3kIbPQMIA74bA3NkRph39sYxGANGTl igg6IGvzk5bPkMZwiFgwTWpTUBjdhS41kVO2wBVdNgTN435afqy7hkbMAQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLbU7B9NcxPvpUUjSI3UMTAZNJ7DMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EyNTE0ZmUzLTU3NzktNDE3NC1iYTYyLTJhMTllMGM3ZGRmOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaIQAwDQYJKoZIhvcNAQELBQADggEBAMedZldOo02JLkpIM7qe WPyb4qoLK/yOs1j+ds6fWbvb9dMxuVGp96aFMJ81vH/toK5Udwkht8DACKT7dyPm 5ifslFzHCMoZIlTkFr3Fr+qyu/BtUoHFqyXpgAnIbKbbLV98uJv1yR5UfhYjZwRm PCl4buhSf2Bw679hkXtM7wtouSz6jgF0VH08IA2BLvi9DpNjpqldtRgXD0Yh+35n KObXlEjw3/Q7Lv868GL73LbSKKjjgEXAwwLS0AkuFVjhEFOmJQJpIf3B19jKUGlS EpwroB1eIiVa9oEEw6OPHxfju5Ic8oVJZyagXPqZghyx40kmGn2nr/jt4yMbx6Wj lZo= -----END CERTIFICATE-----Generated at Sat Nov 1 03:14:48 2025 by rpki-client