$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf40bbcd-0211-4289-921c-c7d5e705cbda.roa File: bf40bbcd-0211-4289-921c-c7d5e705cbda.roa (raw, json) Hash identifier: KuvIpapmdmZKZoj2PR2xYy71MHsNZSq5LHL78sSJNlc= Subject key identifier: 4B:FC:0C:0F:E6:4E:E0:52:89:21:1D:31:C1:9A:53:56:92:25:25:16 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 61088CFC3D49FB51CF5F0457327F4DF2C31A1B8E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf40bbcd-0211-4289-921c-c7d5e705cbda.roa Signing time: Sun 09 Nov 2025 01:10:13 +0000 ROA not before: Sun 09 Nov 2025 01:10:13 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 15 Nov 2025 00:10:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:08:8c:fc:3d:49:fb:51:cf:5f:04:57:32:7f:4d:f2:c3:1a:1b:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 01:10:13 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=5749e78d98d188c69e443da6e4674509049bc44568c0f870dcfe807880ab39d1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:a3:5e:5b:7c:e9:89:63:dd:79:9e:d2:ab:65: 4f:8d:d8:1d:e8:d2:f7:fb:39:0b:ac:69:e4:61:03: ce:39:0d:db:34:6a:d7:cc:b2:c7:98:ff:ab:46:4e: 80:40:b7:8d:bb:ab:9e:e2:5b:39:7b:20:ba:64:ed: 1c:f1:c7:d3:3f:97:d4:95:4e:bb:84:2c:f5:e8:a8: 0e:24:46:29:dd:18:3e:83:78:db:1a:c8:72:14:88: ba:a6:4b:51:d6:3d:aa:c8:30:5c:af:08:c2:1a:5f: 90:cc:5b:61:e3:86:ac:13:7f:48:a3:b4:04:a6:d3: 65:18:2f:00:81:e3:2a:08:c9:63:36:20:6a:c6:02: cc:69:79:03:f5:0a:3d:45:09:78:4f:45:bf:a3:a7: da:ff:fc:df:6e:c4:c7:1b:73:8b:e5:32:c6:69:4c: 98:c7:ed:2e:f6:05:7a:b3:29:40:1d:20:46:4f:7e: c4:ce:3f:8e:74:61:ab:cb:fb:cf:69:5d:62:e4:29: 1a:a0:33:ab:ef:ce:f0:13:c1:69:26:6e:02:fd:57: 82:24:14:40:2d:21:f1:1c:ec:cc:0d:1c:27:65:f5: a6:f9:10:fe:2f:97:79:29:ac:7d:e7:35:22:3f:b4: 68:6c:c1:66:08:cf:4a:3c:a4:6e:99:f3:cc:e2:1a: e4:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:FC:0C:0F:E6:4E:E0:52:89:21:1D:31:C1:9A:53:56:92:25:25:16 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bf40bbcd-0211-4289-921c-c7d5e705cbda.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:f000::/40 Signature Algorithm: sha256WithRSAEncryption 06:76:c1:48:32:a7:be:9b:0f:fc:80:17:40:5e:af:d8:b8:58: 5d:81:b1:e2:83:f2:15:c1:0a:a3:67:97:a9:47:39:57:64:5e: 8c:67:7c:2d:1c:e8:9c:c0:02:dc:07:17:13:c1:cc:67:9d:e8: b2:48:e5:d7:70:0f:e7:89:44:45:7d:c9:d5:00:47:20:73:17: 99:6f:53:82:00:42:d7:01:2d:41:7d:0a:34:53:17:74:c2:5d: f8:01:b1:59:94:21:e4:e6:19:4e:e5:b9:54:47:70:65:a1:b5: 75:ab:44:17:37:b5:c6:cb:71:7a:3c:56:31:24:63:b7:e5:75: d6:26:5e:55:6a:f6:91:12:de:84:39:88:f9:a9:de:81:b1:85: b5:b9:d3:a5:4a:1b:bd:21:ff:91:99:3e:2d:13:59:b0:e5:4a: 48:02:75:f6:0d:27:dc:e6:24:d7:bc:b1:6a:b4:e7:24:d5:80: 75:94:f8:aa:b5:73:d4:5f:a0:f1:63:0c:0e:56:e2:4a:54:96: 17:f2:20:ef:81:0b:f8:3e:b7:f8:b3:77:b7:49:13:65:5c:84: 0e:4b:f7:35:d1:84:63:18:4a:9c:79:64:8a:c8:f7:b3:2d:ff: 49:31:13:8e:28:6b:4b:2e:e7:eb:cc:54:3e:fe:36:50:ca:94: e4:29:b7:f5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUYQiM/D1J+1HPXwRXMn9N8sMaG44wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAxMTAxM1oX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNANTc0OWU3OGQ5OGQxODhjNjllNDQz ZGE2ZTQ2NzQ1MDkwNDliYzQ0NTY4YzBmODcwZGNmZTgwNzg4MGFiMzlkMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36NeW3zpiWPdeZ7Sq2VPjdgd6NL3 +zkLrGnkYQPOOQ3bNGrXzLLHmP+rRk6AQLeNu6ue4ls5eyC6ZO0c8cfTP5fUlU67 hCz16KgOJEYp3Rg+g3jbGshyFIi6pktR1j2qyDBcrwjCGl+QzFth44asE39Io7QE ptNlGC8AgeMqCMljNiBqxgLMaXkD9Qo9RQl4T0W/o6fa//zfbsTHG3OL5TLGaUyY x+0u9gV6sylAHSBGT37Ezj+OdGGry/vPaV1i5CkaoDOr787wE8FpJm4C/VeCJBRA LSHxHOzMDRwnZfWm+RD+L5d5Kax95zUiP7RobMFmCM9KPKRumfPM4hrkRwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEv8DA/mTuBSiSEdMcGaU1aSJSUWMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JmNDBiYmNkLTAyMTEtNDI4OS05MjFjLWM3ZDVlNzA1Y2JkYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+PAwDQYJKoZIhvcNAQELBQADggEBAAZ2wUgyp76bD/yAF0Be r9i4WF2BseKD8hXBCqNnl6lHOVdkXoxnfC0c6JzAAtwHFxPBzGed6LJI5ddwD+eJ REV9ydUARyBzF5lvU4IAQtcBLUF9CjRTF3TCXfgBsVmUIeTmGU7luVRHcGWhtXWr RBc3tcbLcXo8VjEkY7flddYmXlVq9pES3oQ5iPmp3oGxhbW506VKG70h/5GZPi0T WbDlSkgCdfYNJ9zmJNe8sWq05yTVgHWU+Kq1c9RfoPFjDA5W4kpUlhfyIO+BC/g+ t/izd7dJE2VchA5L9zXRhGMYSpx5ZIrI97Mt/0kxE44oa0su5+vMVD7+NlDKlOQp t/U= -----END CERTIFICATE-----Generated at Tue Nov 11 08:37:49 2025 by rpki-client