$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/982d87a7-4e0b-42ab-a73f-f497b43a2a36.roa File: 982d87a7-4e0b-42ab-a73f-f497b43a2a36.roa (raw, json) Hash identifier: UQZarXrDcjSa+LRJTgyNQHMS93cmaSNNbQd2h9RQNYg= Subject key identifier: 6D:21:BC:83:68:7B:7E:4A:6F:C0:DA:CB:C9:16:A2:0E:50:F7:CF:99 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 247CAFF93BDC8F2C06AD81DE08682C8ADFD43E57 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/982d87a7-4e0b-42ab-a73f-f497b43a2a36.roa Signing time: Sat 01 Nov 2025 00:00:38 +0000 ROA not before: Sat 01 Nov 2025 00:00:38 +0000 ROA not after: Sat 06 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:7c:af:f9:3b:dc:8f:2c:06:ad:81:de:08:68:2c:8a:df:d4:3e:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 1 00:00:38 2025 GMT Not After : Dec 6 23:59:59 2025 GMT Subject: serialNumber=d458d2f928a069776c8d420e0c10b0c7a1e943d540d70f361a5ee0aa650f33ac, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:f7:80:11:f1:4f:84:30:a3:37:49:73:da:61: 33:43:4f:44:4e:9c:7a:ff:59:26:f6:70:11:c6:83: cd:50:04:f7:fe:ef:a0:32:f0:a0:91:89:58:bb:1e: bd:2d:20:e9:84:f3:63:21:85:e9:8d:f3:8c:b9:5c: 71:9b:b2:18:a1:a0:e5:de:e5:64:46:32:70:fd:a2: 50:3a:5c:14:f1:48:3d:5a:de:b7:ff:66:d8:5d:a2: c0:51:7c:61:42:f6:46:96:43:58:98:53:f8:49:61: 57:64:94:61:57:49:dc:eb:11:4d:8e:b1:26:93:d9: de:31:90:41:98:5b:36:1b:9e:c0:c2:65:a0:7e:55: 06:1e:4b:32:a7:5f:a6:b5:01:a1:7b:c5:27:7e:cb: 25:9b:59:93:7b:bc:eb:9d:f3:b0:4a:a2:60:eb:65: 6e:b7:b1:a8:06:c5:87:44:12:cb:3a:c4:b2:69:e3: 6f:ef:07:3a:59:77:c0:e0:ff:50:73:95:b0:27:25: 1e:aa:93:a3:92:01:bf:ea:a7:0c:ec:de:14:08:35: 99:68:c9:c4:e4:bf:4c:2c:40:aa:9d:54:b5:c9:9e: 8e:8f:91:1c:b1:73:ae:0d:8f:29:0a:d6:59:de:f7: f5:05:d3:98:19:b1:8a:87:ca:1a:b5:f0:d8:54:e9: 94:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:21:BC:83:68:7B:7E:4A:6F:C0:DA:CB:C9:16:A2:0E:50:F7:CF:99 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/982d87a7-4e0b-42ab-a73f-f497b43a2a36.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:800::/40 Signature Algorithm: sha256WithRSAEncryption bc:1e:2f:78:0e:38:a4:61:77:27:3c:3e:3b:64:40:d0:d7:65: ab:57:13:95:8b:3b:c6:7c:35:6a:99:e5:0d:3b:9e:72:73:2e: bd:5e:bf:c9:d6:9d:5c:cb:2d:1c:5d:88:0c:f1:c9:9f:16:9f: f5:67:19:c0:fa:cb:02:23:95:ba:31:5d:43:c3:e2:6b:48:d6: cf:9c:eb:8a:44:af:88:65:9a:8f:d2:f8:d8:f2:74:cb:7c:6b: 09:b3:65:58:b4:68:2d:18:24:a0:fb:11:30:6d:d1:da:8e:4b: c4:14:b0:c2:2b:1e:b7:2c:b4:56:1d:44:71:af:95:75:93:8c: 22:89:b3:97:f1:ff:55:30:13:9b:6b:b8:1f:d1:74:99:b5:25: b6:75:b9:e6:3d:b6:4f:52:a6:de:ba:b5:6e:b6:84:3b:8c:5e: 1e:41:a3:4d:c8:46:da:46:5b:fd:32:d8:a7:62:ad:63:4b:f6: 5e:f6:20:ea:42:07:1f:91:03:a1:9b:af:c9:60:70:e1:64:97: 95:2a:72:12:0e:87:66:d7:86:05:16:ed:db:8b:f4:f3:dd:5b: 23:bc:ac:02:98:e8:d6:de:47:41:00:7a:ea:c2:98:de:ba:5c: cd:a9:e9:a6:02:6f:55:3d:7b:15:6c:c0:72:75:57:f4:79:8e: 52:9e:3f:35 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJHyv+TvcjywGrYHeCGgsit/UPlcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwMTAwMDAzOFoX DTI1MTIwNjIzNTk1OVowejFJMEcGA1UEBRNAZDQ1OGQyZjkyOGEwNjk3NzZjOGQ0 MjBlMGMxMGIwYzdhMWU5NDNkNTQwZDcwZjM2MWE1ZWUwYWE2NTBmMzNhYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPeAEfFPhDCjN0lz2mEzQ09ETpx6 /1km9nARxoPNUAT3/u+gMvCgkYlYux69LSDphPNjIYXpjfOMuVxxm7IYoaDl3uVk RjJw/aJQOlwU8Ug9Wt63/2bYXaLAUXxhQvZGlkNYmFP4SWFXZJRhV0nc6xFNjrEm k9neMZBBmFs2G57AwmWgflUGHksyp1+mtQGhe8Unfsslm1mTe7zrnfOwSqJg62Vu t7GoBsWHRBLLOsSyaeNv7wc6WXfA4P9Qc5WwJyUeqpOjkgG/6qcM7N4UCDWZaMnE 5L9MLECqnVS1yZ6Oj5EcsXOuDY8pCtZZ3vf1BdOYGbGKh8oatfDYVOmU0wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG0hvINoe35Kb8Day8kWog5Q98+ZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk4MmQ4N2E3LTRlMGItNDJhYi1hNzNmLWY0OTdiNDNhMmEzNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauQgwDQYJKoZIhvcNAQELBQADggEBALweL3gOOKRhdyc8Pjtk QNDXZatXE5WLO8Z8NWqZ5Q07nnJzLr1ev8nWnVzLLRxdiAzxyZ8Wn/VnGcD6ywIj lboxXUPD4mtI1s+c64pEr4hlmo/S+NjydMt8awmzZVi0aC0YJKD7ETBt0dqOS8QU sMIrHrcstFYdRHGvlXWTjCKJs5fx/1UwE5truB/RdJm1JbZ1ueY9tk9Spt66tW62 hDuMXh5Bo03IRtpGW/0y2KdirWNL9l72IOpCBx+RA6Gbr8lgcOFkl5UqchIOh2bX hgUW7duL9PPdWyO8rAKY6NbeR0EAeurCmN66XM2p6aYCb1U9exVswHJ1V/R5jlKe PzU= -----END CERTIFICATE-----Generated at Wed Nov 5 11:04:14 2025 by rpki-client