$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/53dc8acc-0c30-42d3-abfa-5792ea5bf7de.roa File: 53dc8acc-0c30-42d3-abfa-5792ea5bf7de.roa (raw, json) Hash identifier: PBldGCsLSqZpnXM6nNZRE3vW3PlQLCvpUjXra+mjAiY= Subject key identifier: 93:26:E0:DB:B6:78:36:83:13:C0:19:E2:C1:CD:D8:F9:F4:74:D5:24 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 68FC7D75947610BF654B8571232641338F2AE007 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/53dc8acc-0c30-42d3-abfa-5792ea5bf7de.roa Signing time: Tue 14 Oct 2025 00:01:02 +0000 ROA not before: Tue 14 Oct 2025 00:01:02 +0000 ROA not after: Tue 18 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:2000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:fc:7d:75:94:76:10:bf:65:4b:85:71:23:26:41:33:8f:2a:e0:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 14 00:01:02 2025 GMT Not After : Nov 18 23:59:59 2025 GMT Subject: serialNumber=9a353034df1539a22d8fb51f48f1318aca0b7c46e31c48d2d75ff8b92cd85991, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:05:27:23:a9:e4:f8:5e:19:37:ff:59:ea:13: 7e:fe:0a:c9:b8:38:dd:af:02:46:7a:3e:d2:fd:bc: a1:1d:ef:69:e6:9c:b4:c4:4a:2d:bc:9b:f2:93:9c: 13:1d:85:35:e4:9b:93:b5:98:c8:41:fe:d5:1d:b0: 89:30:8b:83:29:3e:ed:3a:a9:31:82:7b:1f:75:75: b0:71:de:f1:72:21:4f:a0:4e:98:bd:dd:66:db:8d: cb:1b:65:2d:d0:a2:f1:78:84:28:6d:77:cd:9a:45: 17:e2:c8:95:e2:6b:eb:c5:14:fb:8a:c5:02:7a:a7: 1e:5e:32:e7:b2:46:22:e8:58:ca:5c:15:ce:76:db: 24:b3:c6:94:c3:51:1c:0e:82:ec:9c:c0:6a:d6:fb: a8:94:50:6b:ee:ad:95:3b:8b:26:69:56:cd:32:a4: a3:f4:23:d5:15:cd:d5:80:ee:85:a4:71:72:40:a8: 2f:af:94:7b:4d:c9:c2:98:47:cc:23:57:bc:af:50: 4b:f7:49:cd:10:dd:a8:18:e8:68:3a:8e:24:0f:c1: 1c:ec:42:e2:55:41:31:e3:9c:24:cc:15:69:00:2c: cd:80:fc:2a:60:7f:5d:38:ff:4a:2e:97:3c:54:62: fd:cc:a6:e1:65:80:29:ec:fb:54:e2:8a:8f:4f:e5: 1b:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:26:E0:DB:B6:78:36:83:13:C0:19:E2:C1:CD:D8:F9:F4:74:D5:24 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/53dc8acc-0c30-42d3-abfa-5792ea5bf7de.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:2000::/40 Signature Algorithm: sha256WithRSAEncryption 7d:32:c9:10:d2:10:13:6d:3d:a2:a0:5f:23:37:12:d6:be:46: a4:b4:62:c1:3e:bc:6b:34:76:45:60:08:41:e4:97:5e:92:4f: 6e:06:2e:f0:df:12:4d:b1:ce:ad:88:a5:9d:91:8a:05:13:36: 9a:d5:e3:fc:48:0b:77:b1:a1:a4:0c:84:1c:87:5c:83:31:03: 58:65:d9:9b:48:0f:58:57:a5:f5:d5:13:3a:95:15:9e:c3:92: 63:d1:22:bb:be:2f:dd:05:cb:f1:16:89:48:24:14:1a:b1:2d: 17:3f:28:57:79:20:de:83:9f:da:d7:10:cc:40:6b:20:ee:b2: 97:fd:c4:9b:fb:fc:6c:64:27:28:41:89:86:7a:8f:df:0e:35: 8b:5c:34:e2:5d:11:5a:e6:6e:75:e3:e4:06:0f:ad:c7:00:bb: 5c:ba:67:18:9a:62:20:05:1f:6a:a1:b0:9d:6c:5b:46:b8:fa: a3:48:ac:9c:21:13:d7:92:3e:79:4a:db:5c:c5:ba:7c:a6:64: 80:9c:e9:ae:e3:b7:e1:d5:14:d0:1c:0c:2c:72:14:21:10:56: 57:1a:e4:49:20:36:24:e9:c1:80:7b:df:4c:b9:62:b1:8b:62: 10:39:95:b6:cb:35:b2:c3:21:47:d8:44:ef:8e:b6:07:be:fa: 58:d9:d7:dd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUaPx9dZR2EL9lS4VxIyZBM48q4AcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNDAwMDEwMloX DTI1MTExODIzNTk1OVowejFJMEcGA1UEBRNAOWEzNTMwMzRkZjE1MzlhMjJkOGZi NTFmNDhmMTMxOGFjYTBiN2M0NmUzMWM0OGQyZDc1ZmY4YjkyY2Q4NTk5MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgUnI6nk+F4ZN/9Z6hN+/grJuDjd rwJGej7S/byhHe9p5py0xEotvJvyk5wTHYU15JuTtZjIQf7VHbCJMIuDKT7tOqkx gnsfdXWwcd7xciFPoE6Yvd1m243LG2Ut0KLxeIQobXfNmkUX4siV4mvrxRT7isUC eqceXjLnskYi6FjKXBXOdtsks8aUw1EcDoLsnMBq1vuolFBr7q2VO4smaVbNMqSj 9CPVFc3VgO6FpHFyQKgvr5R7TcnCmEfMI1e8r1BL90nNEN2oGOhoOo4kD8Ec7ELi VUEx45wkzBVpACzNgPwqYH9dOP9KLpc8VGL9zKbhZYAp7PtU4oqPT+UbMwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJMm4Nu2eDaDE8AZ4sHN2Pn0dNUkMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzUzZGM4YWNjLTBjMzAtNDJkMy1hYmZhLTU3OTJlYTViZjdkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/yAwDQYJKoZIhvcNAQELBQADggEBAH0yyRDSEBNtPaKgXyM3 Eta+RqS0YsE+vGs0dkVgCEHkl16ST24GLvDfEk2xzq2IpZ2RigUTNprV4/xIC3ex oaQMhByHXIMxA1hl2ZtID1hXpfXVEzqVFZ7DkmPRIru+L90Fy/EWiUgkFBqxLRc/ KFd5IN6Dn9rXEMxAayDuspf9xJv7/GxkJyhBiYZ6j98ONYtcNOJdEVrmbnXj5AYP rccAu1y6ZxiaYiAFH2qhsJ1sW0a4+qNIrJwhE9eSPnlK21zFunymZICc6a7jt+HV FNAcDCxyFCEQVlca5EkgNiTpwYB730y5YrGLYhA5lbbLNbLDIUfYRO+Otge++ljZ 190= -----END CERTIFICATE-----Generated at Wed Nov 5 12:36:45 2025 by rpki-client