$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/86eb88ff-78f4-4f08-a1fa-b28fc3bf05ef.roa File: 86eb88ff-78f4-4f08-a1fa-b28fc3bf05ef.roa (raw, json) Hash identifier: mVgf7ASXN9W8opXgPbJWv8Y6grPI17ZJsTxaU9Ei20I= Subject key identifier: 35:05:B4:12:34:F1:59:56:40:34:C1:FB:5F:28:DB:30:45:E5:F3:44 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 361389138C07E3BB50A203247F5AF8BC51A00A1D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/86eb88ff-78f4-4f08-a1fa-b28fc3bf05ef.roa Signing time: Sun 02 Nov 2025 00:00:30 +0000 ROA not before: Sun 02 Nov 2025 00:00:30 +0000 ROA not after: Sun 07 Dec 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da60:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:13:89:13:8c:07:e3:bb:50:a2:03:24:7f:5a:f8:bc:51:a0:0a:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 2 00:00:30 2025 GMT Not After : Dec 7 23:59:59 2025 GMT Subject: serialNumber=b6656eac7d1dfacfcdad823d50564f4c4dcf4c54872176d1535b9538ee9c6bbd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:8e:94:9e:df:ab:c9:06:37:52:6c:03:2f:fa: a8:ba:26:a8:5a:d0:96:12:da:7f:00:0d:39:9a:3a: 24:7d:15:eb:35:97:54:47:4f:90:17:96:d4:6d:33: 4b:b6:34:0f:a8:1c:99:8e:19:9a:aa:05:8f:ef:8a: 1a:32:02:44:e1:0d:c2:85:2d:f6:6c:3f:0a:0d:27: 3d:25:26:40:fd:10:36:a6:08:d3:1f:a0:46:af:16: af:49:aa:44:bd:1d:a1:1a:0e:80:2e:dc:bc:64:b3: ef:b3:ad:13:1a:05:48:c9:4a:e2:33:54:ef:8c:21: 6f:26:4b:fd:25:d6:95:63:2c:25:15:36:7f:4d:f8: 1f:3d:89:2f:e9:8e:85:85:b9:45:fa:b8:19:bd:2b: e3:c3:c1:9a:f7:18:4d:5a:5f:25:76:9b:15:ae:c3: 4c:16:48:46:27:f6:d5:74:87:71:f6:88:c1:d3:72: 95:2a:bc:65:c4:6a:3c:45:ed:e9:b6:f2:97:0f:fe: c6:5c:c8:61:75:aa:6c:e4:e9:78:8f:f4:62:56:14: 92:c2:13:28:97:a9:6f:03:71:f6:d7:20:a3:c2:ce: c6:e9:0d:fe:6d:e4:8f:e8:a7:2a:40:77:59:44:d8: 88:ea:85:1e:d6:24:c6:a6:19:aa:88:ad:ff:86:23: b5:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:05:B4:12:34:F1:59:56:40:34:C1:FB:5F:28:DB:30:45:E5:F3:44 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/86eb88ff-78f4-4f08-a1fa-b28fc3bf05ef.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:1000::/40 Signature Algorithm: sha256WithRSAEncryption 71:4f:92:95:27:5c:3f:1b:2b:10:7c:28:8a:f5:cb:af:83:0a: ff:25:cd:1d:72:53:0f:30:50:ac:b9:35:48:0d:70:2c:8f:96: 15:33:4c:35:6f:17:bf:2f:34:f9:9d:37:7c:aa:05:94:d2:0a: 62:3d:5d:89:94:cf:23:e2:32:a4:b1:fa:aa:7a:04:92:68:55: d4:94:5e:da:cc:5e:bf:43:15:02:f2:13:c8:d3:21:a2:7e:f5: f1:e3:30:80:e6:c6:ac:96:ff:c4:57:b7:c7:96:62:92:c7:d8: 0c:0a:4b:b7:b1:1b:ac:93:97:3a:f5:97:bc:41:2a:cd:aa:3d: 7a:91:d4:63:85:70:9e:46:b9:d0:6a:2b:c2:92:7d:fa:6e:65: b2:fd:1c:8d:dc:26:6e:fb:00:b6:21:ae:f2:c4:83:00:6c:d3: c2:fa:b8:b4:47:c7:1d:c4:e5:0e:21:0c:65:44:8f:4a:75:7c: 1b:ab:77:ed:8c:09:e3:83:b2:00:26:00:bb:c4:8d:f0:d6:62: 7b:0c:1c:5b:67:15:92:b0:50:26:6e:f3:22:1b:aa:85:f8:19: cd:c9:c0:a9:c3:0c:76:7f:23:6f:ed:f7:6e:55:ed:70:84:df: 01:6f:d0:4e:49:4b:48:c7:fb:0a:39:14:4a:cc:fe:60:e7:3d: 97:c1:b8:41 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNhOJE4wH47tQogMkf1r4vFGgCh0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwMjAwMDAzMFoX DTI1MTIwNzIzNTk1OVowejFJMEcGA1UEBRNAYjY2NTZlYWM3ZDFkZmFjZmNkYWQ4 MjNkNTA1NjRmNGM0ZGNmNGM1NDg3MjE3NmQxNTM1Yjk1MzhlZTljNmJiZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnY6Unt+ryQY3UmwDL/qouiaoWtCW Etp/AA05mjokfRXrNZdUR0+QF5bUbTNLtjQPqByZjhmaqgWP74oaMgJE4Q3ChS32 bD8KDSc9JSZA/RA2pgjTH6BGrxavSapEvR2hGg6ALty8ZLPvs60TGgVIyUriM1Tv jCFvJkv9JdaVYywlFTZ/TfgfPYkv6Y6FhblF+rgZvSvjw8Ga9xhNWl8ldpsVrsNM FkhGJ/bVdIdx9ojB03KVKrxlxGo8Re3ptvKXD/7GXMhhdaps5Ol4j/RiVhSSwhMo l6lvA3H21yCjws7G6Q3+beSP6KcqQHdZRNiI6oUe1iTGphmqiK3/hiO1gQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDUFtBI08VlWQDTB+18o2zBF5fNEMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg2ZWI4OGZmLTc4ZjQtNGYwOC1hMWZhLWIyOGZjM2JmMDVlZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYBAwDQYJKoZIhvcNAQELBQADggEBAHFPkpUnXD8bKxB8KIr1 y6+DCv8lzR1yUw8wUKy5NUgNcCyPlhUzTDVvF78vNPmdN3yqBZTSCmI9XYmUzyPi MqSx+qp6BJJoVdSUXtrMXr9DFQLyE8jTIaJ+9fHjMIDmxqyW/8RXt8eWYpLH2AwK S7exG6yTlzr1l7xBKs2qPXqR1GOFcJ5GudBqK8KSffpuZbL9HI3cJm77ALYhrvLE gwBs08L6uLRHxx3E5Q4hDGVEj0p1fBurd+2MCeODsgAmALvEjfDWYnsMHFtnFZKw UCZu8yIbqoX4Gc3JwKnDDHZ/I2/t925V7XCE3wFv0E5JS0jH+wo5FErM/mDnPZfB uEE= -----END CERTIFICATE-----Generated at Wed Nov 5 05:40:13 2025 by rpki-client