$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/36a61bb0-d5ee-40f9-b3eb-0fa1d1a4956c.roa File: 36a61bb0-d5ee-40f9-b3eb-0fa1d1a4956c.roa (raw, json) Hash identifier: GUarq9mVYShLr+yS4qjIGTwRJH6bK9TaTNYowTavlS0= Subject key identifier: 29:A3:CA:A1:49:9A:61:9B:F2:2C:58:A4:5D:64:9D:4E:11:6D:94:02 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3AD371C0211163ED0A492809AF59C089BB15BC81 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/36a61bb0-d5ee-40f9-b3eb-0fa1d1a4956c.roa Signing time: Wed 15 Oct 2025 00:20:51 +0000 ROA not before: Wed 15 Oct 2025 00:20:51 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:d3:71:c0:21:11:63:ed:0a:49:28:09:af:59:c0:89:bb:15:bc:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:20:51 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=16819a5c8ebfee3c3571a38ff84eb0b23fe2c6e1008587516b7b5667936b2cc5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:09:e5:60:5e:bc:83:00:66:af:df:94:a0:14: 6a:03:75:4a:5b:a3:0a:1e:37:54:06:47:62:32:e9: 9d:07:90:88:89:f4:e5:d8:f1:79:7b:43:06:80:01: 1a:40:16:43:ef:97:25:61:6d:55:2b:c5:b8:3c:da: d6:5c:b5:55:14:d7:da:ac:57:e1:d9:b0:b2:fc:74: 78:78:22:a7:f3:a0:dc:f9:71:a6:29:05:c9:a9:a2: bb:01:73:8e:16:ec:0d:96:c6:ce:ed:d5:c2:1a:26: 53:1f:36:70:a2:67:a2:d4:cd:4d:2d:e1:d8:ea:75: 1c:9e:cb:5d:ff:22:80:70:80:d8:f9:28:dc:61:b0: 8a:30:84:d6:3d:38:a8:b8:d5:bb:d7:eb:42:e0:90: be:5d:2d:67:7f:2a:aa:0c:65:81:90:35:7f:97:33: 50:c5:67:92:b4:fc:94:9f:a0:c0:9d:cb:84:4d:f8: c3:29:32:9e:39:f8:6a:a7:31:45:4a:1c:e2:22:78: 74:0f:60:52:12:0d:fd:02:43:9d:3e:43:43:74:c3: 36:71:29:cd:15:93:fa:27:4f:e9:0f:29:7e:4e:64: 0c:c1:34:c7:96:e2:f4:34:5a:bf:a5:50:b4:5c:da: fe:77:9a:17:b8:1c:b1:e8:78:f8:4b:fe:75:ae:29: 5d:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:A3:CA:A1:49:9A:61:9B:F2:2C:58:A4:5D:64:9D:4E:11:6D:94:02 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/36a61bb0-d5ee-40f9-b3eb-0fa1d1a4956c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36::/32 Signature Algorithm: sha256WithRSAEncryption 02:bd:c9:90:63:5c:e9:8b:ee:71:fb:79:91:b3:49:df:a7:4a: dd:26:90:83:fa:dd:06:9b:2d:58:0e:b9:e2:cb:b2:35:5f:8f: e2:ed:47:08:38:59:02:8d:45:eb:c8:1e:9c:f7:57:e0:49:2e: b1:f0:42:4a:a9:5a:1e:fb:1a:f9:26:54:df:76:d5:54:24:37: f7:86:de:fb:d6:35:76:20:d4:1f:97:42:13:b4:15:99:92:7d: 80:dc:c6:d6:e8:0a:8a:05:81:48:62:60:98:ed:d3:33:0c:9d: 32:50:16:c2:c6:73:89:c5:c0:37:4f:64:f5:ab:23:9b:02:7d: e7:8e:27:a0:ba:96:e2:8c:cc:f5:eb:14:1a:79:ad:2d:fe:7b: 5e:aa:37:f0:34:b5:83:43:37:71:7c:ad:f4:85:45:21:2f:39: 94:4d:70:56:33:ce:24:0f:c3:14:a7:ef:0b:69:60:aa:49:a6: 00:cd:e8:15:02:04:a1:8b:0a:01:f5:6d:0a:e0:20:56:68:4c: 89:36:55:b4:df:e2:cf:f3:34:a6:49:73:cc:b4:1d:01:5d:4d: da:57:13:16:31:05:4a:55:c1:f6:14:17:20:4e:28:8f:0a:a9: 18:f6:10:29:3d:b2:82:6d:4e:84:de:f0:29:f7:b0:fd:9e:a9: d2:5f:68:de -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUOtNxwCERY+0KSSgJr1nAibsVvIEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwMjA1MVoX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNAMTY4MTlhNWM4ZWJmZWUzYzM1NzFh MzhmZjg0ZWIwYjIzZmUyYzZlMTAwODU4NzUxNmI3YjU2Njc5MzZiMmNjNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8QnlYF68gwBmr9+UoBRqA3VKW6MK HjdUBkdiMumdB5CIifTl2PF5e0MGgAEaQBZD75clYW1VK8W4PNrWXLVVFNfarFfh 2bCy/HR4eCKn86Dc+XGmKQXJqaK7AXOOFuwNlsbO7dXCGiZTHzZwomei1M1NLeHY 6nUcnstd/yKAcIDY+SjcYbCKMITWPTiouNW71+tC4JC+XS1nfyqqDGWBkDV/lzNQ xWeStPyUn6DAncuETfjDKTKeOfhqpzFFShziInh0D2BSEg39AkOdPkNDdMM2cSnN FZP6J0/pDyl+TmQMwTTHluL0NFq/pVC0XNr+d5oXuByx6Hj4S/51rildwQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFCmjyqFJmmGb8ixYpF1knU4RbZQCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM2YTYxYmIwLWQ1ZWUtNDBmOS1iM2ViLTBmYTFkMWE0OTU2Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbaNjANBgkqhkiG9w0BAQsFAAOCAQEAAr3JkGNc6Yvucft5kbNJ 36dK3SaQg/rdBpstWA654suyNV+P4u1HCDhZAo1F68genPdX4EkusfBCSqlaHvsa +SZU33bVVCQ394be+9Y1diDUH5dCE7QVmZJ9gNzG1ugKigWBSGJgmO3TMwydMlAW wsZzicXAN09k9asjmwJ9544noLqW4ozM9esUGnmtLf57Xqo38DS1g0M3cXyt9IVF IS85lE1wVjPOJA/DFKfvC2lgqkmmAM3oFQIEoYsKAfVtCuAgVmhMiTZVtN/iz/M0 pklzzLQdAV1N2lcTFjEFSlXB9hQXIE4ojwqpGPYQKT2ygm1OhN7wKfew/Z6p0l9o 3g== -----END CERTIFICATE-----Generated at Thu Nov 6 00:23:20 2025 by rpki-client