$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/931330f5-9897-4b1f-9582-a81df9bb0324.roa File: 931330f5-9897-4b1f-9582-a81df9bb0324.roa (raw, json) Hash identifier: VvEUGfIXNj4vTWwTC1VKGIn6citw2NQ+Exi/dqNW420= Subject key identifier: 61:C8:7D:37:B0:31:4F:CE:65:C2:78:1C:25:02:34:A6:4D:11:5A:11 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 551860DA2532FECFB72D52031AF45614922AD83D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/931330f5-9897-4b1f-9582-a81df9bb0324.roa Signing time: Wed 15 Oct 2025 00:00:46 +0000 ROA not before: Wed 15 Oct 2025 00:00:46 +0000 ROA not after: Wed 19 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:18:60:da:25:32:fe:cf:b7:2d:52:03:1a:f4:56:14:92:2a:d8:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 15 00:00:46 2025 GMT Not After : Nov 19 23:59:59 2025 GMT Subject: serialNumber=f663d78575e87327d3bf2b6897f0b9a49bb73e926c9907e8335d031cd948066c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:4f:b0:4b:00:cf:89:9d:fe:72:2c:36:eb:51: 05:7c:01:e8:a3:81:5a:53:50:6e:21:e0:d4:09:53: 64:f1:11:5c:8c:01:6d:60:e4:83:9d:1c:fc:ca:92: 64:6a:f2:84:13:79:2c:53:2b:13:fe:82:44:7b:4c: 57:cf:89:4b:c3:7d:e7:23:a8:56:f7:85:90:23:a0: 08:d2:ca:db:fa:71:25:88:52:e1:6e:59:0f:9f:df: 31:8e:fb:0e:4f:44:89:e2:37:24:16:e2:12:f1:41: 4a:3f:ef:3e:ec:e0:aa:eb:4a:2e:3e:6b:75:81:6c: bc:48:64:8a:b7:c4:aa:8e:1f:a7:18:8f:87:a6:d8: f7:9c:bb:75:11:5f:26:ef:8b:85:da:17:9c:d6:39: 64:db:72:f4:63:c1:6c:7f:59:57:2a:4b:ff:28:15: 5a:ad:95:53:85:cb:88:91:53:b0:e5:48:64:76:24: 79:a9:d7:96:8f:17:e4:ac:00:b2:f2:1a:f7:d4:40: ce:20:44:12:e7:3d:45:66:4d:0d:01:2f:6c:6e:6a: 7c:46:05:2b:c4:cf:a3:5f:ef:2d:70:15:91:ce:b7: 1f:3f:b5:a6:5a:e9:90:f6:7c:17:78:18:a4:f6:92: 5e:e9:f8:12:60:3c:6a:9e:5a:bc:6e:1e:cb:fc:33: 69:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:C8:7D:37:B0:31:4F:CE:65:C2:78:1C:25:02:34:A6:4D:11:5A:11 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/931330f5-9897-4b1f-9582-a81df9bb0324.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:6000::/40 Signature Algorithm: sha256WithRSAEncryption 7d:72:b8:d0:1d:cb:e7:a9:b7:b7:73:e2:e6:a8:fb:fa:cd:cb: 1a:58:13:f4:7c:da:76:4c:8e:3a:59:87:81:54:16:81:76:e1: 1b:c4:e1:24:5b:7e:ee:f6:ea:5a:38:5e:71:15:dc:0a:f5:9f: 37:77:f9:c0:73:30:b4:b2:83:10:02:d1:a3:25:b7:a1:4f:f0: af:bb:8c:de:08:c8:e3:3c:74:f9:5b:41:4f:a3:f4:79:33:38: 04:cb:6b:c5:96:fc:73:9e:47:e9:27:32:f8:f9:da:ad:4d:37: 5b:32:8b:92:a0:cf:88:e0:4e:25:91:49:51:70:d4:0a:cd:1a: ad:30:2c:1c:69:5f:8c:65:f4:3f:0a:7b:77:b8:1d:e3:b0:86: e2:f7:13:67:b6:87:b7:5b:6d:c3:4a:f1:3c:fc:48:d7:c6:6e: 51:8a:fe:7a:06:1a:70:29:b6:71:94:c8:eb:4c:ea:f9:9b:3e: e2:ee:b5:9d:47:37:58:51:99:65:c4:fc:de:b2:1c:6f:a7:04: 35:6a:59:f2:54:54:76:6c:d9:9e:f9:97:61:38:8b:67:1a:49: b3:49:e9:5c:d6:02:7d:c6:ad:8a:c0:b9:b8:a2:bf:e1:6f:55: 2d:c3:b7:f8:15:a1:90:e6:80:43:f2:b0:e6:84:a0:ae:0c:ec: fe:ae:6f:e7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVRhg2iUy/s+3LVIDGvRWFJIq2D0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNTAwMDA0NloX DTI1MTExOTIzNTk1OVowejFJMEcGA1UEBRNAZjY2M2Q3ODU3NWU4NzMyN2QzYmYy YjY4OTdmMGI5YTQ5YmI3M2U5MjZjOTkwN2U4MzM1ZDAzMWNkOTQ4MDY2YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjk+wSwDPiZ3+ciw261EFfAHoo4Fa U1BuIeDUCVNk8RFcjAFtYOSDnRz8ypJkavKEE3ksUysT/oJEe0xXz4lLw33nI6hW 94WQI6AI0srb+nEliFLhblkPn98xjvsOT0SJ4jckFuIS8UFKP+8+7OCq60ouPmt1 gWy8SGSKt8Sqjh+nGI+Hptj3nLt1EV8m74uF2hec1jlk23L0Y8Fsf1lXKkv/KBVa rZVThcuIkVOw5UhkdiR5qdeWjxfkrACy8hr31EDOIEQS5z1FZk0NAS9sbmp8RgUr xM+jX+8tcBWRzrcfP7WmWumQ9nwXeBik9pJe6fgSYDxqnlq8bh7L/DNpyQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGHIfTewMU/OZcJ4HCUCNKZNEVoRMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkzMTMzMGY1LTk4OTctNGIxZi05NTgyLWE4MWRmOWJiMDMyNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/mAwDQYJKoZIhvcNAQELBQADggEBAH1yuNAdy+ept7dz4uao +/rNyxpYE/R82nZMjjpZh4FUFoF24RvE4SRbfu726lo4XnEV3Ar1nzd3+cBzMLSy gxAC0aMlt6FP8K+7jN4IyOM8dPlbQU+j9HkzOATLa8WW/HOeR+knMvj52q1NN1sy i5Kgz4jgTiWRSVFw1ArNGq0wLBxpX4xl9D8Ke3e4HeOwhuL3E2e2h7dbbcNK8Tz8 SNfGblGK/noGGnAptnGUyOtM6vmbPuLutZ1HN1hRmWXE/N6yHG+nBDVqWfJUVHZs 2Z75l2E4i2caSbNJ6VzWAn3GrYrAubiiv+FvVS3Dt/gVoZDmgEPysOaEoK4M7P6u b+c= -----END CERTIFICATE-----Generated at Wed Nov 5 09:50:34 2025 by rpki-client