$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e316e1b-d1e7-47c4-a799-78ecfb9511d6.roa File: 3e316e1b-d1e7-47c4-a799-78ecfb9511d6.roa (raw, json) Hash identifier: xuw0GbZ/LDwS2xFGrUDWK3q+b4VsNDfjsXfmTOCEOAg= Subject key identifier: DB:8E:BD:76:7B:F4:3D:7D:EF:7D:7F:EF:A4:6C:B1:D1:B6:29:1F:B6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 11E1C3127F766631491F628E6F3070E68424D5C4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e316e1b-d1e7-47c4-a799-78ecfb9511d6.roa Signing time: Tue 04 Nov 2025 00:00:46 +0000 ROA not before: Tue 04 Nov 2025 00:00:46 +0000 ROA not after: Tue 09 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:c000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:e1:c3:12:7f:76:66:31:49:1f:62:8e:6f:30:70:e6:84:24:d5:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 4 00:00:46 2025 GMT Not After : Dec 9 23:59:59 2025 GMT Subject: serialNumber=426677c9beb7fa327620e9451f8382293c318a088bb60b0fb46d2ff175b62739, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:9e:ec:7a:71:17:2e:33:72:75:a6:4d:43:9a: 60:77:26:2d:ac:51:bf:a1:88:25:5f:d4:db:6e:5f: de:97:b8:cb:1a:1a:00:6a:fe:8d:e7:96:3b:d8:fb: 8e:09:6b:48:28:f2:c5:95:39:2f:cd:e8:52:3d:3c: 79:6a:72:88:89:71:b9:d9:01:fe:03:b9:eb:a1:d4: b9:26:9d:7d:59:ed:ad:97:c7:30:db:a4:28:ba:bb: dc:80:63:01:6a:55:58:90:8b:bc:42:59:a8:5a:a7: d2:9b:d3:89:a1:44:32:ba:c3:2f:3c:77:9a:56:4c: 87:2b:bf:07:bc:fd:58:92:4d:a9:3b:26:64:0f:c5: 49:f6:0d:3a:bb:7e:65:51:f1:6a:b8:c8:5c:4b:ea: fb:a8:74:0b:99:ef:8f:68:84:1a:02:f0:eb:94:b6: e5:b3:18:ca:aa:19:2e:ce:55:92:dc:d1:a4:a6:22: 8d:89:7b:38:1a:72:d5:e9:f6:75:b0:2c:e0:79:bc: fe:11:0f:0f:a1:33:a1:5a:61:95:c8:8c:c5:4b:b2: 17:0b:70:3b:fb:b0:5f:f2:ed:aa:32:e6:e8:5b:e9: 95:ee:b0:d7:79:9d:5c:c3:6b:35:d4:aa:dc:94:a1: 77:cc:e0:46:1a:2a:c1:97:47:4a:ce:d9:cd:25:0b: 1a:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:8E:BD:76:7B:F4:3D:7D:EF:7D:7F:EF:A4:6C:B1:D1:B6:29:1F:B6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e316e1b-d1e7-47c4-a799-78ecfb9511d6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:c000::/48 Signature Algorithm: sha256WithRSAEncryption 60:fb:be:36:19:66:af:94:dc:42:d0:cb:b5:d6:a8:fe:98:a2: a0:c1:d9:b9:64:37:82:85:25:21:50:7e:51:0c:a4:b3:dd:58: f5:2b:7e:aa:f8:7d:9c:3b:1c:97:99:05:ee:a3:d4:15:a0:e5: fe:86:4a:73:43:65:36:3e:f4:93:16:13:9a:2f:73:6d:80:b1: 39:48:15:ac:0d:11:b4:ec:ef:6e:10:5d:24:c8:ca:a8:1c:98: 45:5b:32:79:66:05:c2:d7:6d:3b:8e:4e:5b:77:6f:e0:b5:46: ac:0e:f4:2c:56:96:8f:f7:c5:f6:4f:42:a7:8d:39:b2:8a:7f: 4c:a8:d7:25:0b:10:93:ab:10:b2:68:7d:04:c4:a5:be:66:e0: 9f:59:43:60:ba:03:c0:7f:40:5d:82:27:40:13:ff:d3:71:d3: d5:c4:03:df:a4:d0:58:72:2f:a4:d4:36:97:f6:8e:6a:84:a7: bc:ad:ec:b8:e0:af:ee:b9:67:d8:54:01:4d:c7:87:f0:ea:0d: 04:9e:0f:74:94:44:9a:b3:79:16:0d:09:7f:0a:e2:3e:db:8a: 99:52:bf:22:37:eb:93:d8:cb:d6:e4:32:c8:c9:21:94:4a:47: 40:02:b6:12:67:f6:ad:9e:1b:52:dc:86:73:88:77:5b:48:c6: fd:50:83:5f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUEeHDEn92ZjFJH2KObzBw5oQk1cQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNDAwMDA0NloX DTI1MTIwOTIzNTk1OVowejFJMEcGA1UEBRNANDI2Njc3YzliZWI3ZmEzMjc2MjBl OTQ1MWY4MzgyMjkzYzMxOGEwODhiYjYwYjBmYjQ2ZDJmZjE3NWI2MjczOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv57senEXLjNydaZNQ5pgdyYtrFG/ oYglX9Tbbl/el7jLGhoAav6N55Y72PuOCWtIKPLFlTkvzehSPTx5anKIiXG52QH+ A7nrodS5Jp19We2tl8cw26QourvcgGMBalVYkIu8QlmoWqfSm9OJoUQyusMvPHea VkyHK78HvP1Ykk2pOyZkD8VJ9g06u35lUfFquMhcS+r7qHQLme+PaIQaAvDrlLbl sxjKqhkuzlWS3NGkpiKNiXs4GnLV6fZ1sCzgebz+EQ8PoTOhWmGVyIzFS7IXC3A7 +7Bf8u2qMuboW+mV7rDXeZ1cw2s11KrclKF3zOBGGirBl0dKztnNJQsanQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNuOvXZ79D19731/76RssdG2KR+2MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNlMzE2ZTFiLWQxZTctNDdjNC1hNzk5LTc4ZWNmYjk1MTFkNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9sAAMA0GCSqGSIb3DQEBCwUAA4IBAQBg+742GWavlNxC0Mu1 1qj+mKKgwdm5ZDeChSUhUH5RDKSz3Vj1K36q+H2cOxyXmQXuo9QVoOX+hkpzQ2U2 PvSTFhOaL3NtgLE5SBWsDRG07O9uEF0kyMqoHJhFWzJ5ZgXC1207jk5bd2/gtUas DvQsVpaP98X2T0KnjTmyin9MqNclCxCTqxCyaH0ExKW+ZuCfWUNgugPAf0BdgidA E//TcdPVxAPfpNBYci+k1DaX9o5qhKe8rey44K/uuWfYVAFNx4fw6g0Eng90lESa s3kWDQl/CuI+24qZUr8iN+uT2MvW5DLIySGUSkdAArYSZ/atnhtS3IZziHdbSMb9 UINf -----END CERTIFICATE-----Generated at Wed Nov 5 22:52:58 2025 by rpki-client