$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/87e22441-1418-4229-88ee-c283b029cb95.roa File: 87e22441-1418-4229-88ee-c283b029cb95.roa (raw, json) Hash identifier: OrTWiEBEcGmIS+r23qEzqOTz7RM5kfzfn2cCyA8SWsk= Subject key identifier: 73:86:9E:5B:20:2F:6E:54:73:53:40:DE:22:79:89:92:E5:30:F0:9E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3DD9759D69F60180336FCDB6489D1B7234113B31 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/87e22441-1418-4229-88ee-c283b029cb95.roa Signing time: Tue 21 Oct 2025 00:00:47 +0000 ROA not before: Tue 21 Oct 2025 00:00:47 +0000 ROA not after: Tue 25 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daef:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:d9:75:9d:69:f6:01:80:33:6f:cd:b6:48:9d:1b:72:34:11:3b:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 21 00:00:47 2025 GMT Not After : Nov 25 23:59:59 2025 GMT Subject: serialNumber=55c6e3eb9f51cc68392758a710bb071a51e95b3fd9a1fb2ca063c58e48369fdc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:b5:99:f0:ba:16:2a:e9:0b:b5:bb:81:34:db: 65:c8:6a:d7:39:1a:a5:ca:5e:bd:2c:40:f3:f5:69: 0e:92:c8:6c:26:fc:50:de:4a:7d:2b:e3:13:7b:c5: e3:5c:83:5f:4f:bb:c9:11:c0:a5:49:d0:ab:00:91: 96:e8:fe:3d:97:c7:b2:a3:97:5d:50:45:d9:00:ab: 5d:0d:07:60:09:5b:39:95:79:ff:f8:b9:17:47:e4: 85:86:9e:a6:be:a0:92:fd:e3:ee:dc:c8:ee:95:2c: 92:cb:74:62:e2:42:fb:55:8a:f3:84:f2:ca:d6:07: 1c:6d:13:1e:29:6c:14:04:dc:52:4f:71:a7:49:92: 8a:ef:7d:41:15:fd:e5:2b:96:e7:5f:77:b8:91:73: de:b8:d5:02:cc:53:c5:2f:b0:aa:62:03:74:c3:ac: c1:3d:59:30:4b:7f:3f:59:7a:68:9c:fe:ed:54:51: be:b5:4b:1f:c7:12:3d:a3:d4:e5:21:bc:ef:2b:75: ca:58:8d:34:d7:d6:1b:f0:2c:b4:b7:b9:66:d2:2d: 7e:d7:70:af:65:dd:c9:ad:18:02:07:4a:ee:b6:65: aa:2f:cc:b4:a0:ce:1f:a9:04:65:eb:c7:61:84:9d: 83:9b:a3:00:65:f4:87:29:47:dd:76:1a:ec:4a:ff: 88:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:86:9E:5B:20:2F:6E:54:73:53:40:DE:22:79:89:92:E5:30:F0:9E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/87e22441-1418-4229-88ee-c283b029cb95.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:9000::/40 Signature Algorithm: sha256WithRSAEncryption a6:1c:71:b2:11:34:72:e4:46:23:51:ab:18:3c:ea:fa:da:cb: 90:99:e9:eb:67:9f:9b:2d:e3:43:0f:46:78:49:ac:12:57:15: 7b:33:2e:3b:60:37:24:6a:cf:be:a2:5d:26:1d:92:3f:19:bd: 98:31:39:50:c8:59:fc:96:e6:bc:2c:6c:9f:14:10:7a:27:ba: d0:57:32:da:c0:ad:ee:69:4a:ba:9b:fb:6f:7e:5f:4e:b9:4e: 50:b2:f6:f6:25:eb:d8:56:cf:c5:e1:b2:1c:ce:54:0e:c0:83: 6c:53:81:34:08:a8:2e:b6:8e:cd:f2:cd:3d:b6:65:d8:c6:e4: ab:70:01:44:38:af:60:42:d3:63:41:55:23:f8:d6:74:b8:ea: 84:12:25:c7:dd:51:ac:97:1e:b9:5a:4a:38:10:0b:5e:f9:b1: 98:1c:f1:75:9c:c3:8b:46:86:26:bf:8b:d8:cb:2a:a2:78:83: 81:10:ee:b6:d7:2a:96:83:21:c7:f5:ce:f4:a2:b2:b3:e9:1a: 95:00:0f:b1:3c:2e:31:5f:96:b7:b0:9e:32:89:56:dd:15:fe: db:dc:4e:df:50:df:6d:ba:a8:da:91:9e:bf:75:59:c2:7c:d3: c8:bc:91:b4:dc:ad:80:0d:1c:4d:5f:c4:65:41:11:a2:3e:65: 02:c8:2d:62 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPdl1nWn2AYAzb822SJ0bcjQROzEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyMTAwMDA0N1oX DTI1MTEyNTIzNTk1OVowejFJMEcGA1UEBRNANTVjNmUzZWI5ZjUxY2M2ODM5Mjc1 OGE3MTBiYjA3MWE1MWU5NWIzZmQ5YTFmYjJjYTA2M2M1OGU0ODM2OWZkYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLWZ8LoWKukLtbuBNNtlyGrXORql yl69LEDz9WkOkshsJvxQ3kp9K+MTe8XjXINfT7vJEcClSdCrAJGW6P49l8eyo5dd UEXZAKtdDQdgCVs5lXn/+LkXR+SFhp6mvqCS/ePu3MjulSySy3Ri4kL7VYrzhPLK 1gccbRMeKWwUBNxST3GnSZKK731BFf3lK5bnX3e4kXPeuNUCzFPFL7CqYgN0w6zB PVkwS38/WXponP7tVFG+tUsfxxI9o9TlIbzvK3XKWI0019Yb8Cy0t7lm0i1+13Cv Zd3JrRgCB0rutmWqL8y0oM4fqQRl68dhhJ2Dm6MAZfSHKUfddhrsSv+InwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHOGnlsgL25Uc1NA3iJ5iZLlMPCeMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg3ZTIyNDQxLTE0MTgtNDIyOS04OGVlLWMyODNiMDI5Y2I5NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba75AwDQYJKoZIhvcNAQELBQADggEBAKYccbIRNHLkRiNRqxg8 6vray5CZ6etnn5st40MPRnhJrBJXFXszLjtgNyRqz76iXSYdkj8ZvZgxOVDIWfyW 5rwsbJ8UEHonutBXMtrAre5pSrqb+29+X065TlCy9vYl69hWz8XhshzOVA7Ag2xT gTQIqC62js3yzT22ZdjG5KtwAUQ4r2BC02NBVSP41nS46oQSJcfdUayXHrlaSjgQ C175sZgc8XWcw4tGhia/i9jLKqJ4g4EQ7rbXKpaDIcf1zvSisrPpGpUAD7E8LjFf lrewnjKJVt0V/tvcTt9Q3226qNqRnr91WcJ808i8kbTcrYANHE1fxGVBEaI+ZQLI LWI= -----END CERTIFICATE-----Generated at Wed Nov 5 11:36:39 2025 by rpki-client