$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/57ee342a-a57e-4da8-82e2-2f4296f4db43.roa File: 57ee342a-a57e-4da8-82e2-2f4296f4db43.roa (raw, json) Hash identifier: 4khu3VBjTBenq8dxHgrKIUK2WH/qumB9uJkEsYwksGY= Subject key identifier: DC:20:9C:36:BA:C2:72:D6:D3:9D:21:D5:07:00:3B:16:84:DB:1B:0C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6FF654B7F58FCA5519CA51032F9DD3723A3C98AE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/57ee342a-a57e-4da8-82e2-2f4296f4db43.roa Signing time: Sat 01 Nov 2025 00:01:00 +0000 ROA not before: Sat 01 Nov 2025 00:01:00 +0000 ROA not after: Sat 06 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da2f::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:f6:54:b7:f5:8f:ca:55:19:ca:51:03:2f:9d:d3:72:3a:3c:98:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 1 00:01:00 2025 GMT Not After : Dec 6 23:59:59 2025 GMT Subject: serialNumber=472763ef63674a2c03675d411245c0e83a2767e5ed6251ec8e985b0dc0a00bc0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:49:81:7a:0e:d2:32:f3:16:de:03:ec:b0:4f: 1a:c2:56:4d:e2:e1:38:1f:5f:70:9b:a6:8c:50:ae: 52:9b:7b:cc:a7:4d:6c:fe:68:4f:bc:0f:17:2b:76: 93:50:98:e0:34:1f:9c:ee:7c:7d:c1:28:38:a2:0d: 19:22:d4:ef:3f:35:e7:9d:5a:47:3f:ee:c1:a0:c9: 25:3a:8b:6c:2a:3e:10:92:63:d0:de:c7:6a:a6:f5: e2:13:a8:ce:1f:44:94:c8:2e:66:6e:b3:b3:b8:0a: f3:97:21:93:4b:83:2f:1e:4d:22:02:26:03:79:a3: 94:02:12:54:4c:87:a8:1d:91:21:8b:13:5b:94:82: 66:e1:72:11:8a:37:ea:38:91:77:11:20:d4:8d:9e: e8:51:d6:5d:f3:b1:5d:e8:4b:06:fd:2c:f3:61:46: ab:cc:c8:fb:2a:64:0d:fc:4c:cc:e4:9c:b1:dd:34: 4b:84:b3:78:5b:f5:c7:7c:c3:53:af:f6:e6:ab:79: d4:64:73:f5:6e:94:b1:08:53:29:56:c0:3f:4a:52: 22:a3:15:57:20:08:8a:82:fb:c5:7f:53:3b:d4:93: f0:11:75:15:86:41:5d:de:45:3a:cc:cd:5c:8b:e0: 60:60:cb:2b:78:fc:ed:e4:dc:90:05:49:c0:ba:d9: 45:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:20:9C:36:BA:C2:72:D6:D3:9D:21:D5:07:00:3B:16:84:DB:1B:0C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/57ee342a-a57e-4da8-82e2-2f4296f4db43.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da2f::/36 Signature Algorithm: sha256WithRSAEncryption a3:13:13:7d:9f:35:b3:70:df:41:02:07:fe:00:bb:25:aa:41: 06:b3:71:e1:1c:25:9e:3c:d4:1c:9c:00:62:e7:ba:59:72:d2: 17:ab:d5:07:16:18:29:e4:0a:1b:33:21:00:78:8b:e6:5d:1d: 20:01:c0:20:93:ea:f9:0e:84:09:df:c9:c0:f8:ac:15:db:99: 56:4f:7d:64:c9:a3:0c:95:d1:8c:17:b8:56:b7:3a:58:fd:31: 89:9c:db:5a:33:91:3a:40:31:d0:69:73:2c:e3:59:b1:01:b7: ad:8e:28:d9:76:c8:e1:e3:65:1c:d5:ee:a6:62:c3:63:c9:b8: e5:43:f3:e4:77:13:31:c7:01:a6:1e:15:91:d7:b1:39:98:a7: a2:ed:d1:21:77:06:72:e5:ab:84:26:56:69:b7:05:97:af:f9: 40:44:b9:2e:aa:fa:a3:1f:1b:ea:3b:83:1c:5a:68:07:1f:e5: c1:7b:5d:ac:7e:ed:c1:72:11:11:9b:e8:c6:b5:3e:f9:7a:d3: 48:6d:7c:06:36:1c:f7:8e:4b:e4:59:7a:f1:d8:9f:5d:0a:2e: e4:52:b4:03:7e:b5:b6:c5:e4:30:56:ea:5f:8c:50:d2:4d:20: 62:4b:20:38:b9:60:d4:00:43:1e:45:e0:35:2b:fd:18:6d:c8: 8d:50:d9:98 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUb/ZUt/WPylUZylEDL53Tcjo8mK4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwMTAwMDEwMFoX DTI1MTIwNjIzNTk1OVowejFJMEcGA1UEBRNANDcyNzYzZWY2MzY3NGEyYzAzNjc1 ZDQxMTI0NWMwZTgzYTI3NjdlNWVkNjI1MWVjOGU5ODViMGRjMGEwMGJjMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEmBeg7SMvMW3gPssE8awlZN4uE4 H19wm6aMUK5Sm3vMp01s/mhPvA8XK3aTUJjgNB+c7nx9wSg4og0ZItTvPzXnnVpH P+7BoMklOotsKj4QkmPQ3sdqpvXiE6jOH0SUyC5mbrOzuArzlyGTS4MvHk0iAiYD eaOUAhJUTIeoHZEhixNblIJm4XIRijfqOJF3ESDUjZ7oUdZd87Fd6EsG/SzzYUar zMj7KmQN/EzM5Jyx3TRLhLN4W/XHfMNTr/bmq3nUZHP1bpSxCFMpVsA/SlIioxVX IAiKgvvFf1M71JPwEXUVhkFd3kU6zM1ci+BgYMsrePzt5NyQBUnAutlF4wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNwgnDa6wnLW050h1QcAOxaE2xsMMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU3ZWUzNDJhLWE1N2UtNGRhOC04MmUyLTJmNDI5NmY0ZGI0My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaLwAwDQYJKoZIhvcNAQELBQADggEBAKMTE32fNbNw30ECB/4A uyWqQQazceEcJZ481BycAGLnully0her1QcWGCnkChszIQB4i+ZdHSABwCCT6vkO hAnfycD4rBXbmVZPfWTJowyV0YwXuFa3Olj9MYmc21ozkTpAMdBpcyzjWbEBt62O KNl2yOHjZRzV7qZiw2PJuOVD8+R3EzHHAaYeFZHXsTmYp6Lt0SF3BnLlq4QmVmm3 BZev+UBEuS6q+qMfG+o7gxxaaAcf5cF7Xax+7cFyERGb6Ma1Pvl600htfAY2HPeO S+RZevHYn10KLuRStAN+tbbF5DBW6l+MUNJNIGJLIDi5YNQAQx5F4DUr/RhtyI1Q 2Zg= -----END CERTIFICATE-----Generated at Wed Nov 5 11:04:26 2025 by rpki-client