$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2a177984-44c1-4fc1-97dc-e08be80f4299.roa File: 2a177984-44c1-4fc1-97dc-e08be80f4299.roa (raw, json) Hash identifier: 2nKFOIpsYKkvQL19t4KpFe6ging9rIWSqHF2GVHs5HI= Subject key identifier: 32:45:C1:FE:99:CF:E7:9B:D5:46:2B:FD:7C:A7:F7:1A:5A:B9:38:40 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 465C62423D1E6C92AE811E14AEC769B470C72555 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2a177984-44c1-4fc1-97dc-e08be80f4299.roa Signing time: Wed 29 Oct 2025 00:10:27 +0000 ROA not before: Wed 29 Oct 2025 00:10:27 +0000 ROA not after: Wed 03 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:4840::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:5c:62:42:3d:1e:6c:92:ae:81:1e:14:ae:c7:69:b4:70:c7:25:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 29 00:10:27 2025 GMT Not After : Dec 3 23:59:59 2025 GMT Subject: serialNumber=360b283600ef4313f9fc05b274ae7b09041d6f8379e3ee21b7e7e1034bef1e82, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:8d:6a:93:43:61:64:e0:c8:d9:c4:b7:35:93: de:47:9f:b6:6a:3f:65:c3:3f:f4:c5:da:a4:0a:d9: 2c:7a:8d:cd:85:d4:cc:fd:ce:88:85:d2:9b:6a:ef: 7f:cc:06:a8:eb:a5:08:70:7d:ed:91:89:21:59:07: fa:9f:65:57:1f:4d:c9:3a:a3:c5:53:d8:be:65:76: 6d:22:0d:28:71:49:16:9f:0e:92:13:22:b0:94:42: 7a:af:06:8a:c4:2d:b5:43:4b:5b:c7:b9:36:e5:e1: c3:07:86:ee:39:ff:eb:62:02:a7:65:9f:3c:51:ff: 8c:5b:91:da:71:50:e5:41:ed:09:66:ed:50:5a:10: 94:a4:f2:8d:f2:d9:89:d0:00:a7:36:72:49:ce:ca: 35:be:d8:f3:99:2b:67:ab:38:28:1b:6c:ae:41:21: b0:95:f6:33:1f:6c:69:30:a9:ee:d2:57:ad:bd:c4: 73:90:d7:cf:61:2e:94:b1:79:2d:5e:c9:1b:2f:f0: a0:63:c9:93:1e:f6:21:cb:29:7f:4f:ed:fa:71:b4: 1a:a2:90:c3:7d:13:64:bc:5b:e5:78:ea:ad:a5:58: d9:b9:39:5c:89:c7:f5:2d:f1:ea:ae:42:bb:00:66: 61:90:4f:5f:cb:a6:c4:27:c3:cc:6c:b1:8f:37:2c: 8a:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:45:C1:FE:99:CF:E7:9B:D5:46:2B:FD:7C:A7:F7:1A:5A:B9:38:40 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2a177984-44c1-4fc1-97dc-e08be80f4299.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:4840::/46 Signature Algorithm: sha256WithRSAEncryption 56:d3:8e:d2:88:33:d3:c4:a8:31:7f:12:f6:b3:2f:7b:8f:2d: eb:36:80:c5:e8:d9:83:a0:47:7b:a7:cc:d4:fa:aa:c6:60:58: 97:1f:fc:49:56:90:b0:91:d4:03:81:4b:a3:51:2b:0a:0d:fd: 87:98:b4:4a:89:f3:80:07:61:90:e6:46:fe:37:f3:c7:33:d2: 01:10:6f:ac:d0:be:a4:f9:ad:0c:72:3b:95:21:0b:02:a9:f5: 17:a2:d5:66:86:92:fb:c7:32:80:9f:2d:36:3b:95:a5:b2:bc: f1:50:a6:af:ea:e3:4b:dc:aa:16:4a:78:fc:bd:c2:c6:5d:06: e0:73:23:de:97:59:5a:3a:ac:32:09:5e:7a:d9:3b:ff:f4:0a: 45:99:45:5e:f1:6f:d6:e4:aa:55:eb:da:d5:10:15:2f:f7:e8: 52:65:34:43:e2:ea:72:da:76:bc:2a:df:30:a9:8a:99:96:56: fb:ed:fd:da:24:23:23:f8:8c:33:23:c5:bf:f3:da:0d:43:1a: 6f:fa:6f:bb:e0:08:17:84:39:2c:63:03:b5:e7:e0:31:38:b7: 1b:0b:6e:28:e4:9b:7f:f0:c1:01:cd:b2:d9:da:d1:4c:94:56: 0a:c4:af:35:d0:5e:82:ae:62:66:89:52:b5:b1:bb:c6:29:dd: e3:3e:f1:d4 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIURlxiQj0ebJKugR4UrsdptHDHJVUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyOTAwMTAyN1oX DTI1MTIwMzIzNTk1OVowejFJMEcGA1UEBRNAMzYwYjI4MzYwMGVmNDMxM2Y5ZmMw NWIyNzRhZTdiMDkwNDFkNmY4Mzc5ZTNlZTIxYjdlN2UxMDM0YmVmMWU4MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA741qk0NhZODI2cS3NZPeR5+2aj9l wz/0xdqkCtkseo3NhdTM/c6IhdKbau9/zAao66UIcH3tkYkhWQf6n2VXH03JOqPF U9i+ZXZtIg0ocUkWnw6SEyKwlEJ6rwaKxC21Q0tbx7k25eHDB4buOf/rYgKnZZ88 Uf+MW5HacVDlQe0JZu1QWhCUpPKN8tmJ0ACnNnJJzso1vtjzmStnqzgoG2yuQSGw lfYzH2xpMKnu0letvcRzkNfPYS6UsXktXskbL/CgY8mTHvYhyyl/T+36cbQaopDD fRNkvFvleOqtpVjZuTlcicf1LfHqrkK7AGZhkE9fy6bEJ8PMbLGPNyyKSwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDJFwf6Zz+eb1UYr/Xyn9xpauThAMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJhMTc3OTg0LTQ0YzEtNGZjMS05N2RjLWUwOGJlODBmNDI5OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba80hAMA0GCSqGSIb3DQEBCwUAA4IBAQBW047SiDPTxKgxfxL2 sy97jy3rNoDF6NmDoEd7p8zU+qrGYFiXH/xJVpCwkdQDgUujUSsKDf2HmLRKifOA B2GQ5kb+N/PHM9IBEG+s0L6k+a0McjuVIQsCqfUXotVmhpL7xzKAny02O5Wlsrzx UKav6uNL3KoWSnj8vcLGXQbgcyPel1laOqwyCV562Tv/9ApFmUVe8W/W5KpV69rV EBUv9+hSZTRD4upy2na8Kt8wqYqZllb77f3aJCMj+IwzI8W/89oNQxpv+m+74AgX hDksYwO15+AxOLcbC24o5Jt/8MEBzbLZ2tFMlFYKxK810F6CrmJmiVK1sbvGKd3j PvHU -----END CERTIFICATE-----Generated at Wed Nov 5 11:31:54 2025 by rpki-client