$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/36780eb4-ec67-447e-93dc-7aee759e06ed.roa File: 36780eb4-ec67-447e-93dc-7aee759e06ed.roa (raw, json) Hash identifier: zucNDGkh3hDM8hkWqG3SYEHNS8MLP4+nm6d0rl8CYLc= Subject key identifier: 05:B5:4F:17:76:1C:AB:87:BE:D1:36:F7:71:51:14:2C:16:91:14:F5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0713C0FB34ED19E55940B2AE4453E1780939C091 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/36780eb4-ec67-447e-93dc-7aee759e06ed.roa Signing time: Wed 05 Nov 2025 00:00:49 +0000 ROA not before: Wed 05 Nov 2025 00:00:49 +0000 ROA not after: Wed 10 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:13:c0:fb:34:ed:19:e5:59:40:b2:ae:44:53:e1:78:09:39:c0:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 5 00:00:49 2025 GMT Not After : Dec 10 23:59:59 2025 GMT Subject: serialNumber=f0b349c97a7593b32685a571c8b207409c653b1de7626eb1c0f1f09125ef8c0f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:10:5a:1c:ba:ce:78:bf:bf:99:92:bc:38:10: 74:c3:0e:10:b7:59:60:a9:dd:92:b1:6a:2f:e7:13: 44:3f:ad:b6:cf:b1:0e:b8:b0:d3:be:6a:b9:6e:e7: b1:d9:20:c6:a5:0a:ca:6a:83:74:77:d9:79:3e:51: 10:b0:7c:ee:74:2c:f5:66:23:61:c6:99:7b:42:0c: 47:73:4a:71:ca:9a:3a:cb:d0:fc:4b:19:2c:c2:07: 5a:84:94:2b:6b:5f:bf:9b:96:17:28:7d:26:e9:17: 71:f4:0a:8a:a6:c1:de:11:db:51:60:22:38:7d:7a: af:e4:92:12:d3:53:e5:d5:8b:de:6b:39:66:48:67: ba:20:13:d7:f8:24:94:2a:b0:9f:56:f8:75:37:b8: 6b:16:7c:ad:c7:0a:94:b9:e7:2e:dc:8f:17:f4:ae: 4f:ee:c9:44:7d:6c:dc:cf:5d:f3:ce:7b:c7:27:4a: 1b:90:ae:ae:09:f7:ba:02:fc:4a:90:0a:8e:40:03: ea:ac:47:76:81:56:06:ed:07:70:ab:61:84:1b:85: ff:97:17:b9:c0:78:ae:0d:c6:70:ef:92:5e:2d:8c: c4:0e:8d:b8:69:2e:f6:fd:b7:07:24:ee:99:c4:24: 19:68:58:29:be:94:c3:68:6f:e3:15:bc:c9:78:b2: 30:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:B5:4F:17:76:1C:AB:87:BE:D1:36:F7:71:51:14:2C:16:91:14:F5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/36780eb4-ec67-447e-93dc-7aee759e06ed.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00::/48 Signature Algorithm: sha256WithRSAEncryption 2d:de:71:e5:a1:ad:0c:8d:4a:68:a7:86:d3:47:f2:e7:6f:74: 14:78:af:ce:38:7f:f5:d2:4f:6e:26:6e:a4:7c:d2:57:33:0a: 45:70:1c:89:29:e9:b3:c7:aa:02:ba:95:b3:be:5e:97:b4:67: 04:eb:7b:ce:7f:8d:3e:97:88:f0:f3:f6:e7:a3:77:0a:01:81: 58:5b:eb:17:17:1d:f9:55:88:58:2e:6d:d0:90:0f:bb:ca:85: 11:89:4d:83:56:40:9d:82:4c:82:6e:bf:54:82:85:14:d0:38: 4d:ad:2c:5a:32:ac:4f:f2:2f:aa:b0:28:a9:b8:0d:62:d7:f8: dc:88:85:dc:a0:bb:fc:ee:67:81:91:75:b4:7b:ef:94:20:12: 8f:33:62:36:a0:04:e3:51:db:6e:8e:45:39:fb:11:3c:e0:d7: 74:fd:a3:4e:d9:c1:b1:6e:4d:ea:c8:98:7f:a7:7a:75:c4:c8: 78:7a:ca:37:e8:58:e6:20:13:18:33:81:77:ab:57:e5:1d:43: b8:11:e9:20:ec:d5:25:01:17:5a:fe:ed:73:36:f5:13:ab:84: 83:a1:0e:8b:3e:e3:ea:47:9f:c0:58:78:4c:96:6c:ea:f0:36: 79:08:29:98:d5:f2:08:8d:82:c8:f0:f0:a2:63:a4:d5:2f:35: b8:b0:00:ab -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUBxPA+zTtGeVZQLKuRFPheAk5wJEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNTAwMDA0OVoX DTI1MTIxMDIzNTk1OVowejFJMEcGA1UEBRNAZjBiMzQ5Yzk3YTc1OTNiMzI2ODVh NTcxYzhiMjA3NDA5YzY1M2IxZGU3NjI2ZWIxYzBmMWYwOTEyNWVmOGMwZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRBaHLrOeL+/mZK8OBB0ww4Qt1lg qd2SsWov5xNEP622z7EOuLDTvmq5buex2SDGpQrKaoN0d9l5PlEQsHzudCz1ZiNh xpl7QgxHc0pxypo6y9D8SxkswgdahJQra1+/m5YXKH0m6Rdx9AqKpsHeEdtRYCI4 fXqv5JIS01Pl1YveazlmSGe6IBPX+CSUKrCfVvh1N7hrFnytxwqUuecu3I8X9K5P 7slEfWzcz13zznvHJ0obkK6uCfe6AvxKkAqOQAPqrEd2gVYG7Qdwq2GEG4X/lxe5 wHiuDcZw75JeLYzEDo24aS72/bcHJO6ZxCQZaFgpvpTDaG/jFbzJeLIw+QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAW1Txd2HKuHvtE293FRFCwWkRT1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM2NzgwZWI0LWVjNjctNDQ3ZS05M2RjLTdhZWU3NTllMDZlZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQAt3nHloa0MjUpop4bT R/Lnb3QUeK/OOH/10k9uJm6kfNJXMwpFcByJKemzx6oCupWzvl6XtGcE63vOf40+ l4jw8/bno3cKAYFYW+sXFx35VYhYLm3QkA+7yoURiU2DVkCdgkyCbr9UgoUU0DhN rSxaMqxP8i+qsCipuA1i1/jciIXcoLv87meBkXW0e++UIBKPM2I2oATjUdtujkU5 +xE84Nd0/aNO2cGxbk3qyJh/p3p1xMh4eso36FjmIBMYM4F3q1flHUO4Eekg7NUl ARda/u1zNvUTq4SDoQ6LPuPqR5/AWHhMlmzq8DZ5CCmY1fIIjYLI8PCiY6TVLzW4 sACr -----END CERTIFICATE-----Generated at Wed Nov 5 05:41:26 2025 by rpki-client