$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a37838b8-524c-4ff8-b517-727be63ea330.roa File: a37838b8-524c-4ff8-b517-727be63ea330.roa (raw, json) Hash identifier: kmH0WmBqknPej9Ad7PjKur8Cp7EHKUMPKlzErWt+OPw= Subject key identifier: E6:49:B6:E7:E2:ED:16:4D:3B:D5:F8:AA:E2:65:E5:A5:15:73:FE:61 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 760F2E8619151A137EA167EF0744D4CE8AC97E5B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a37838b8-524c-4ff8-b517-727be63ea330.roa Signing time: Wed 29 Oct 2025 07:39:04 +0000 ROA not before: Wed 29 Oct 2025 07:39:04 +0000 ROA not after: Wed 03 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:a040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:0f:2e:86:19:15:1a:13:7e:a1:67:ef:07:44:d4:ce:8a:c9:7e:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 29 07:39:04 2025 GMT Not After : Dec 3 23:59:59 2025 GMT Subject: serialNumber=1ed7caaa8171ebc1c09f5e9c9700ab002da4b6f97c84d9e3b7302b7d01ceab53, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:6b:8b:a3:92:c8:80:b9:b7:ed:88:d1:d3:f9: 0e:39:c9:af:bb:5d:a9:6e:2e:76:a9:df:47:c8:35: 4a:c2:ce:61:18:91:f0:bc:37:05:58:44:49:e9:81: 88:77:26:c6:bf:32:eb:a5:07:d4:d4:df:7c:59:9b: 04:d2:01:9d:04:51:a6:59:82:eb:3b:4c:ee:46:76: 92:ea:a2:1e:9c:44:6c:99:c8:df:b3:65:21:6d:d9: 91:22:c2:69:81:75:d7:18:42:d0:17:91:8c:f1:65: e6:d2:1d:0b:48:42:af:e8:89:c9:e8:cc:72:6a:32: 96:5f:08:f1:33:72:6e:7f:30:c3:ea:18:64:7e:59: fa:87:98:96:96:5a:b9:b8:d6:54:82:78:24:a4:c7: 51:af:8b:cf:4e:d9:8f:77:f0:89:2c:8c:d9:df:39: 2e:72:3f:06:6b:46:bc:26:f8:37:ab:05:01:56:df: 5a:61:00:74:0d:bc:92:d7:d8:25:9a:c8:bc:70:9c: e0:d1:a0:59:f2:67:2c:96:9b:ac:f7:f5:48:50:39: a5:8d:09:0a:12:31:47:ac:09:5d:c3:24:1a:f3:9b: 5a:4f:bc:ac:67:bc:96:69:9c:1a:20:ea:3a:07:a5: 55:68:6b:e7:64:af:70:35:5f:b1:d7:50:1c:22:01: f3:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:49:B6:E7:E2:ED:16:4D:3B:D5:F8:AA:E2:65:E5:A5:15:73:FE:61 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a37838b8-524c-4ff8-b517-727be63ea330.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:a040::/48 Signature Algorithm: sha256WithRSAEncryption ca:24:e4:87:9e:50:ca:8e:42:42:e9:53:a5:b3:ba:9f:5c:b9: 5c:48:43:18:8c:05:9e:8f:34:da:2b:00:14:a6:a8:19:d9:30: 9b:1d:6b:10:4e:19:30:1d:71:be:74:54:da:d9:d2:94:01:aa: 47:51:96:a7:1b:0c:ce:c0:0b:d7:d4:a9:ff:11:2f:72:23:df: 5c:bc:ec:7d:84:58:1b:cc:ac:ae:bc:84:04:af:01:72:50:91: d0:04:57:a7:2a:01:05:a7:ca:1a:db:05:a6:cc:6b:99:e5:42: c3:c2:91:37:d9:f8:78:11:c4:9e:5a:33:b9:35:f8:96:d5:21: ce:5f:0e:b1:ea:8b:fe:3d:48:84:3b:4b:32:3a:e4:f8:0f:b8: 5f:c2:4a:1c:f1:f4:1c:04:37:f5:d8:0b:16:5e:43:46:2f:d8: 52:e4:06:03:2d:62:d6:7d:67:89:5d:7d:fa:02:e6:f3:ab:8c: b6:7a:6e:c7:78:57:1f:12:b9:29:3b:ea:78:f6:88:6e:29:7c: f2:2a:92:59:25:47:f0:14:d9:2b:c7:29:33:f0:6b:3f:96:13: 44:5f:ad:9e:10:f5:b4:d1:ec:e8:86:f2:1e:6c:ba:7e:0e:f7: 09:cb:47:6c:f4:29:c0:54:83:24:03:a0:78:12:23:27:f1:a5: 6a:54:8d:7a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUdg8uhhkVGhN+oWfvB0TUzorJflswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyOTA3MzkwNFoX DTI1MTIwMzIzNTk1OVowejFJMEcGA1UEBRNAMWVkN2NhYWE4MTcxZWJjMWMwOWY1 ZTljOTcwMGFiMDAyZGE0YjZmOTdjODRkOWUzYjczMDJiN2QwMWNlYWI1MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA42uLo5LIgLm37YjR0/kOOcmvu12p bi52qd9HyDVKws5hGJHwvDcFWERJ6YGIdybGvzLrpQfU1N98WZsE0gGdBFGmWYLr O0zuRnaS6qIenERsmcjfs2UhbdmRIsJpgXXXGELQF5GM8WXm0h0LSEKv6InJ6Mxy ajKWXwjxM3JufzDD6hhkfln6h5iWllq5uNZUgngkpMdRr4vPTtmPd/CJLIzZ3zku cj8Ga0a8Jvg3qwUBVt9aYQB0DbyS19glmsi8cJzg0aBZ8mcslpus9/VIUDmljQkK EjFHrAldwyQa85taT7ysZ7yWaZwaIOo6B6VVaGvnZK9wNV+x11AcIgHzRwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOZJtufi7RZNO9X4quJl5aUVc/5hMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EzNzgzOGI4LTUyNGMtNGZmOC1iNTE3LTcyN2JlNjNlYTMzMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6qBAMA0GCSqGSIb3DQEBCwUAA4IBAQDKJOSHnlDKjkJC6VOl s7qfXLlcSEMYjAWejzTaKwAUpqgZ2TCbHWsQThkwHXG+dFTa2dKUAapHUZanGwzO wAvX1Kn/ES9yI99cvOx9hFgbzKyuvIQErwFyUJHQBFenKgEFp8oa2wWmzGuZ5ULD wpE32fh4EcSeWjO5NfiW1SHOXw6x6ov+PUiEO0syOuT4D7hfwkoc8fQcBDf12AsW XkNGL9hS5AYDLWLWfWeJXX36Aubzq4y2em7HeFcfErkpO+p49ohuKXzyKpJZJUfw FNkrxykz8Gs/lhNEX62eEPW00ezohvIebLp+DvcJy0ds9CnAVIMkA6B4EiMn8aVq VI16 -----END CERTIFICATE-----Generated at Wed Nov 5 12:57:15 2025 by rpki-client