$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0ab9cffb-50eb-4196-a4b2-e63a4da14c5c.roa File: 0ab9cffb-50eb-4196-a4b2-e63a4da14c5c.roa (raw, json) Hash identifier: kTUUO/0zygd/UzDHhhSDFxX9hy8x3sSXi+8L9epQ9y4= Subject key identifier: F1:A6:08:CA:BD:82:BB:30:3A:90:0E:BB:19:0E:85:4A:46:A7:08:D9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 130C5605F32BAE07EF510C5D9890C1217EF69D99 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0ab9cffb-50eb-4196-a4b2-e63a4da14c5c.roa Signing time: Sun 02 Nov 2025 00:00:43 +0000 ROA not before: Sun 02 Nov 2025 00:00:43 +0000 ROA not after: Sun 07 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:1000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:0c:56:05:f3:2b:ae:07:ef:51:0c:5d:98:90:c1:21:7e:f6:9d:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 2 00:00:43 2025 GMT Not After : Dec 7 23:59:59 2025 GMT Subject: serialNumber=f976508dfd8ddfb8b44f22c4a5c0efa6782992f32b06998db45db08e09266b40, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:78:34:fb:9f:04:c6:fb:82:be:3d:a4:cc:a7: d5:53:0d:58:47:0b:b9:40:dd:45:fa:7f:56:48:40: 49:0a:17:17:57:20:1a:6e:f7:93:e0:d5:42:ee:fe: 19:0a:c1:65:85:80:60:7d:26:25:a9:77:66:22:46: 07:a4:0e:e8:7a:34:f4:8d:1a:b6:f9:11:e9:23:83: a2:6e:b7:54:23:dc:c6:07:2f:76:d1:ce:0c:30:4e: e7:4d:27:bc:ab:b8:4c:77:62:a5:a3:e6:c3:da:c2: f4:ef:db:79:8e:75:c9:ee:34:98:11:af:06:5b:0c: 64:25:51:3b:73:2f:c9:c1:52:95:39:e2:39:1a:e0: 87:53:ae:12:7c:04:b3:e0:a9:2d:7a:4b:ee:a2:1b: ea:15:d0:f2:f1:f4:e7:a8:f6:1f:16:25:f7:08:83: ee:24:55:0f:76:33:b4:fe:60:72:91:42:60:dc:b4: ce:13:bc:ef:b2:1b:0a:8d:7c:82:31:71:a4:2d:5d: 26:46:f1:ea:b4:b3:a6:8d:de:f7:30:e6:ae:eb:a3: 7a:db:fb:4e:8c:b9:2a:a1:27:17:c7:9b:27:f5:30: 40:e4:af:c9:79:19:c8:aa:3c:f8:2f:65:d8:63:0a: f9:ff:79:d8:df:80:e8:47:17:6d:67:8d:6d:f2:29: a8:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:A6:08:CA:BD:82:BB:30:3A:90:0E:BB:19:0E:85:4A:46:A7:08:D9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0ab9cffb-50eb-4196-a4b2-e63a4da14c5c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:1000::/48 Signature Algorithm: sha256WithRSAEncryption 76:77:0d:42:85:0b:e2:84:9b:35:88:26:80:fc:c7:81:67:e9: c6:24:3c:06:d5:b0:b8:a9:24:67:04:eb:6b:17:1a:90:36:93: 27:3e:53:c5:f1:bb:2e:83:94:b2:97:66:7f:a6:2f:bf:17:5d: e7:e5:0c:e7:b5:54:48:dd:2c:f1:41:4e:52:00:b6:23:95:18: 15:2f:6e:c2:bb:1d:29:fb:43:69:20:0f:93:1e:d6:47:5b:62: 25:72:b1:bf:de:8d:38:76:e4:e4:b9:4b:f6:03:d5:1c:88:1a: 72:f4:b7:f7:86:50:8e:90:d7:fe:58:78:52:99:59:46:ba:41: b4:80:20:86:ed:59:a8:4e:28:15:a3:df:c9:17:a3:e4:e1:08: 67:1c:6b:83:b0:86:02:95:62:b3:bc:60:28:9b:7e:94:68:49: 93:1e:c5:2a:bd:41:71:d2:a4:9a:e7:75:9d:a4:c1:81:97:0c: a0:3d:06:03:a7:2d:d4:2b:c1:4b:7f:61:f1:07:4e:52:7c:61: f4:66:c0:66:96:ae:88:e2:3e:7f:f6:13:ba:02:00:bd:2d:4a: 19:13:4d:e7:ec:bf:d2:0f:0e:0c:05:f3:f9:7e:f9:77:8f:85: aa:98:31:c4:bf:00:96:8e:dd:7b:67:3d:27:3e:18:2c:4b:f8: a1:cf:9e:da -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUEwxWBfMrrgfvUQxdmJDBIX72nZkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwMjAwMDA0M1oX DTI1MTIwNzIzNTk1OVowejFJMEcGA1UEBRNAZjk3NjUwOGRmZDhkZGZiOGI0NGYy MmM0YTVjMGVmYTY3ODI5OTJmMzJiMDY5OThkYjQ1ZGIwOGUwOTI2NmI0MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3g0+58ExvuCvj2kzKfVUw1YRwu5 QN1F+n9WSEBJChcXVyAabveT4NVC7v4ZCsFlhYBgfSYlqXdmIkYHpA7oejT0jRq2 +RHpI4OibrdUI9zGBy920c4MME7nTSe8q7hMd2Klo+bD2sL079t5jnXJ7jSYEa8G WwxkJVE7cy/JwVKVOeI5GuCHU64SfASz4KktekvuohvqFdDy8fTnqPYfFiX3CIPu JFUPdjO0/mBykUJg3LTOE7zvshsKjXyCMXGkLV0mRvHqtLOmjd73MOau66N62/tO jLkqoScXx5sn9TBA5K/JeRnIqjz4L2XYYwr5/3nY34DoRxdtZ41t8imoFwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPGmCMq9grswOpAOuxkOhUpGpwjZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBhYjljZmZiLTUwZWItNDE5Ni1hNGIyLWU2M2E0ZGExNGM1Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9hAAMA0GCSqGSIb3DQEBCwUAA4IBAQB2dw1ChQvihJs1iCaA /MeBZ+nGJDwG1bC4qSRnBOtrFxqQNpMnPlPF8bsug5Syl2Z/pi+/F13n5QzntVRI 3SzxQU5SALYjlRgVL27Cux0p+0NpIA+THtZHW2IlcrG/3o04duTkuUv2A9UciBpy 9Lf3hlCOkNf+WHhSmVlGukG0gCCG7VmoTigVo9/JF6Pk4QhnHGuDsIYClWKzvGAo m36UaEmTHsUqvUFx0qSa53WdpMGBlwygPQYDpy3UK8FLf2HxB05SfGH0ZsBmlq6I 4j5/9hO6AgC9LUoZE03n7L/SDw4MBfP5fvl3j4WqmDHEvwCWjt17Zz0nPhgsS/ih z57a -----END CERTIFICATE-----Generated at Wed Nov 5 09:49:35 2025 by rpki-client