$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afbc4e29-23b3-4e04-aa3f-746cc9f0d899.roa File: afbc4e29-23b3-4e04-aa3f-746cc9f0d899.roa (raw, json) Hash identifier: vRUoXIHMzu7SWyOBEL6pwi7SpODdHRnzxzpYMdKJqC8= Subject key identifier: 59:0B:25:CB:52:C7:C6:17:B4:85:8D:57:4C:0F:33:35:7B:31:A0:A2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 77E21EBB716644724989FB858CD33A462EFF3722 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afbc4e29-23b3-4e04-aa3f-746cc9f0d899.roa Signing time: Wed 29 Oct 2025 07:37:59 +0000 ROA not before: Wed 29 Oct 2025 07:37:59 +0000 ROA not after: Wed 03 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:48c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:e2:1e:bb:71:66:44:72:49:89:fb:85:8c:d3:3a:46:2e:ff:37:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 29 07:37:59 2025 GMT Not After : Dec 3 23:59:59 2025 GMT Subject: serialNumber=1a5802a826646f1f63cca885ce1d45a3bfc26d29c1e73f203b315a23d45e2a5a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:2f:17:a8:a7:a7:02:ae:eb:0e:06:05:1c:a1: c7:b5:3d:9a:8e:d0:46:3b:9f:ff:bb:97:25:e4:1b: f7:c6:c6:0f:5d:08:82:ef:d0:6c:f6:46:d4:75:71: 62:ba:c2:53:7c:56:c3:d9:dc:a4:2c:e2:ae:f5:7d: e7:a4:eb:9e:a7:d9:44:d5:14:73:44:6e:bf:31:a6: cf:19:6d:a1:03:0c:d8:fe:7d:09:21:24:75:09:0c: 86:71:ea:f8:8d:ca:3f:6e:c1:d1:7c:07:27:04:64: f0:99:74:ae:ff:a9:f8:6a:cc:41:34:7b:a7:f2:c3: 02:41:79:4d:73:4a:43:c5:ad:d0:f3:3d:f8:21:63: df:61:3e:6a:1e:89:0e:76:83:a4:88:95:ee:0a:ed: b9:f6:11:82:b0:5e:ed:48:90:db:88:28:3e:fd:ba: 69:c2:b6:5e:68:eb:56:51:33:f1:db:5d:cb:6a:24: 14:5a:f6:27:45:23:6f:d7:a8:4b:da:03:0a:65:03: a3:ab:72:cb:7b:65:80:d1:ed:9f:31:0d:dd:48:3b: a6:7c:db:75:0d:c7:07:fe:77:12:a6:f0:06:a5:87: 0e:6f:37:9d:65:45:48:b4:92:3e:49:9c:e0:42:72: 7c:bb:00:48:b0:29:1a:e4:11:9a:c6:92:f3:44:dc: f9:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:0B:25:CB:52:C7:C6:17:B4:85:8D:57:4C:0F:33:35:7B:31:A0:A2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afbc4e29-23b3-4e04-aa3f-746cc9f0d899.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:48c0::/48 Signature Algorithm: sha256WithRSAEncryption c7:f6:a6:0f:2d:50:ed:01:c1:3d:73:e6:95:37:20:04:93:df: d4:92:a9:96:65:ba:43:39:b5:c7:ed:d7:78:3d:84:3b:b1:b4: c8:56:70:c0:ec:6b:4c:69:80:ce:20:8d:90:bf:d8:c7:67:19: ce:54:62:d2:81:8d:49:ca:1a:63:b0:07:af:fa:36:cb:be:de: a8:e8:01:13:51:95:5f:4e:39:26:09:18:08:b3:a6:c4:9c:a1: 28:1e:3d:0a:80:4b:72:b4:3f:8f:93:b2:0b:56:dc:30:f9:5f: 17:2c:ec:f0:b8:8c:93:57:b2:61:76:9b:87:1e:d6:1e:0a:d1: 1e:76:1e:a5:42:23:37:4e:1b:49:cb:46:86:ba:84:11:0b:69: a1:98:b8:f1:3f:86:2a:d1:68:c3:0d:dd:4a:b7:ff:53:fd:9a: d1:2d:6b:fc:a4:c5:03:5e:90:ef:1a:75:28:5e:a6:c2:18:22: c7:0c:9e:03:b8:c0:a6:ef:68:1d:bc:75:c2:e6:87:5c:ac:93: a8:2f:57:17:46:ff:76:ef:8a:aa:32:69:d8:89:fa:e8:eb:6e: 9f:e4:f3:63:f6:1a:ec:ce:34:62:5d:eb:9d:a8:fb:20:c5:d0: 2a:8f:46:a0:d2:0f:31:b5:28:07:28:21:26:6a:74:15:58:d1: ca:0b:fd:53 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUd+Ieu3FmRHJJifuFjNM6Ri7/NyIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyOTA3Mzc1OVoX DTI1MTIwMzIzNTk1OVowejFJMEcGA1UEBRNAMWE1ODAyYTgyNjY0NmYxZjYzY2Nh ODg1Y2UxZDQ1YTNiZmMyNmQyOWMxZTczZjIwM2IzMTVhMjNkNDVlMmE1YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApC8XqKenAq7rDgYFHKHHtT2ajtBG O5//u5cl5Bv3xsYPXQiC79Bs9kbUdXFiusJTfFbD2dykLOKu9X3npOuep9lE1RRz RG6/MabPGW2hAwzY/n0JISR1CQyGcer4jco/bsHRfAcnBGTwmXSu/6n4asxBNHun 8sMCQXlNc0pDxa3Q8z34IWPfYT5qHokOdoOkiJXuCu259hGCsF7tSJDbiCg+/bpp wrZeaOtWUTPx213LaiQUWvYnRSNv16hL2gMKZQOjq3LLe2WA0e2fMQ3dSDumfNt1 DccH/ncSpvAGpYcObzedZUVItJI+SZzgQnJ8uwBIsCka5BGaxpLzRNz5rQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFkLJctSx8YXtIWNV0wPMzV7MaCiMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FmYmM0ZTI5LTIzYjMtNGUwNC1hYTNmLTc0NmNjOWYwZDg5OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6kjAMA0GCSqGSIb3DQEBCwUAA4IBAQDH9qYPLVDtAcE9c+aV NyAEk9/UkqmWZbpDObXH7dd4PYQ7sbTIVnDA7GtMaYDOII2Qv9jHZxnOVGLSgY1J yhpjsAev+jbLvt6o6AETUZVfTjkmCRgIs6bEnKEoHj0KgEtytD+Pk7ILVtww+V8X LOzwuIyTV7JhdpuHHtYeCtEedh6lQiM3ThtJy0aGuoQRC2mhmLjxP4Yq0WjDDd1K t/9T/ZrRLWv8pMUDXpDvGnUoXqbCGCLHDJ4DuMCm72gdvHXC5odcrJOoL1cXRv92 74qqMmnYifro626f5PNj9hrszjRiXeudqPsgxdAqj0ag0g8xtSgHKCEmanQVWNHK C/1T -----END CERTIFICATE-----Generated at Wed Nov 5 05:34:48 2025 by rpki-client