$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/388cbd89-4c8e-4d67-99e2-dd53b6b7d2c6.roa File: 388cbd89-4c8e-4d67-99e2-dd53b6b7d2c6.roa (raw, json) Hash identifier: Y19wmLfqjkMtqF8N89ygOu3KF7AiKVVfoO27EyffP2Q= Subject key identifier: D0:52:40:D2:D0:C2:A1:5B:17:06:47:BC:0C:89:61:43:7F:67:3C:14 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4AA0C99E5E5EE346EF4CF2649416636664524F30 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/388cbd89-4c8e-4d67-99e2-dd53b6b7d2c6.roa Signing time: Wed 05 Nov 2025 00:00:45 +0000 ROA not before: Wed 05 Nov 2025 00:00:45 +0000 ROA not after: Wed 10 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:a0:c9:9e:5e:5e:e3:46:ef:4c:f2:64:94:16:63:66:64:52:4f:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 5 00:00:45 2025 GMT Not After : Dec 10 23:59:59 2025 GMT Subject: serialNumber=f8fb1776f79f45d924bf5dcf2a6fb485101a8f68abb8f50b4748ed12fc87fab8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:46:70:ba:67:83:08:15:fd:68:9b:22:8b:4c: 9d:48:6f:e6:17:74:52:2a:6f:d9:c3:1d:d8:db:96: 3b:42:ac:0e:2e:4e:39:64:e7:bf:f3:96:90:59:9f: 6c:50:0d:10:97:2b:1d:bb:7c:23:ce:a5:7c:d4:e7: 36:05:69:84:b7:f1:bc:bb:8d:d6:82:ac:8f:bf:28: 03:53:64:fc:e9:f7:a9:d6:e7:4a:bf:91:d8:a3:48: ef:e0:70:de:4e:bf:f0:79:5e:37:92:48:77:1a:f9: 70:f5:9a:07:3c:f7:a2:04:14:51:a1:f8:17:3d:d3: 72:2c:56:dc:4e:07:57:95:4d:4d:50:dc:41:af:a3: 74:c0:b9:06:5e:ae:e8:7e:cc:28:bb:69:07:e6:a1: 2f:91:ff:02:5f:51:66:d1:86:40:b8:38:f0:f7:fb: f4:19:bd:42:8b:42:bc:f2:d7:0c:7c:30:79:2d:a0: 96:f1:1b:2d:8d:aa:f0:07:6a:26:38:79:db:63:7c: 17:42:b4:52:70:ef:b8:8f:0d:5e:5d:94:3e:d0:92: bf:68:e5:d5:f6:32:2a:97:9b:3c:d6:35:bc:94:d2: 35:c0:62:99:4c:43:b1:ca:5f:98:a2:8c:6a:ba:5e: a4:ee:cb:ca:c7:f5:f6:63:b8:63:ea:37:5b:f4:7a: 4f:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:52:40:D2:D0:C2:A1:5B:17:06:47:BC:0C:89:61:43:7F:67:3C:14 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/388cbd89-4c8e-4d67-99e2-dd53b6b7d2c6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:880::/48 Signature Algorithm: sha256WithRSAEncryption a4:5c:86:36:fd:f0:04:28:e6:85:ed:6a:09:77:6f:76:6a:81: 22:6f:97:db:9e:a5:62:8c:bb:2e:e6:ab:a7:5a:99:41:09:e1: 16:5c:c0:1e:a5:70:4d:93:03:a3:c6:f6:87:71:82:f9:0e:6e: fc:92:6a:88:e9:02:61:81:a3:5d:c1:58:a9:c9:2c:8a:ce:41: 76:03:b2:f1:53:1f:45:e2:ed:cb:36:dd:50:45:b8:7f:f6:92: 7e:6d:b1:2f:3f:b2:7f:3a:fc:c1:70:e4:51:34:e5:8e:2a:59: d8:24:5b:cf:75:e1:2e:e5:af:45:ae:dd:d3:28:d0:fa:27:27: e6:a9:b5:c0:78:8c:ab:b4:f3:c0:e3:90:ef:be:48:96:2a:c9: 98:fa:1d:70:21:dc:8e:9a:0f:70:72:40:09:c1:77:bd:3e:34: c7:75:ac:91:60:2c:6f:40:60:7f:46:06:31:86:b5:f0:55:7a: c5:21:60:e2:30:a8:1f:eb:27:8b:f8:bf:ad:8a:c2:25:93:1d: 51:40:1e:98:e0:21:8e:f0:e4:a6:7f:74:fe:5e:53:de:69:f4: 01:17:2d:b9:ab:ce:cc:83:63:7a:ac:f8:e2:e9:06:ea:e9:cb: 0f:5a:05:d1:24:26:ad:18:81:87:0a:37:ea:a8:b0:3a:6a:96: a7:8f:81:97 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUSqDJnl5e40bvTPJklBZjZmRSTzAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNTAwMDA0NVoX DTI1MTIxMDIzNTk1OVowejFJMEcGA1UEBRNAZjhmYjE3NzZmNzlmNDVkOTI0YmY1 ZGNmMmE2ZmI0ODUxMDFhOGY2OGFiYjhmNTBiNDc0OGVkMTJmYzg3ZmFiODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUZwumeDCBX9aJsii0ydSG/mF3RS Km/Zwx3Y25Y7QqwOLk45ZOe/85aQWZ9sUA0Qlysdu3wjzqV81Oc2BWmEt/G8u43W gqyPvygDU2T86fep1udKv5HYo0jv4HDeTr/weV43kkh3Gvlw9ZoHPPeiBBRRofgX PdNyLFbcTgdXlU1NUNxBr6N0wLkGXq7ofswou2kH5qEvkf8CX1Fm0YZAuDjw9/v0 Gb1Ci0K88tcMfDB5LaCW8RstjarwB2omOHnbY3wXQrRScO+4jw1eXZQ+0JK/aOXV 9jIql5s81jW8lNI1wGKZTEOxyl+Yooxqul6k7svKx/X2Y7hj6jdb9HpPyQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNBSQNLQwqFbFwZHvAyJYUN/ZzwUMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM4OGNiZDg5LTRjOGUtNGQ2Ny05OWUyLWRkNTNiNmI3ZDJjNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAAiAMA0GCSqGSIb3DQEBCwUAA4IBAQCkXIY2/fAEKOaF7WoJ d292aoEib5fbnqVijLsu5qunWplBCeEWXMAepXBNkwOjxvaHcYL5Dm78kmqI6QJh gaNdwVipySyKzkF2A7LxUx9F4u3LNt1QRbh/9pJ+bbEvP7J/OvzBcORRNOWOKlnY JFvPdeEu5a9Frt3TKND6JyfmqbXAeIyrtPPA45DvvkiWKsmY+h1wIdyOmg9wckAJ wXe9PjTHdayRYCxvQGB/RgYxhrXwVXrFIWDiMKgf6yeL+L+tisIlkx1RQB6Y4CGO 8OSmf3T+XlPeafQBFy25q87Mg2N6rPji6Qbq6csPWgXRJCatGIGHCjfqqLA6apan j4GX -----END CERTIFICATE-----Generated at Wed Nov 5 14:06:14 2025 by rpki-client