$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4b95e3b4-3049-4ea0-a39c-7522cc0bea0d.roa File: 4b95e3b4-3049-4ea0-a39c-7522cc0bea0d.roa (raw, json) Hash identifier: MeieMbf6ec30hL7Drsdq/3Ze2/6otWVLcI8Eh+RQW5s= Subject key identifier: A2:D8:C5:6D:D3:90:E2:74:9A:04:DF:76:07:E0:B1:8B:0A:1C:0C:15 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 32979BF351F9E6B7AEE54BA88BFA9D3E104429D1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4b95e3b4-3049-4ea0-a39c-7522cc0bea0d.roa Signing time: Wed 05 Nov 2025 00:10:07 +0000 ROA not before: Wed 05 Nov 2025 00:10:07 +0000 ROA not after: Wed 10 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:80a0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:97:9b:f3:51:f9:e6:b7:ae:e5:4b:a8:8b:fa:9d:3e:10:44:29:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 5 00:10:07 2025 GMT Not After : Dec 10 23:59:59 2025 GMT Subject: serialNumber=72cb14efb12256a6ce53f99ebcf7cd0496ff13d64d72a3c5558f8a04f2577981, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:41:42:5b:b3:47:3c:ab:a1:ee:84:0d:28:70: fb:c3:0f:2a:f5:54:63:60:96:c5:25:16:3d:de:f2: 9b:a4:8b:68:c9:46:aa:54:88:6d:a5:c9:1f:a4:76: a2:22:61:49:11:79:b1:69:d4:e0:45:47:7f:a3:52: d6:62:ee:3e:5d:0c:91:86:90:35:64:86:6d:9a:76: 75:3f:61:84:f6:b8:39:12:4b:7a:ba:f0:05:a6:aa: 2a:52:7a:8d:eb:8a:8b:69:51:db:50:94:48:08:a6: 05:7f:48:62:d3:6e:df:42:bb:f6:ae:c1:ac:ba:d3: 65:8a:2f:19:03:f3:b8:34:99:b0:39:1b:36:29:ae: 17:0c:dc:1d:82:8e:16:26:61:92:e8:6f:44:a4:67: 67:ca:aa:10:82:c2:a4:73:7c:24:b5:8a:ab:9e:f2: 22:79:5b:24:fb:0e:b6:43:09:ef:8a:a8:9b:ab:bb: dd:ec:6f:99:62:47:49:c9:a1:53:1f:03:27:3a:a7: e6:1e:65:28:f4:7c:5d:4e:4b:97:48:25:aa:2f:83: 30:43:a1:c9:86:b2:8e:54:06:71:f0:ef:33:4d:5c: f3:6d:ef:56:02:30:a9:6e:ff:ce:b2:17:7f:be:b0: 6b:40:e2:26:01:b0:bf:3c:07:25:d1:71:c3:12:62: eb:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:D8:C5:6D:D3:90:E2:74:9A:04:DF:76:07:E0:B1:8B:0A:1C:0C:15 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4b95e3b4-3049-4ea0-a39c-7522cc0bea0d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:80a0::/48 Signature Algorithm: sha256WithRSAEncryption ab:a3:3f:8f:2e:db:2c:93:de:c6:08:f5:6c:24:6c:f4:f1:cb: d2:97:57:f3:85:55:ed:7a:99:3f:55:a0:4b:42:a3:02:a0:0e: 3e:fe:8e:bd:3c:a2:96:48:19:f3:f1:1d:5a:55:08:e1:f7:15: ed:d8:83:fb:6b:77:42:b3:92:d0:3e:18:92:f0:e2:3f:28:b0: 8a:b2:79:91:5b:cf:2e:aa:72:1a:be:92:6b:94:0a:70:5f:69: fe:e5:27:74:13:0e:f1:82:c4:ff:c7:20:5a:78:b3:9d:8f:e2: 6c:4f:5a:6c:89:1c:d0:e1:42:cf:70:94:f3:a6:90:83:92:d8: e7:20:c0:b4:bc:bd:47:12:71:b9:cb:f9:e9:7b:96:ff:32:08: 2f:a1:b6:1b:ac:53:6f:62:ab:71:33:88:b7:6c:38:99:6e:f1: f6:05:92:41:e2:a4:d0:77:e8:41:62:c0:21:f1:51:a0:bf:cf: 19:7e:46:c9:0c:d1:db:59:27:b6:7b:8a:ee:b8:e2:ae:73:4a: eb:ac:f5:a4:45:20:bf:96:7b:1d:f6:84:57:d0:40:71:3d:65: d7:01:40:e3:79:68:8d:b7:a2:3d:e9:44:f1:80:c3:da:8c:9b: 51:b4:03:b4:e8:20:d0:c3:d3:1c:9f:24:7c:70:bb:41:e0:24: 8a:ae:12:94 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUMpeb81H55reu5Uuoi/qdPhBEKdEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNTAwMTAwN1oX DTI1MTIxMDIzNTk1OVowejFJMEcGA1UEBRNANzJjYjE0ZWZiMTIyNTZhNmNlNTNm OTllYmNmN2NkMDQ5NmZmMTNkNjRkNzJhM2M1NTU4ZjhhMDRmMjU3Nzk4MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUFCW7NHPKuh7oQNKHD7ww8q9VRj YJbFJRY93vKbpItoyUaqVIhtpckfpHaiImFJEXmxadTgRUd/o1LWYu4+XQyRhpA1 ZIZtmnZ1P2GE9rg5Ekt6uvAFpqoqUnqN64qLaVHbUJRICKYFf0hi027fQrv2rsGs utNlii8ZA/O4NJmwORs2Ka4XDNwdgo4WJmGS6G9EpGdnyqoQgsKkc3wktYqrnvIi eVsk+w62Qwnviqibq7vd7G+ZYkdJyaFTHwMnOqfmHmUo9HxdTkuXSCWqL4MwQ6HJ hrKOVAZx8O8zTVzzbe9WAjCpbv/Oshd/vrBrQOImAbC/PAcl0XHDEmLrUwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKLYxW3TkOJ0mgTfdgfgsYsKHAwVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRiOTVlM2I0LTMwNDktNGVhMC1hMzljLTc1MjJjYzBiZWEwZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAICgMA0GCSqGSIb3DQEBCwUAA4IBAQCroz+PLtssk97GCPVs JGz08cvSl1fzhVXtepk/VaBLQqMCoA4+/o69PKKWSBnz8R1aVQjh9xXt2IP7a3dC s5LQPhiS8OI/KLCKsnmRW88uqnIavpJrlApwX2n+5Sd0Ew7xgsT/xyBaeLOdj+Js T1psiRzQ4ULPcJTzppCDktjnIMC0vL1HEnG5y/npe5b/MggvobYbrFNvYqtxM4i3 bDiZbvH2BZJB4qTQd+hBYsAh8VGgv88ZfkbJDNHbWSe2e4ruuOKuc0rrrPWkRSC/ lnsd9oRX0EBxPWXXAUDjeWiNt6I96UTxgMPajJtRtAO06CDQw9McnyR8cLtB4CSK rhKU -----END CERTIFICATE-----Generated at Wed Nov 5 22:53:10 2025 by rpki-client