$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/81118eea-9566-4bf8-8345-117fe601454d.roa File: 81118eea-9566-4bf8-8345-117fe601454d.roa (raw, json) Hash identifier: LlHrF/sk/+EUI9f5xHpJjqSnjLRHdeb+38dsu7dyeqg= Subject key identifier: 6F:66:3D:65:F6:31:24:2E:29:58:27:4C:E2:54:8A:DB:53:02:2F:1E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6C6057044D67B8E87931429B201538E503C56382 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/81118eea-9566-4bf8-8345-117fe601454d.roa Signing time: Wed 29 Oct 2025 07:37:56 +0000 ROA not before: Wed 29 Oct 2025 07:37:56 +0000 ROA not after: Wed 03 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:28c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:60:57:04:4d:67:b8:e8:79:31:42:9b:20:15:38:e5:03:c5:63:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 29 07:37:56 2025 GMT Not After : Dec 3 23:59:59 2025 GMT Subject: serialNumber=8bfe5f855817dd05f0f53fc217b4ec0689197740c1ca3fc155a217de07e333dc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:95:f7:be:f5:88:0a:b5:e0:d1:aa:e5:9a:72: eb:e6:ff:c0:42:8f:92:05:28:15:19:cc:37:88:93: 13:e0:0e:34:8f:d1:e0:df:f0:46:3d:6a:da:be:4a: 85:06:75:ce:6d:3e:7c:9d:0d:47:3e:df:6f:ca:5a: ac:2e:5a:d4:08:4e:70:90:48:82:64:b8:2a:bf:4b: 4f:e8:ce:3e:c1:17:44:cc:e8:95:d9:7d:28:73:a9: f3:30:09:93:e3:d2:9d:3a:4d:41:90:ea:85:62:88: 14:3f:03:4f:a9:48:70:86:ea:18:3c:f2:2d:17:20: 0b:a8:eb:91:a3:c9:35:b1:ba:3d:4e:43:a8:0e:d6: 28:7b:1d:ae:58:00:f9:92:45:db:7a:3e:fa:e9:9a: a3:4e:d9:7d:82:28:c0:6b:d7:d6:93:e8:69:a5:70: 80:f8:d9:c1:6a:38:51:00:6a:9a:03:ba:45:47:3e: 42:7e:4e:e1:a2:e0:d9:b3:07:05:46:10:aa:aa:29: 3d:6a:4d:ed:ef:2c:d7:00:2b:ce:9b:4f:aa:75:f4: 25:e7:31:b0:83:ce:b3:a0:b8:88:d9:e4:66:34:a8: fe:8f:c0:c7:fe:f2:a6:da:89:74:5e:6f:f3:76:2d: a0:38:95:c5:cd:c5:6c:15:6b:fc:39:7f:0c:ce:9b: 37:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:66:3D:65:F6:31:24:2E:29:58:27:4C:E2:54:8A:DB:53:02:2F:1E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/81118eea-9566-4bf8-8345-117fe601454d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:28c0::/48 Signature Algorithm: sha256WithRSAEncryption 7e:9b:0e:cd:9e:ad:ad:df:9b:7e:ac:15:8e:b1:a0:67:97:27: 0f:3d:74:af:e8:4c:a9:cb:68:a2:73:95:73:cd:ec:5a:b8:75: eb:b4:72:a4:23:5f:2e:cc:a4:02:45:8f:1f:09:51:36:e2:ed: f4:85:50:c2:3e:9d:5b:db:09:73:89:07:f7:af:5b:83:77:39: 3a:f6:ca:1c:6e:8e:ac:76:b1:8c:77:5f:2d:1a:43:2a:c0:37: 65:7b:fa:a5:b6:0a:ee:46:92:53:a6:8d:04:5f:14:f3:af:6f: 83:be:d0:fd:86:8a:0e:73:10:bd:73:a4:f2:a4:5c:9b:24:7b: 0e:fa:ab:8f:3d:be:57:c6:42:9e:81:95:36:25:06:df:7b:93: 18:b2:9e:2d:93:7c:65:1c:33:45:18:b4:70:8f:a1:8e:48:7e: 28:a0:0f:e5:b3:92:de:e8:6f:98:91:6e:da:33:bd:7d:98:7d: 11:6a:14:8a:20:9e:bd:ee:ff:e5:b8:19:0a:57:38:31:b7:3a: b6:85:37:72:4d:1f:0d:1c:fa:4a:5e:41:0a:d1:ae:66:36:3c: 4c:41:70:84:cb:bc:9f:27:4a:8e:e3:dd:aa:21:75:2e:79:68: 7e:f5:1e:9e:a5:df:7e:00:52:c1:10:5c:f1:f8:e1:ac:3c:4a: 50:4b:89:f7 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUbGBXBE1nuOh5MUKbIBU45QPFY4IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyOTA3Mzc1NloX DTI1MTIwMzIzNTk1OVowejFJMEcGA1UEBRNAOGJmZTVmODU1ODE3ZGQwNWYwZjUz ZmMyMTdiNGVjMDY4OTE5Nzc0MGMxY2EzZmMxNTVhMjE3ZGUwN2UzMzNkYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJX3vvWICrXg0arlmnLr5v/AQo+S BSgVGcw3iJMT4A40j9Hg3/BGPWravkqFBnXObT58nQ1HPt9vylqsLlrUCE5wkEiC ZLgqv0tP6M4+wRdEzOiV2X0oc6nzMAmT49KdOk1BkOqFYogUPwNPqUhwhuoYPPIt FyALqOuRo8k1sbo9TkOoDtYoex2uWAD5kkXbej766ZqjTtl9gijAa9fWk+hppXCA +NnBajhRAGqaA7pFRz5Cfk7houDZswcFRhCqqik9ak3t7yzXACvOm0+qdfQl5zGw g86zoLiI2eRmNKj+j8DH/vKm2ol0Xm/zdi2gOJXFzcVsFWv8OX8Mzps39wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFG9mPWX2MSQuKVgnTOJUittTAi8eMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzgxMTE4ZWVhLTk1NjYtNGJmOC04MzQ1LTExN2ZlNjAxNDU0ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6ijAMA0GCSqGSIb3DQEBCwUAA4IBAQB+mw7Nnq2t35t+rBWO saBnlycPPXSv6Eypy2iic5VzzexauHXrtHKkI18uzKQCRY8fCVE24u30hVDCPp1b 2wlziQf3r1uDdzk69socbo6sdrGMd18tGkMqwDdle/qltgruRpJTpo0EXxTzr2+D vtD9hooOcxC9c6TypFybJHsO+quPPb5XxkKegZU2JQbfe5MYsp4tk3xlHDNFGLRw j6GOSH4ooA/ls5Le6G+YkW7aM719mH0RahSKIJ697v/luBkKVzgxtzq2hTdyTR8N HPpKXkEK0a5mNjxMQXCEy7yfJ0qO492qIXUueWh+9R6epd9+AFLBEFzx+OGsPEpQ S4n3 -----END CERTIFICATE-----Generated at Wed Nov 5 05:39:04 2025 by rpki-client