$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91606af-f23b-41f1-a5e0-9c946ffa3ce0.roa File: a91606af-f23b-41f1-a5e0-9c946ffa3ce0.roa (raw, json) Hash identifier: pwHGNmTccxd/vz5gXvIgv3h5wnfQErjFweHomAuoJvU= Subject key identifier: A7:07:A6:CE:DE:B5:C1:D0:DD:07:64:3F:82:5D:48:75:05:60:98:D0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 240F3D059ADEF5BEEC8C8B8DAFC9590A172142D7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91606af-f23b-41f1-a5e0-9c946ffa3ce0.roa Signing time: Sun 09 Nov 2025 00:40:56 +0000 ROA not before: Sun 09 Nov 2025 00:40:56 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 13 Nov 2025 01:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:0f:3d:05:9a:de:f5:be:ec:8c:8b:8d:af:c9:59:0a:17:21:42:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:40:56 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=e2d648e2da0cc661364edb14356515b14b5f1d675c1e440e0c8f0b4dfebdd4ba, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:66:e1:5a:fd:ca:f3:60:19:78:1e:cc:e7:8f: c8:ba:6d:98:47:de:22:fd:f5:ce:0d:ec:82:b3:f6: 52:cd:ff:6c:08:78:fd:d1:5d:78:3b:85:9e:f8:2f: 70:80:27:41:46:1d:cd:d1:ba:e1:e6:61:2b:9e:de: 40:a2:c3:10:d1:de:72:de:6e:47:f7:98:41:8c:f4: 98:1a:a8:79:26:de:23:33:2b:aa:1c:48:59:ab:57: 01:d6:bd:73:5e:d3:07:c8:49:9c:f5:6f:d9:18:94: 65:57:53:00:cb:6b:7d:29:df:37:49:83:ad:ab:0c: 20:94:66:af:f9:8b:1d:ed:5b:06:b8:bf:eb:13:8d: 7a:20:93:a5:fd:4c:7e:10:c6:a2:e7:f1:3a:9f:65: 2e:a5:fd:b9:1d:06:19:7b:f5:d7:a8:a8:94:a4:07: 2f:76:50:72:fa:b0:ef:f4:9f:8a:ab:43:ce:59:a6: 2e:a0:b9:8c:dc:7a:5d:0f:03:b1:98:61:04:ed:e0: e0:a1:9e:33:f1:e6:9c:4f:de:d8:d4:c4:c0:1f:e7: 72:c4:54:e3:e2:cd:33:58:e4:9c:ca:e7:10:78:1b: 44:63:8f:50:a5:47:85:2b:4e:cd:3b:2f:a7:58:a9: 57:c6:8d:be:8b:d3:dc:e7:45:64:21:c2:49:94:bf: a9:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:07:A6:CE:DE:B5:C1:D0:DD:07:64:3F:82:5D:48:75:05:60:98:D0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91606af-f23b-41f1-a5e0-9c946ffa3ce0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:8000::/40 Signature Algorithm: sha256WithRSAEncryption ca:8c:cf:6f:a7:cd:c7:54:14:6b:2f:9a:74:b3:f2:44:62:73: 5e:70:7d:df:b1:46:49:c7:57:f9:93:8f:3d:7f:0a:70:a7:f6: b4:2c:e1:b8:72:3a:53:18:d5:dd:96:05:f0:76:9c:68:3f:9e: 58:fa:12:5a:67:00:d1:f9:5b:6b:0f:20:85:51:cb:e8:ad:0e: 9b:c6:f0:50:d2:12:e5:56:fe:ad:63:82:f5:59:34:04:93:9f: ef:96:f7:c3:52:b9:8a:2c:03:92:c9:d8:63:00:fc:f6:35:51: 30:b8:a6:c6:02:0a:5e:f3:3f:d0:e9:b3:5a:3b:75:41:a5:62: d0:b6:77:a5:38:cb:e6:bb:66:70:5e:8d:33:b0:5e:5a:1f:69: 75:fc:7a:b3:21:f1:98:6d:58:c3:9b:2e:52:9a:d2:0f:4c:2d: a9:35:c6:7f:fb:65:56:95:ad:27:3f:e6:f6:2f:9d:88:1a:24: af:23:e2:3c:b9:d9:d5:91:f3:c4:76:75:d0:78:a3:2b:6d:8e: bc:19:9d:e4:3c:04:23:a4:fd:d0:10:d9:61:3a:d8:5f:e3:c4: d5:d0:e6:b7:4e:07:3e:49:e5:31:83:07:28:5f:b7:d5:fd:c5: 23:e0:6a:e5:fd:18:85:c2:e8:f5:92:6a:96:bb:65:2a:32:7d: b2:7c:27:2c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJA89BZre9b7sjIuNr8lZChchQtcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwNDA1NloX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAZTJkNjQ4ZTJkYTBjYzY2MTM2NGVk YjE0MzU2NTE1YjE0YjVmMWQ2NzVjMWU0NDBlMGM4ZjBiNGRmZWJkZDRiYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWbhWv3K82AZeB7M54/Ium2YR94i /fXODeyCs/ZSzf9sCHj90V14O4We+C9wgCdBRh3N0brh5mErnt5AosMQ0d5y3m5H 95hBjPSYGqh5Jt4jMyuqHEhZq1cB1r1zXtMHyEmc9W/ZGJRlV1MAy2t9Kd83SYOt qwwglGav+Ysd7VsGuL/rE416IJOl/Ux+EMai5/E6n2Uupf25HQYZe/XXqKiUpAcv dlBy+rDv9J+Kq0POWaYuoLmM3HpdDwOxmGEE7eDgoZ4z8eacT97Y1MTAH+dyxFTj 4s0zWOScyucQeBtEY49QpUeFK07NOy+nWKlXxo2+i9Pc50VkIcJJlL+pqwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKcHps7etcHQ3QdkP4JdSHUFYJjQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E5MTYwNmFmLWYyM2ItNDFmMS1hNWUwLTljOTQ2ZmZhM2NlMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+IAwDQYJKoZIhvcNAQELBQADggEBAMqMz2+nzcdUFGsvmnSz 8kRic15wfd+xRknHV/mTjz1/CnCn9rQs4bhyOlMY1d2WBfB2nGg/nlj6ElpnANH5 W2sPIIVRy+itDpvG8FDSEuVW/q1jgvVZNASTn++W98NSuYosA5LJ2GMA/PY1UTC4 psYCCl7zP9Dps1o7dUGlYtC2d6U4y+a7ZnBejTOwXlofaXX8erMh8ZhtWMObLlKa 0g9MLak1xn/7ZVaVrSc/5vYvnYgaJK8j4jy52dWR88R2ddB4oyttjrwZneQ8BCOk /dAQ2WE62F/jxNXQ5rdOBz5J5TGDByhft9X9xSPgauX9GIXC6PWSapa7ZSoyfbJ8 Jyw= -----END CERTIFICATE-----Generated at Sun Nov 9 17:43:36 2025 by rpki-client