$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/47474093-258c-498a-bd3d-047521af5d87.roa File: 47474093-258c-498a-bd3d-047521af5d87.roa (raw, json) Hash identifier: iU2iQdk7NHlbTU1PnelLptgENoWd5JnUr7k8mlOi40Y= Subject key identifier: 23:49:69:2A:48:29:1F:C9:63:15:8D:8E:7B:05:3D:89:E4:20:BB:30 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 40265301F455720F998524FA7317437740BCFCFB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/47474093-258c-498a-bd3d-047521af5d87.roa Signing time: Sat 01 Nov 2025 00:00:41 +0000 ROA not before: Sat 01 Nov 2025 00:00:41 +0000 ROA not after: Sat 06 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:26:53:01:f4:55:72:0f:99:85:24:fa:73:17:43:77:40:bc:fc:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 1 00:00:41 2025 GMT Not After : Dec 6 23:59:59 2025 GMT Subject: serialNumber=27cee9fe4150731c30e1e952592a560fae55c47683cf0ba03f211ad03d1212c3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:fc:2f:bf:bf:57:05:d8:17:b9:d8:b1:ab:68: 70:c1:70:15:f3:f7:e6:66:66:57:71:d4:ef:73:40: 95:2f:39:86:30:2d:f4:dc:5b:0c:3c:b6:fe:ae:bf: 63:56:d2:ae:56:bc:aa:b5:63:3b:9c:42:f3:51:3e: 7a:e1:2d:4f:6e:b3:db:58:d4:4b:3d:f9:ca:48:9d: 13:01:c2:1d:a4:3c:c2:07:ff:83:ff:12:d1:58:34: 36:87:38:d0:fe:1e:bd:2b:51:f0:0e:67:66:e9:e6: 99:f5:42:03:c6:3e:bd:48:3e:74:58:ce:8a:6e:48: 5c:39:d5:79:27:7a:78:6a:ce:21:c1:59:26:32:d6: 22:11:25:9e:1b:79:12:4a:21:08:71:59:44:d5:2c: 15:d0:30:b1:d1:43:b2:95:a8:40:37:60:75:b0:9b: 56:ce:8c:29:b8:85:4d:af:83:0d:99:9d:2e:16:de: ef:a1:61:9f:98:db:9d:2b:68:a3:d2:e1:89:dd:3b: 47:7e:9c:89:ac:b8:6c:69:f4:b9:90:88:3d:86:96: d0:37:58:21:65:96:79:36:df:bd:19:0b:d6:ca:41: 3c:14:aa:67:75:01:94:f7:fc:2d:67:ab:cc:9d:53: 96:f6:aa:dc:60:0c:47:1c:0e:14:27:ef:ac:81:dc: b8:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:49:69:2A:48:29:1F:C9:63:15:8D:8E:7B:05:3D:89:E4:20:BB:30 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/47474093-258c-498a-bd3d-047521af5d87.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:f000::/40 Signature Algorithm: sha256WithRSAEncryption 22:5e:9e:2d:38:c5:10:70:b6:a9:47:07:95:5a:c2:b1:b8:21: 0f:ab:f1:93:8d:25:20:f9:45:87:8b:59:c8:25:9f:23:da:e8: 32:0d:5f:e3:16:0d:65:d3:f4:75:a9:55:bd:b5:9e:1d:ee:9e: d9:f4:04:a3:62:68:08:8c:ca:04:06:71:22:8a:43:a1:6a:bb: bc:38:d1:29:1f:6f:8d:cf:7a:b5:73:94:8c:2e:90:b9:74:b5: 4e:67:7f:d5:f5:44:0a:7f:85:9c:8c:6a:62:16:e7:fe:63:b7: ac:18:b8:b8:30:81:29:24:df:8a:a2:a9:3c:4b:ae:93:5f:fe: 4f:2e:37:38:0e:45:9d:3a:c7:3b:72:c5:b2:14:8f:03:a5:fe: 98:1a:93:49:41:7b:7e:21:99:84:56:be:8e:e3:e8:1c:db:d8: a2:5a:76:d8:da:43:cc:bc:f5:73:ab:5e:11:6d:86:d8:14:70: d6:a7:75:f2:5c:6c:17:4f:2b:0c:18:f3:59:d4:94:2f:1b:77: f3:3b:8e:d8:bd:a7:01:57:3f:d9:02:e1:20:c6:31:f9:58:2d: 14:46:a4:ff:bd:da:82:52:40:69:34:ed:d5:c7:31:a1:90:31: 5e:49:91:d6:21:b5:05:6f:f9:ab:27:93:52:89:04:7b:64:c4: c9:7a:22:3b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQCZTAfRVcg+ZhST6cxdDd0C8/PswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwMTAwMDA0MVoX DTI1MTIwNjIzNTk1OVowejFJMEcGA1UEBRNAMjdjZWU5ZmU0MTUwNzMxYzMwZTFl OTUyNTkyYTU2MGZhZTU1YzQ3NjgzY2YwYmEwM2YyMTFhZDAzZDEyMTJjMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfwvv79XBdgXudixq2hwwXAV8/fm ZmZXcdTvc0CVLzmGMC303FsMPLb+rr9jVtKuVryqtWM7nELzUT564S1PbrPbWNRL PfnKSJ0TAcIdpDzCB/+D/xLRWDQ2hzjQ/h69K1HwDmdm6eaZ9UIDxj69SD50WM6K bkhcOdV5J3p4as4hwVkmMtYiESWeG3kSSiEIcVlE1SwV0DCx0UOylahAN2B1sJtW zowpuIVNr4MNmZ0uFt7voWGfmNudK2ij0uGJ3TtHfpyJrLhsafS5kIg9hpbQN1gh ZZZ5Nt+9GQvWykE8FKpndQGU9/wtZ6vMnVOW9qrcYAxHHA4UJ++sgdy4ywIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCNJaSpIKR/JYxWNjnsFPYnkILswMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ3NDc0MDkzLTI1OGMtNDk4YS1iZDNkLTA0NzUyMWFmNWQ4Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaufAwDQYJKoZIhvcNAQELBQADggEBACJeni04xRBwtqlHB5Va wrG4IQ+r8ZONJSD5RYeLWcglnyPa6DINX+MWDWXT9HWpVb21nh3untn0BKNiaAiM ygQGcSKKQ6Fqu7w40Skfb43PerVzlIwukLl0tU5nf9X1RAp/hZyMamIW5/5jt6wY uLgwgSkk34qiqTxLrpNf/k8uNzgORZ06xztyxbIUjwOl/pgak0lBe34hmYRWvo7j 6Bzb2KJadtjaQ8y89XOrXhFthtgUcNandfJcbBdPKwwY81nUlC8bd/M7jti9pwFX P9kC4SDGMflYLRRGpP+92oJSQGk07dXHMaGQMV5JkdYhtQVv+asnk1KJBHtkxMl6 Ijs= -----END CERTIFICATE-----Generated at Wed Nov 5 07:49:51 2025 by rpki-client