$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/326b5e17-ace3-4579-8ae9-5219c81c9034.roa File: 326b5e17-ace3-4579-8ae9-5219c81c9034.roa (raw, json) Hash identifier: u1lJGMMuV3HPsteJFaR+pIg7a4YrSwQRuS31eF5+3Dc= Subject key identifier: 70:58:9A:52:1A:77:4B:BC:2D:45:AF:A7:0F:CF:AA:45:0C:28:9E:53 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0EF6BF436819F4BF2549BC586B4981F3993F66C8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/326b5e17-ace3-4579-8ae9-5219c81c9034.roa Signing time: Sat 01 Nov 2025 00:00:59 +0000 ROA not before: Sat 01 Nov 2025 00:00:59 +0000 ROA not after: Sat 06 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da2e::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:f6:bf:43:68:19:f4:bf:25:49:bc:58:6b:49:81:f3:99:3f:66:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 1 00:00:59 2025 GMT Not After : Dec 6 23:59:59 2025 GMT Subject: serialNumber=c1b128595ffa8dec5e52d26a78a008939a80cefd159f9cb2740556bc85394bf3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:d5:63:f6:14:2c:a7:fa:0d:37:9f:d1:cd:1d: 4c:3d:be:60:0e:10:6d:a1:7b:4a:a1:6d:5a:81:64: 13:4b:6c:f0:ab:7d:46:13:6f:01:24:3e:2e:81:cb: a9:a7:cb:bd:a1:7b:c8:4a:f6:ad:2a:81:bf:29:74: 9a:05:67:92:92:55:f0:0a:3e:2e:a6:18:53:ed:68: 8a:8a:1c:6f:a6:e4:27:a7:38:d9:a0:4e:aa:0e:95: 71:22:a1:b2:6c:f9:39:fc:e7:60:ac:30:ce:fe:b7: 5b:c3:39:b6:c9:9d:70:fe:6f:95:71:70:7a:86:b5: 0a:35:43:52:c2:08:c7:40:60:59:bf:9f:23:b2:f6: 79:36:f8:4e:de:01:08:14:40:5b:95:d0:a8:07:c2: 8d:a2:d0:13:fa:61:58:c1:77:57:1e:d4:54:6a:9b: e9:16:a2:f0:53:73:3f:ce:49:a2:9b:eb:7d:96:74: ba:99:29:3c:a6:fc:f6:5f:70:47:de:aa:48:88:4e: 0d:c7:ff:f8:55:96:90:a0:b9:6c:2e:ad:95:f3:88: 05:fc:2d:77:18:c9:3b:f7:02:ff:b2:ab:35:66:d7: 96:5a:b4:31:be:82:e9:df:df:18:b4:4f:fd:f6:80: e9:53:dd:0a:e0:46:14:d1:b3:cf:48:be:bd:21:2b: 27:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:58:9A:52:1A:77:4B:BC:2D:45:AF:A7:0F:CF:AA:45:0C:28:9E:53 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/326b5e17-ace3-4579-8ae9-5219c81c9034.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da2e::/36 Signature Algorithm: sha256WithRSAEncryption 12:27:f1:f3:09:49:42:57:7b:a8:93:a5:a6:22:e9:19:81:58: a5:c6:db:03:4f:51:84:61:05:5d:d6:c0:50:06:05:e7:84:b2: da:47:51:50:f8:82:28:6f:2c:54:e0:62:2f:d8:ac:69:55:0e: 92:97:4a:69:ff:14:34:a7:95:37:31:06:8a:1f:45:f3:54:84: 78:49:59:d6:54:b7:91:0b:a2:84:dd:58:12:ae:5a:ef:2f:30: ed:6a:24:94:0b:20:11:ff:f9:3e:5b:91:cf:72:e0:16:99:ec: a5:e2:08:ca:3e:f1:a1:85:0f:af:db:49:9f:af:d7:45:eb:4d: b2:a3:5f:38:3b:62:ca:05:e3:a3:71:6a:e0:26:29:6a:24:f8: 67:68:38:ad:e2:25:1b:38:0f:fd:da:0a:84:44:c4:33:07:a6: b8:9e:34:81:b9:4f:a3:b8:33:e6:62:88:5c:b6:53:19:d6:c5: 8d:98:35:89:b2:6b:6a:ef:d0:da:76:b9:80:70:58:64:c1:0e: 20:9a:76:90:bc:fc:73:a8:9c:e2:65:29:ab:15:a1:fd:57:5e: 70:fe:3e:81:4b:17:a9:d3:13:ce:23:c5:ab:a5:79:c4:70:47: c5:11:2b:26:40:25:6c:ec:08:4b:93:e6:51:9d:f5:50:7b:a9: e0:c9:8a:dc -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDva/Q2gZ9L8lSbxYa0mB85k/ZsgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwMTAwMDA1OVoX DTI1MTIwNjIzNTk1OVowejFJMEcGA1UEBRNAYzFiMTI4NTk1ZmZhOGRlYzVlNTJk MjZhNzhhMDA4OTM5YTgwY2VmZDE1OWY5Y2IyNzQwNTU2YmM4NTM5NGJmMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNVj9hQsp/oNN5/RzR1MPb5gDhBt oXtKoW1agWQTS2zwq31GE28BJD4ugcupp8u9oXvISvatKoG/KXSaBWeSklXwCj4u phhT7WiKihxvpuQnpzjZoE6qDpVxIqGybPk5/OdgrDDO/rdbwzm2yZ1w/m+VcXB6 hrUKNUNSwgjHQGBZv58jsvZ5NvhO3gEIFEBbldCoB8KNotAT+mFYwXdXHtRUapvp FqLwU3M/zkmim+t9lnS6mSk8pvz2X3BH3qpIiE4Nx//4VZaQoLlsLq2V84gF/C13 GMk79wL/sqs1ZteWWrQxvoLp398YtE/99oDpU90K4EYU0bPPSL69ISsnmQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHBYmlIad0u8LUWvpw/PqkUMKJ5TMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyNmI1ZTE3LWFjZTMtNDU3OS04YWU5LTUyMTljODFjOTAzNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaLgAwDQYJKoZIhvcNAQELBQADggEBABIn8fMJSUJXe6iTpaYi 6RmBWKXG2wNPUYRhBV3WwFAGBeeEstpHUVD4gihvLFTgYi/YrGlVDpKXSmn/FDSn lTcxBoofRfNUhHhJWdZUt5ELooTdWBKuWu8vMO1qJJQLIBH/+T5bkc9y4BaZ7KXi CMo+8aGFD6/bSZ+v10XrTbKjXzg7YsoF46NxauAmKWok+GdoOK3iJRs4D/3aCoRE xDMHprieNIG5T6O4M+ZiiFy2UxnWxY2YNYmya2rv0Np2uYBwWGTBDiCadpC8/HOo nOJlKasVof1XXnD+PoFLF6nTE84jxaulecRwR8URKyZAJWzsCEuT5lGd9VB7qeDJ itw= -----END CERTIFICATE-----Generated at Wed Nov 5 05:42:25 2025 by rpki-client