$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d316ef2-56e4-4581-990e-015883180353.roa File: 5d316ef2-56e4-4581-990e-015883180353.roa (raw, json) Hash identifier: TSbK1t13v4J4IAd8oCCTbn2uPedvYrYDjS5BaxiSdUY= Subject key identifier: F9:79:7A:FC:D4:96:CE:23:01:5E:7B:F1:53:F5:F8:02:7A:35:A2:63 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 35A86362B13F3BC3EEB00D1A98F1876257B80367 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d316ef2-56e4-4581-990e-015883180353.roa Signing time: Wed 29 Oct 2025 00:00:22 +0000 ROA not before: Wed 29 Oct 2025 00:00:22 +0000 ROA not after: Wed 03 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:a8:63:62:b1:3f:3b:c3:ee:b0:0d:1a:98:f1:87:62:57:b8:03:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 29 00:00:22 2025 GMT Not After : Dec 3 23:59:59 2025 GMT Subject: serialNumber=93c63d227a1dffabcfbc901872bbee722a9b06d817003e329ae7ba07d9494419, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:55:ef:54:64:7d:9e:a7:50:ca:12:e0:e5:dc: 8a:3a:dc:6c:f7:2a:9c:87:b5:ce:29:db:c4:f1:a2: 9d:4b:16:cd:9d:95:b2:10:6a:a0:16:8c:c1:26:ee: 8e:27:5a:5f:9e:80:ba:fc:50:d8:2b:9a:8b:b3:91: 43:0b:fd:a0:b0:11:d2:ca:c9:d8:38:be:a3:45:5a: 91:88:97:11:4b:9e:02:ae:c6:ed:79:27:f7:cb:db: 06:6b:b8:21:7a:71:34:5a:dc:3f:fc:ce:21:e7:9e: cd:9e:bd:c4:41:51:3e:14:64:67:45:b5:11:9a:d8: 6c:20:43:d8:62:9a:33:13:2e:2f:66:c2:e7:46:da: 76:c8:4b:80:83:b6:8f:e3:fa:46:ab:77:41:15:44: e4:69:d7:0b:94:4c:2d:d6:8a:0d:a8:87:44:f0:69: 72:38:6a:d8:5e:b6:3b:41:57:41:39:d6:fa:d2:e2: 46:1d:11:37:0b:c4:a6:58:bb:9e:c9:cd:f3:f1:35: 9d:7f:2d:7f:a6:f6:14:0b:86:7c:c1:19:42:ae:fe: ee:51:2c:8e:a4:af:6f:ec:9d:d9:a3:10:c3:91:a6: 8d:a3:32:9c:2e:7e:22:37:23:02:66:61:bf:1b:c2: 41:43:ce:ce:2f:16:7b:30:44:e5:62:df:7b:c9:5d: f3:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:79:7A:FC:D4:96:CE:23:01:5E:7B:F1:53:F5:F8:02:7A:35:A2:63 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d316ef2-56e4-4581-990e-015883180353.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:4000::/40 Signature Algorithm: sha256WithRSAEncryption 64:66:95:f3:1b:c7:4c:22:26:21:72:7d:8a:e5:7b:32:f4:fa: b2:0d:b3:8b:75:b1:00:d2:1c:c1:c1:aa:6b:43:c9:64:48:c7: 3d:81:68:ed:d4:ae:8d:87:7a:a1:71:78:f8:8a:de:e3:a4:9d: a9:d6:60:e3:be:ce:65:c8:df:b5:0a:80:c5:f5:ca:8f:7e:18: 92:b3:6f:a9:67:6c:94:f9:0c:d5:6d:67:61:d2:ce:fa:88:c7: 38:89:88:c7:a3:5c:c8:08:36:14:70:74:00:74:97:32:6b:51: 9d:1f:f0:9d:53:86:fe:83:32:34:1b:2c:1f:b3:7a:3a:a0:d4: 60:8e:1d:9e:bf:b7:80:58:d5:29:f0:73:36:f1:e6:34:1f:fe: ba:e7:d4:de:7b:6b:44:85:c2:c2:e8:2d:e6:ab:90:51:11:26: 6c:55:cb:bb:eb:49:f8:19:80:f9:10:40:0b:a1:3f:15:9e:4b: 0e:5f:68:63:d6:f1:d1:8f:25:fb:eb:41:ce:61:0d:b9:3d:1a: 6a:6b:23:d2:c0:98:a9:04:00:72:b7:75:8d:f6:d8:b3:30:55: b9:dd:72:16:00:6a:6a:7b:fa:61:22:05:fc:d1:26:03:3d:23: 3d:7f:f0:2f:c9:ff:16:58:e5:b3:4b:a1:6f:69:83:1f:da:65: de:7c:35:bf -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNahjYrE/O8PusA0amPGHYle4A2cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyOTAwMDAyMloX DTI1MTIwMzIzNTk1OVowejFJMEcGA1UEBRNAOTNjNjNkMjI3YTFkZmZhYmNmYmM5 MDE4NzJiYmVlNzIyYTliMDZkODE3MDAzZTMyOWFlN2JhMDdkOTQ5NDQxOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulXvVGR9nqdQyhLg5dyKOtxs9yqc h7XOKdvE8aKdSxbNnZWyEGqgFozBJu6OJ1pfnoC6/FDYK5qLs5FDC/2gsBHSysnY OL6jRVqRiJcRS54CrsbteSf3y9sGa7ghenE0Wtw//M4h557Nnr3EQVE+FGRnRbUR mthsIEPYYpozEy4vZsLnRtp2yEuAg7aP4/pGq3dBFUTkadcLlEwt1ooNqIdE8Gly OGrYXrY7QVdBOdb60uJGHRE3C8SmWLueyc3z8TWdfy1/pvYUC4Z8wRlCrv7uUSyO pK9v7J3ZoxDDkaaNozKcLn4iNyMCZmG/G8JBQ87OLxZ7METlYt97yV3zUwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPl5evzUls4jAV578VP1+AJ6NaJjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVkMzE2ZWYyLTU2ZTQtNDU4MS05OTBlLTAxNTg4MzE4MDM1My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba80AwDQYJKoZIhvcNAQELBQADggEBAGRmlfMbx0wiJiFyfYrl ezL0+rINs4t1sQDSHMHBqmtDyWRIxz2BaO3Uro2HeqFxePiK3uOknanWYOO+zmXI 37UKgMX1yo9+GJKzb6lnbJT5DNVtZ2HSzvqIxziJiMejXMgINhRwdAB0lzJrUZ0f 8J1Thv6DMjQbLB+zejqg1GCOHZ6/t4BY1Snwczbx5jQf/rrn1N57a0SFwsLoLear kFERJmxVy7vrSfgZgPkQQAuhPxWeSw5faGPW8dGPJfvrQc5hDbk9GmprI9LAmKkE AHK3dY322LMwVbndchYAamp7+mEiBfzRJgM9Iz1/8C/J/xZY5bNLoW9pgx/aZd58 Nb8= -----END CERTIFICATE-----Generated at Wed Nov 5 05:48:43 2025 by rpki-client