$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7105aadf-8449-4060-98c4-d4b349ff7892.roa File: 7105aadf-8449-4060-98c4-d4b349ff7892.roa (raw, json) Hash identifier: 68+uCyxCp6AKlTSzwR4bXRo6v27clWLF7jPKT4BqG/M= Subject key identifier: 34:57:33:54:03:43:BC:AE:CB:F7:C6:1B:1B:A1:6D:B0:A1:2A:0E:10 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2095F9A855827A0A08735AC0C7177EEEC0E618F5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7105aadf-8449-4060-98c4-d4b349ff7892.roa Signing time: Fri 31 Oct 2025 00:00:24 +0000 ROA not before: Fri 31 Oct 2025 00:00:24 +0000 ROA not after: Fri 05 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:95:f9:a8:55:82:7a:0a:08:73:5a:c0:c7:17:7e:ee:c0:e6:18:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 31 00:00:24 2025 GMT Not After : Dec 5 23:59:59 2025 GMT Subject: serialNumber=8b39ac490f81a64fee48588ebdaae7ad0d043cf0b9d47c2647bf33d455682266, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:69:34:72:bd:50:81:bf:5f:f5:59:25:d4:ad: bd:f3:ca:8e:f8:1f:0e:f0:ee:1a:a1:95:90:57:45: 4b:8a:f8:7f:b2:a0:9c:3f:7c:48:ee:99:c7:02:e0: 1e:c6:71:f2:38:8e:66:ee:ee:4b:b9:a4:fc:ac:b5: 93:6b:a2:a1:36:20:02:c9:af:53:4c:91:e9:66:c2: f2:bd:6b:16:fc:8c:61:3e:3e:8c:98:04:8e:a4:93: a6:fb:03:f7:60:d2:1b:5a:56:2f:09:38:61:0d:92: 78:aa:ab:ad:12:5e:98:f0:c7:6b:a7:27:7b:4a:38: 0c:37:47:f5:0a:ed:21:58:c9:de:11:22:53:54:6f: 25:08:7f:ef:25:b6:bc:6f:89:b3:1c:e9:ac:43:5a: 42:47:84:d6:b8:38:7b:f9:95:4f:40:7f:f4:25:4c: 40:c0:fd:35:8f:2e:6b:a7:f8:ee:51:a5:e1:70:57: 8e:c1:d7:96:8a:90:ff:1f:e8:e5:84:59:f7:c0:b1: ba:9c:b5:e8:8b:b9:31:07:89:60:85:51:c3:5a:04: 87:0e:4b:62:0d:7f:9d:4a:88:b7:8e:07:15:0b:2e: 36:73:e4:c1:dc:26:fe:a1:f6:ce:0e:60:2f:49:bc: 79:27:af:95:2a:a4:a3:da:9e:73:8b:b1:7a:67:d5: 6c:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:57:33:54:03:43:BC:AE:CB:F7:C6:1B:1B:A1:6D:B0:A1:2A:0E:10 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7105aadf-8449-4060-98c4-d4b349ff7892.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:b000::/40 Signature Algorithm: sha256WithRSAEncryption 88:d1:18:e8:2e:01:ac:e9:6e:53:a8:b6:29:9f:1d:1c:bb:46: aa:2d:19:84:d3:38:74:d8:8b:f3:41:37:eb:83:53:ce:b2:e1: ed:d0:88:c8:f4:d0:e1:6a:22:16:30:2e:7d:b8:d5:ce:fe:fb: 8a:69:ce:00:d7:f9:11:b0:37:0a:9f:41:be:0f:cb:c6:39:90: 80:93:d6:c2:1e:91:42:95:ef:2d:85:a0:e5:83:e9:0f:87:a9: 9d:0c:ee:d7:b4:a3:4c:24:c1:e4:1c:8a:3e:b1:b0:07:0c:81: 67:45:d5:35:0b:1f:bc:d1:d4:40:b1:7d:50:64:fc:32:26:07: 2a:58:e0:a5:52:8b:0b:89:f0:01:ca:a1:29:93:c6:b3:cb:49: 3b:52:ec:43:d2:0c:2d:12:f7:00:2b:f4:23:6e:1e:e0:ba:13: 2e:e6:6d:88:ca:34:9b:b1:f7:d9:91:05:37:33:29:f6:c9:0e: fa:9f:c3:e6:be:5e:bb:87:72:ff:c2:50:66:79:53:92:72:03: c7:62:c0:fb:b1:96:54:e1:ef:be:cb:08:2c:c7:3b:6c:51:e1: 87:f7:c4:e2:18:78:ac:bf:53:00:9c:a8:e1:bb:cc:5a:04:5e: ab:bc:cb:fc:61:25:d3:5e:bc:d5:eb:f8:ab:ef:62:18:f3:cf: 6a:c7:ed:ac -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIJX5qFWCegoIc1rAxxd+7sDmGPUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAzMTAwMDAyNFoX DTI1MTIwNTIzNTk1OVowejFJMEcGA1UEBRNAOGIzOWFjNDkwZjgxYTY0ZmVlNDg1 ODhlYmRhYWU3YWQwZDA0M2NmMGI5ZDQ3YzI2NDdiZjMzZDQ1NTY4MjI2NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmk0cr1Qgb9f9Vkl1K2988qO+B8O 8O4aoZWQV0VLivh/sqCcP3xI7pnHAuAexnHyOI5m7u5LuaT8rLWTa6KhNiACya9T TJHpZsLyvWsW/IxhPj6MmASOpJOm+wP3YNIbWlYvCThhDZJ4qqutEl6Y8Mdrpyd7 SjgMN0f1Cu0hWMneESJTVG8lCH/vJba8b4mzHOmsQ1pCR4TWuDh7+ZVPQH/0JUxA wP01jy5rp/juUaXhcFeOwdeWipD/H+jlhFn3wLG6nLXoi7kxB4lghVHDWgSHDkti DX+dSoi3jgcVCy42c+TB3Cb+ofbODmAvSbx5J6+VKqSj2p5zi7F6Z9VswwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDRXM1QDQ7yuy/fGGxuhbbChKg4QMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcxMDVhYWRmLTg0NDktNDA2MC05OGM0LWQ0YjM0OWZmNzg5Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9bAwDQYJKoZIhvcNAQELBQADggEBAIjRGOguAazpblOotimf HRy7RqotGYTTOHTYi/NBN+uDU86y4e3QiMj00OFqIhYwLn241c7++4ppzgDX+RGw NwqfQb4Py8Y5kICT1sIekUKV7y2FoOWD6Q+HqZ0M7te0o0wkweQcij6xsAcMgWdF 1TULH7zR1ECxfVBk/DImBypY4KVSiwuJ8AHKoSmTxrPLSTtS7EPSDC0S9wAr9CNu HuC6Ey7mbYjKNJux99mRBTczKfbJDvqfw+a+XruHcv/CUGZ5U5JyA8diwPuxllTh 777LCCzHO2xR4Yf3xOIYeKy/UwCcqOG7zFoEXqu8y/xhJdNevNXr+KvvYhjzz2rH 7aw= -----END CERTIFICATE-----Generated at Wed Nov 5 22:12:54 2025 by rpki-client