$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffd89ff2-4de6-4517-88fc-12345cabb969.roa File: ffd89ff2-4de6-4517-88fc-12345cabb969.roa (raw, json) Hash identifier: jf0NC87dSqeQ9UM4fzd5hogUmKG9+nkuNWbGf1G+9r0= Subject key identifier: 9D:5E:F3:50:9B:56:61:61:D7:B4:F5:B7:93:D5:36:D5:09:D6:36:8E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 41B3AE0D3B264BB8E2D21E6FEB1DF6A5511E91A1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffd89ff2-4de6-4517-88fc-12345cabb969.roa Signing time: Sun 09 Nov 2025 00:40:49 +0000 ROA not before: Sun 09 Nov 2025 00:40:49 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da15::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 13 Nov 2025 01:10:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:b3:ae:0d:3b:26:4b:b8:e2:d2:1e:6f:eb:1d:f6:a5:51:1e:91:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:40:49 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=d40cd883bfe1b763be685bbb6682014139efa2004206060f6aa898cb2033d810, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:88:95:1a:bb:7a:68:52:6d:ed:bd:97:00:01: 72:63:d5:92:36:1c:76:4c:0f:d9:6e:d4:d5:bf:91: 1b:88:a4:7b:1d:06:28:67:08:67:6c:85:cc:68:99: 62:96:03:dc:4b:07:ea:19:40:29:66:3a:e0:67:a4: db:d6:a7:d4:e3:4a:91:8e:0a:70:04:71:9b:f3:e7: e1:3e:bd:61:d4:9d:2f:9c:33:d2:36:ec:58:ab:c7: 90:92:0f:ea:cc:e4:a0:0e:30:f8:ff:4e:b6:88:50: ca:f0:20:f3:8f:dc:82:e0:49:aa:51:e5:11:5f:77: 58:55:f5:79:e5:6f:8a:73:19:57:62:97:47:35:d7: ef:4b:d0:3c:59:87:e9:2b:e5:22:a9:e1:c3:87:a3: 8f:47:65:f5:79:be:3c:ea:e3:2a:d4:40:c8:7f:8a: 74:33:95:cc:82:0f:1d:a6:34:06:65:96:85:43:ee: 5f:70:36:97:15:d6:cd:15:d0:56:a1:96:16:64:70: 07:3e:09:ab:13:11:4f:cd:47:0e:a3:f4:74:a2:5b: 94:89:61:7b:c7:fd:e1:87:2c:ba:4d:9d:7d:5b:f8: 33:be:ee:c1:51:5b:c9:d4:16:d2:bd:b9:bd:97:93: 0a:dd:b8:df:57:46:38:32:96:f8:97:1b:c0:90:76: 3c:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:5E:F3:50:9B:56:61:61:D7:B4:F5:B7:93:D5:36:D5:09:D6:36:8E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffd89ff2-4de6-4517-88fc-12345cabb969.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da15::/36 Signature Algorithm: sha256WithRSAEncryption ad:68:14:1c:c0:00:f8:a3:de:8c:99:d5:09:22:39:e1:48:f4: 87:a3:5f:f6:6b:b4:c5:b2:d3:8c:e2:1a:4a:3e:63:fe:e2:c9: 2f:9b:73:b1:d8:06:79:12:cb:5b:1e:aa:76:8a:07:4f:67:03: b6:da:60:1a:b6:b4:60:5a:5c:d4:10:cd:b5:45:77:a2:25:c3: 78:dc:ca:28:aa:53:b5:32:17:02:79:5e:5b:d4:be:43:69:88: 00:48:5e:22:9c:2e:89:8c:fc:88:4a:df:3d:12:d4:68:2e:ff: e2:f6:89:57:bf:48:8a:08:98:77:61:59:a4:d1:7f:0f:f8:4f: 81:f2:02:61:c7:6d:c8:05:1b:ca:ed:ca:e7:6d:ca:88:86:f3: 1f:ba:72:0c:c6:cb:ba:35:42:a8:26:90:9a:00:24:83:03:64: 1d:90:66:2e:1a:a7:44:16:12:26:2e:53:4b:1a:6f:92:12:cc: e1:c0:66:5c:7c:74:39:74:dd:78:f9:2c:22:36:1d:19:f8:cd: 37:e1:46:cf:a3:38:3b:c1:5e:7f:ec:7e:81:98:24:21:4f:4f: 78:24:d8:c1:86:87:5d:23:29:d8:61:ce:69:f9:4c:61:ac:51: 13:40:90:e4:c5:10:76:b5:5c:3d:e7:12:bc:d9:62:43:36:a0: be:52:6a:c2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQbOuDTsmS7ji0h5v6x32pVEekaEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwNDA0OVoX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAZDQwY2Q4ODNiZmUxYjc2M2JlNjg1 YmJiNjY4MjAxNDEzOWVmYTIwMDQyMDYwNjBmNmFhODk4Y2IyMDMzZDgxMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIiVGrt6aFJt7b2XAAFyY9WSNhx2 TA/ZbtTVv5EbiKR7HQYoZwhnbIXMaJlilgPcSwfqGUApZjrgZ6Tb1qfU40qRjgpw BHGb8+fhPr1h1J0vnDPSNuxYq8eQkg/qzOSgDjD4/062iFDK8CDzj9yC4EmqUeUR X3dYVfV55W+KcxlXYpdHNdfvS9A8WYfpK+UiqeHDh6OPR2X1eb486uMq1EDIf4p0 M5XMgg8dpjQGZZaFQ+5fcDaXFdbNFdBWoZYWZHAHPgmrExFPzUcOo/R0oluUiWF7 x/3hhyy6TZ19W/gzvu7BUVvJ1BbSvbm9l5MK3bjfV0Y4Mpb4lxvAkHY8BwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJ1e81CbVmFh17T1t5PVNtUJ1jaOMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZmZDg5ZmYyLTRkZTYtNDUxNy04OGZjLTEyMzQ1Y2FiYjk2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaFQAwDQYJKoZIhvcNAQELBQADggEBAK1oFBzAAPij3oyZ1Qki OeFI9IejX/ZrtMWy04ziGko+Y/7iyS+bc7HYBnkSy1seqnaKB09nA7baYBq2tGBa XNQQzbVFd6Ilw3jcyiiqU7UyFwJ5XlvUvkNpiABIXiKcLomM/IhK3z0S1Ggu/+L2 iVe/SIoImHdhWaTRfw/4T4HyAmHHbcgFG8rtyudtyoiG8x+6cgzGy7o1QqgmkJoA JIMDZB2QZi4ap0QWEiYuU0sab5ISzOHAZlx8dDl03Xj5LCI2HRn4zTfhRs+jODvB Xn/sfoGYJCFPT3gk2MGGh10jKdhhzmn5TGGsURNAkOTFEHa1XD3nErzZYkM2oL5S asI= -----END CERTIFICATE-----Generated at Sun Nov 9 06:18:28 2025 by rpki-client