$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4bf75457-0f4b-44d1-8979-1a161522685b.roa File: 4bf75457-0f4b-44d1-8979-1a161522685b.roa (raw, json) Hash identifier: gaDBi/Rc5IvzzsqyB5YWyEL8qmKqToCypvFe8jhpyFk= Subject key identifier: 8C:BF:D7:E4:9B:4C:18:82:44:67:B2:31:4C:2D:79:EF:E7:9D:16:0C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4A3FDD9AC05B755E3753F7BAC165D36CD6FE0F7D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4bf75457-0f4b-44d1-8979-1a161522685b.roa Signing time: Wed 29 Oct 2025 00:10:05 +0000 ROA not before: Wed 29 Oct 2025 00:10:05 +0000 ROA not after: Wed 03 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:2000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:3f:dd:9a:c0:5b:75:5e:37:53:f7:ba:c1:65:d3:6c:d6:fe:0f:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 29 00:10:05 2025 GMT Not After : Dec 3 23:59:59 2025 GMT Subject: serialNumber=6ba6f6a7115b10f1a0a1aad0f32648a10f4c2b78dc8fd2520c5c40d2b45e2c7f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:de:18:d5:b9:63:fe:35:8f:75:a1:bb:75:71: 38:53:79:e1:df:61:cb:3a:d7:2e:ff:7a:a3:48:7c: 2a:c4:ab:83:d0:b5:09:60:69:80:5d:46:af:1d:9c: 0c:fb:7c:9d:22:0e:c8:58:c4:88:0c:c9:ff:08:17: 6b:1b:3a:de:cc:f6:2f:fa:aa:8e:6e:d9:78:21:e5: 82:01:96:60:95:48:78:2a:a7:ef:37:45:db:16:1f: 45:ed:a5:e7:72:3b:22:8a:0a:83:4b:3c:64:2a:68: 23:c9:44:dd:2f:f5:b4:cd:63:74:fc:5b:cd:c4:d2: 61:35:97:0b:a9:0f:de:57:16:89:10:25:ed:a7:83: a5:8b:fd:8d:cc:34:09:85:ee:63:9a:6b:a1:83:02: 03:fe:48:98:21:8e:73:ca:4c:2f:4d:c7:b4:40:88: 9a:18:bf:bb:bf:e7:05:5c:cf:a5:75:81:9d:2d:3a: 66:b6:93:7f:8e:48:f1:6d:0d:96:97:4f:6b:f1:5b: c0:3a:a8:35:bc:d8:84:b0:b3:c2:3e:eb:c6:4a:e6: b8:09:8b:20:e6:03:f0:8c:7a:4c:36:b9:f4:38:45: 20:50:f8:25:fd:8e:7d:8f:47:e2:2e:ad:9d:b7:fd: f0:5c:b4:d4:bb:7c:a4:b7:06:38:fd:0d:f3:23:9f: e3:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:BF:D7:E4:9B:4C:18:82:44:67:B2:31:4C:2D:79:EF:E7:9D:16:0C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4bf75457-0f4b-44d1-8979-1a161522685b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:2000::/40 Signature Algorithm: sha256WithRSAEncryption 2c:8c:46:a5:5b:60:6f:81:e8:8b:92:20:6f:8b:e4:2c:f8:51: 7f:17:8d:6d:aa:ed:86:6c:98:97:c6:f9:f6:9e:bb:9f:a8:cf: 84:f3:52:5a:b9:8a:10:61:d0:66:f2:69:45:42:8f:e3:ee:09: c7:9a:5c:0b:c3:9f:65:36:d9:3b:d0:e3:d6:d3:ec:37:a4:94: 60:8b:6d:64:2a:fe:d7:9e:20:0e:53:0c:fb:c3:4b:e0:b5:b5: 3e:1c:e3:64:14:18:8e:34:f0:19:53:eb:1f:20:74:e4:ec:aa: b7:34:b5:64:fd:c0:90:68:a3:9e:f8:e8:63:8f:bf:fe:9e:12: a0:46:b2:f2:ce:9e:a2:53:ad:8e:53:82:36:74:e5:fc:8f:b5: 3b:75:fb:c1:ab:35:72:fe:af:37:97:15:2c:41:1d:fa:d2:bd: b6:20:d4:d3:13:bb:83:45:cf:24:55:a7:d5:94:a5:e9:d5:bb: 5d:2a:1a:0c:ba:d5:47:79:d8:16:9f:33:ee:74:ae:a3:46:8a: e3:d3:78:8d:af:2a:eb:cc:8d:a0:38:dc:a0:4c:f1:8c:e5:26: 9a:3e:5e:50:9f:5e:95:14:00:fe:82:91:d4:07:d8:74:84:a6: 8c:4c:2f:59:11:00:19:ee:fc:23:7f:64:be:20:57:3f:b3:42: f6:ec:1a:ca -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSj/dmsBbdV43U/e6wWXTbNb+D30wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyOTAwMTAwNVoX DTI1MTIwMzIzNTk1OVowejFJMEcGA1UEBRNANmJhNmY2YTcxMTViMTBmMWEwYTFh YWQwZjMyNjQ4YTEwZjRjMmI3OGRjOGZkMjUyMGM1YzQwZDJiNDVlMmM3ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmN4Y1blj/jWPdaG7dXE4U3nh32HL Otcu/3qjSHwqxKuD0LUJYGmAXUavHZwM+3ydIg7IWMSIDMn/CBdrGzrezPYv+qqO btl4IeWCAZZglUh4KqfvN0XbFh9F7aXncjsiigqDSzxkKmgjyUTdL/W0zWN0/FvN xNJhNZcLqQ/eVxaJECXtp4Oli/2NzDQJhe5jmmuhgwID/kiYIY5zykwvTce0QIia GL+7v+cFXM+ldYGdLTpmtpN/jkjxbQ2Wl09r8VvAOqg1vNiEsLPCPuvGSua4CYsg 5gPwjHpMNrn0OEUgUPgl/Y59j0fiLq2dt/3wXLTUu3yktwY4/Q3zI5/jHwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIy/1+SbTBiCRGeyMUwtee/nnRYMMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRiZjc1NDU3LTBmNGItNDRkMS04OTc5LTFhMTYxNTIyNjg1Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8yAwDQYJKoZIhvcNAQELBQADggEBACyMRqVbYG+B6IuSIG+L 5Cz4UX8XjW2q7YZsmJfG+faeu5+oz4TzUlq5ihBh0GbyaUVCj+PuCceaXAvDn2U2 2TvQ49bT7DeklGCLbWQq/teeIA5TDPvDS+C1tT4c42QUGI408BlT6x8gdOTsqrc0 tWT9wJBoo5746GOPv/6eEqBGsvLOnqJTrY5TgjZ05fyPtTt1+8GrNXL+rzeXFSxB HfrSvbYg1NMTu4NFzyRVp9WUpenVu10qGgy61Ud52BafM+50rqNGiuPTeI2vKuvM jaA43KBM8YzlJpo+XlCfXpUUAP6CkdQH2HSEpoxML1kRABnu/CN/ZL4gVz+zQvbs Gso= -----END CERTIFICATE-----Generated at Wed Nov 5 07:59:05 2025 by rpki-client