$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/228a5e29-7426-476c-b778-2d402b2ed541.roa File: 228a5e29-7426-476c-b778-2d402b2ed541.roa (raw, json) Hash identifier: jus3HR9somxvlod6pV8UYHVr1bgn6SJ9nDRk4tGcZaI= Subject key identifier: 9D:16:39:22:C2:74:31:85:81:96:E0:3E:07:4D:12:35:2E:70:0C:D0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 09F1F7D9EA50AFD444169E84100F92A5267F2580 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/228a5e29-7426-476c-b778-2d402b2ed541.roa Signing time: Sun 02 Nov 2025 00:00:37 +0000 ROA not before: Sun 02 Nov 2025 00:00:37 +0000 ROA not after: Sun 07 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:f1:f7:d9:ea:50:af:d4:44:16:9e:84:10:0f:92:a5:26:7f:25:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 2 00:00:37 2025 GMT Not After : Dec 7 23:59:59 2025 GMT Subject: serialNumber=a5dd8e98fea43b6d552a9dd6500c3c3bead57fc68259af818a1e8e1cc096a1c4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:6f:de:57:1b:43:4a:55:5a:f1:a0:6c:0c:0e: 38:f5:bc:23:a0:f1:d9:9a:cf:f8:32:ab:27:61:3b: 17:4c:01:b3:0a:ba:84:2e:af:be:38:75:18:99:5d: 2a:e5:46:94:62:23:66:fb:23:d7:4a:65:f8:79:e8: 73:a5:e2:06:70:c8:7b:46:ba:9c:49:52:a1:e8:ce: 55:e2:89:e6:8b:ca:a7:17:cb:6f:9b:09:94:3e:86: 38:aa:e9:eb:19:44:c4:ea:f5:a3:30:9e:cd:d9:52: b6:e2:1a:c7:e6:69:26:d0:1f:f6:12:b5:0a:4e:d6: d2:37:84:09:42:3c:d7:6f:d3:5f:1f:82:ac:99:aa: 13:c9:53:26:c1:9f:db:21:df:53:5c:d2:c7:9e:a9: 29:77:1c:aa:3e:4f:ca:4d:cc:41:bc:fa:e1:d2:81: e2:59:9e:9a:4d:c1:1f:f7:5e:7a:67:9f:98:2b:11: d6:b9:6f:4d:03:f2:7e:43:53:15:66:88:73:ec:17: d4:b0:10:82:dd:0c:b4:bb:20:23:84:0c:96:b9:ec: 16:73:5a:11:fc:e8:54:27:26:61:8d:2e:e0:59:68: 22:39:da:9e:b3:d6:33:ff:55:66:4b:95:b4:8e:15: df:d3:46:37:77:35:60:d3:82:50:41:e0:93:3d:90: 3c:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:16:39:22:C2:74:31:85:81:96:E0:3E:07:4D:12:35:2E:70:0C:D0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/228a5e29-7426-476c-b778-2d402b2ed541.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:800::/40 Signature Algorithm: sha256WithRSAEncryption 21:09:f1:58:45:b7:de:a1:c6:ee:fd:04:4b:af:d8:78:81:53: 68:4e:e4:b3:34:c9:53:01:0a:41:43:8f:07:e1:32:4a:59:a5: f2:1d:c6:24:90:5d:7c:dc:a4:e8:d3:50:c7:b6:43:46:70:50: d5:6c:48:b3:b4:c2:a8:43:99:ba:6a:09:b0:a6:19:5f:d2:47: d1:56:71:c4:f1:56:1d:a1:5b:6c:b1:66:79:d3:cd:55:b8:26: a3:92:ed:41:fa:d5:bf:0b:23:0c:66:e2:e3:32:9b:c7:2b:ab: ca:fc:fd:11:11:40:ca:24:2a:fb:53:61:e1:85:f2:e5:ab:0e: 92:6b:85:8a:e8:25:10:9d:b8:85:1a:17:ae:30:2a:79:d7:15: ce:65:aa:d5:b5:10:1b:02:38:88:2f:8a:4e:93:18:cf:2c:f5: a3:04:a1:ef:e2:86:df:66:1e:2e:c5:1d:9f:10:f4:fe:69:4a: 74:4d:5b:3c:a0:64:c7:f3:5e:e5:f2:f3:c6:bf:15:77:bb:ec: 27:9a:fa:6c:5e:61:eb:ad:0b:5b:0b:35:fd:71:7a:59:99:ef: 3e:e7:fc:eb:c6:92:6a:04:9c:8e:bd:25:b1:00:a0:73:fd:e1: a3:17:54:25:9f:88:27:19:54:88:d6:7c:54:7e:04:34:41:74: c9:08:a7:5f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCfH32epQr9REFp6EEA+SpSZ/JYAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwMjAwMDAzN1oX DTI1MTIwNzIzNTk1OVowejFJMEcGA1UEBRNAYTVkZDhlOThmZWE0M2I2ZDU1MmE5 ZGQ2NTAwYzNjM2JlYWQ1N2ZjNjgyNTlhZjgxOGExZThlMWNjMDk2YTFjNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2W/eVxtDSlVa8aBsDA449bwjoPHZ ms/4MqsnYTsXTAGzCrqELq++OHUYmV0q5UaUYiNm+yPXSmX4eehzpeIGcMh7Rrqc SVKh6M5V4onmi8qnF8tvmwmUPoY4qunrGUTE6vWjMJ7N2VK24hrH5mkm0B/2ErUK TtbSN4QJQjzXb9NfH4KsmaoTyVMmwZ/bId9TXNLHnqkpdxyqPk/KTcxBvPrh0oHi WZ6aTcEf9156Z5+YKxHWuW9NA/J+Q1MVZohz7BfUsBCC3Qy0uyAjhAyWuewWc1oR /OhUJyZhjS7gWWgiOdqes9Yz/1VmS5W0jhXf00Y3dzVg04JQQeCTPZA80QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJ0WOSLCdDGFgZbgPgdNEjUucAzQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzIyOGE1ZTI5LTc0MjYtNDc2Yy1iNzc4LTJkNDAyYjJlZDU0MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYAgwDQYJKoZIhvcNAQELBQADggEBACEJ8VhFt96hxu79BEuv 2HiBU2hO5LM0yVMBCkFDjwfhMkpZpfIdxiSQXXzcpOjTUMe2Q0ZwUNVsSLO0wqhD mbpqCbCmGV/SR9FWccTxVh2hW2yxZnnTzVW4JqOS7UH61b8LIwxm4uMym8crq8r8 /RERQMokKvtTYeGF8uWrDpJrhYroJRCduIUaF64wKnnXFc5lqtW1EBsCOIgvik6T GM8s9aMEoe/iht9mHi7FHZ8Q9P5pSnRNWzygZMfzXuXy88a/FXe77Cea+mxeYeut C1sLNf1xelmZ7z7n/OvGkmoEnI69JbEAoHP94aMXVCWfiCcZVIjWfFR+BDRBdMkI p18= -----END CERTIFICATE-----Generated at Wed Nov 5 05:41:41 2025 by rpki-client