$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c10d3b9-c357-4dde-9e35-8b451ebe7bad.roa File: 4c10d3b9-c357-4dde-9e35-8b451ebe7bad.roa (raw, json) Hash identifier: ldHe0M2CzBerIptAglD+w9v409dHHU7nhfy4w5od8E0= Subject key identifier: 92:D2:27:2E:6A:0B:61:CE:A8:48:F2:A4:76:21:EE:CA:CC:EE:60:68 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 498607BA081729B58D7351DECD25B2FCAE06D30D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c10d3b9-c357-4dde-9e35-8b451ebe7bad.roa Signing time: Sun 02 Nov 2025 00:00:42 +0000 ROA not before: Sun 02 Nov 2025 00:00:42 +0000 ROA not after: Sun 07 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:86:07:ba:08:17:29:b5:8d:73:51:de:cd:25:b2:fc:ae:06:d3:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 2 00:00:42 2025 GMT Not After : Dec 7 23:59:59 2025 GMT Subject: serialNumber=8b2b3ce3c86f53887b7fad98a8153b6e410bee51f0822415b28ed365db2a85e8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:82:35:e7:ba:f2:8c:5b:e9:93:38:3b:ed:c5: 3f:31:8a:ba:39:c2:62:31:80:d3:cc:c9:de:50:bb: 78:4c:03:9b:6c:50:46:51:6b:b4:75:13:37:96:c4: 62:18:4e:98:4c:db:f3:29:46:04:59:64:7c:86:e0: df:12:4b:93:97:80:bb:87:81:22:78:17:81:d1:bb: 6f:6c:9e:15:62:65:2a:eb:c0:f0:cb:e9:24:fb:b7: 6e:87:87:4f:24:1b:2c:57:02:46:ec:26:43:2b:3c: 8e:de:c0:a4:61:81:50:04:a3:8c:fc:37:31:03:cf: 9d:53:23:d3:18:09:f3:23:16:c9:4f:f7:1d:21:0c: 25:d4:a6:00:da:c3:6d:3a:e0:a6:f9:09:eb:13:1f: 21:ae:72:62:ba:82:80:a3:47:64:9e:25:bf:3d:c9: fc:61:b4:4a:b4:5d:10:3c:f7:18:93:52:f6:00:32: 0e:13:c2:e3:c2:9b:c0:0c:e6:67:ec:b8:88:43:cb: aa:a7:79:ea:5c:a3:4d:44:56:8b:d5:9f:63:71:fe: cd:db:34:ee:a4:f3:b2:e6:ec:3f:a2:dc:03:cd:fa: 6c:a4:d4:f2:56:98:3f:f1:95:9d:a2:81:75:01:4d: 67:97:95:e6:77:1f:c9:43:0b:e8:bd:d8:18:7a:62: ca:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:D2:27:2E:6A:0B:61:CE:A8:48:F2:A4:76:21:EE:CA:CC:EE:60:68 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c10d3b9-c357-4dde-9e35-8b451ebe7bad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:1000::/40 Signature Algorithm: sha256WithRSAEncryption 65:07:c2:55:38:f7:6c:f3:81:dd:32:1f:f4:d0:60:71:79:39: 38:9e:f0:d9:27:a6:0c:45:74:8e:9c:2c:0e:19:6b:5a:3c:e2: 68:3f:32:df:00:e9:f2:cc:70:bf:e6:5c:84:3f:07:c8:4d:ee: b3:d8:6f:14:e5:79:9a:dd:73:2e:40:98:f8:9d:67:f6:c2:bd: 11:79:7d:09:c3:33:f2:c9:d8:69:f3:0f:b5:2e:f9:6c:7a:e5: 6a:bf:1a:ca:6d:ce:31:3d:37:d7:dd:bb:8f:f1:89:09:f4:30: 52:f3:b8:c5:00:bf:e1:e1:9a:4b:16:5f:b3:de:6f:18:65:bf: cc:36:9f:03:dc:4d:19:43:e9:f6:c4:7c:61:dc:cc:6b:62:2f: b0:d4:f9:8d:cf:c3:a5:7d:32:3d:25:52:2c:60:b3:fe:9f:4a: ff:8f:91:fd:3d:9b:13:ee:aa:ae:b0:37:f8:0f:36:d3:fc:65: ab:b7:2d:1d:ee:8f:6d:82:ed:18:85:96:83:5d:4d:1d:04:2c: 90:31:ba:fd:b7:4b:0d:bc:6e:ff:32:1b:fd:50:cf:70:0d:18: 21:25:62:c4:7e:aa:b0:e9:22:d5:9d:ab:fa:d7:4d:2e:5f:69: a5:25:8c:a1:22:23:ab:71:56:6c:88:b2:58:bf:95:87:2c:33: cd:a9:4f:78 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSYYHuggXKbWNc1HezSWy/K4G0w0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwMjAwMDA0MloX DTI1MTIwNzIzNTk1OVowejFJMEcGA1UEBRNAOGIyYjNjZTNjODZmNTM4ODdiN2Zh ZDk4YTgxNTNiNmU0MTBiZWU1MWYwODIyNDE1YjI4ZWQzNjVkYjJhODVlODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYI157ryjFvpkzg77cU/MYq6OcJi MYDTzMneULt4TAObbFBGUWu0dRM3lsRiGE6YTNvzKUYEWWR8huDfEkuTl4C7h4Ei eBeB0btvbJ4VYmUq68Dwy+kk+7duh4dPJBssVwJG7CZDKzyO3sCkYYFQBKOM/Dcx A8+dUyPTGAnzIxbJT/cdIQwl1KYA2sNtOuCm+QnrEx8hrnJiuoKAo0dkniW/Pcn8 YbRKtF0QPPcYk1L2ADIOE8LjwpvADOZn7LiIQ8uqp3nqXKNNRFaL1Z9jcf7N2zTu pPOy5uw/otwDzfpspNTyVpg/8ZWdooF1AU1nl5Xmdx/JQwvovdgYemLKVwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJLSJy5qC2HOqEjypHYh7srM7mBoMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRjMTBkM2I5LWMzNTctNGRkZS05ZTM1LThiNDUxZWJlN2JhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9hAwDQYJKoZIhvcNAQELBQADggEBAGUHwlU492zzgd0yH/TQ YHF5OTie8NknpgxFdI6cLA4Za1o84mg/Mt8A6fLMcL/mXIQ/B8hN7rPYbxTleZrd cy5AmPidZ/bCvRF5fQnDM/LJ2GnzD7Uu+Wx65Wq/GsptzjE9N9fdu4/xiQn0MFLz uMUAv+HhmksWX7Pebxhlv8w2nwPcTRlD6fbEfGHczGtiL7DU+Y3Pw6V9Mj0lUixg s/6fSv+Pkf09mxPuqq6wN/gPNtP8Zau3LR3uj22C7RiFloNdTR0ELJAxuv23Sw28 bv8yG/1Qz3ANGCElYsR+qrDpItWdq/rXTS5faaUljKEiI6txVmyIsli/lYcsM82p T3g= -----END CERTIFICATE-----Generated at Wed Nov 5 09:51:34 2025 by rpki-client