$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b834337f-a753-44b7-be9e-389ab2d2acad.roa File: b834337f-a753-44b7-be9e-389ab2d2acad.roa (raw, json) Hash identifier: sO83GmDXL7ivVhlnww1i3XW7e0wtmuUsBm69RdyrSBo= Subject key identifier: 6D:40:73:39:C4:EE:30:A9:2C:59:27:CB:56:9B:9F:3E:F0:D5:ED:B4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4BC275BC14C62DC7F97D308E41E1E25572A8AFEB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b834337f-a753-44b7-be9e-389ab2d2acad.roa Signing time: Wed 29 Oct 2025 00:00:26 +0000 ROA not before: Wed 29 Oct 2025 00:00:26 +0000 ROA not after: Wed 03 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:c2:75:bc:14:c6:2d:c7:f9:7d:30:8e:41:e1:e2:55:72:a8:af:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 29 00:00:26 2025 GMT Not After : Dec 3 23:59:59 2025 GMT Subject: serialNumber=c127eb85a367588e500f1579791a0fc79339ea0ad2ae15284dfc4eb391274c9f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:7e:5d:24:54:b5:fe:84:e2:00:b6:8d:83:ee: 93:49:db:e0:b5:e5:05:27:ab:35:49:b7:98:9a:c2: 2c:b2:a9:65:51:41:4a:55:f6:96:2a:8a:cf:e4:e4: c7:f1:e4:1a:12:95:a7:54:6b:7e:50:1e:b3:9f:06: 8e:cd:46:dd:39:25:9d:62:16:38:94:95:63:50:f2: 85:c2:5b:f9:1e:64:e6:1e:db:75:fc:4a:e5:16:e8: b6:02:22:a5:c6:c2:36:c8:b3:d0:b4:06:a5:e0:5f: e9:74:c0:4b:98:3f:b6:08:2b:f7:c5:00:50:83:60: c7:8f:08:41:7a:9c:15:19:33:6c:e3:3c:da:2a:97: 8f:d3:27:de:8d:a6:9e:57:ea:dc:c3:13:eb:c4:fd: ff:d9:b9:ab:a5:9f:38:da:a8:21:66:56:6f:15:62: 60:0f:dd:ac:54:64:de:26:dd:d8:f6:d1:42:df:b3: 84:b2:0c:ac:ae:5c:9f:00:c2:9b:7f:81:fe:78:11: 72:3d:0d:74:fb:d8:e7:d2:f3:4d:80:9e:f1:ee:46: ee:43:c0:ae:4f:e3:40:5b:af:32:65:9c:77:f2:2c: 86:ed:71:d6:52:fa:2e:0f:c2:66:e1:ca:a5:2b:c8: c6:84:3a:7c:26:4b:15:bd:71:5b:39:f6:e9:97:8d: 20:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:40:73:39:C4:EE:30:A9:2C:59:27:CB:56:9B:9F:3E:F0:D5:ED:B4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b834337f-a753-44b7-be9e-389ab2d2acad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:a000::/40 Signature Algorithm: sha256WithRSAEncryption 95:17:c9:fb:12:98:19:03:a0:d7:29:b0:ff:6a:bb:c8:06:32: a6:b3:30:8e:2d:b3:10:fe:e4:b9:5c:be:0f:16:ae:71:f1:33: 4d:c1:1e:fc:30:89:26:41:5d:9a:d6:44:77:60:9e:90:22:08: 31:8f:94:cb:04:72:38:aa:29:e1:08:05:13:61:1f:ad:13:ee: 56:54:ce:d8:5c:61:26:55:42:89:f5:36:fd:48:10:50:ff:1d: b3:1e:c5:66:a1:50:c8:09:e2:8f:0f:3d:14:4d:e0:8a:36:92: e4:7a:6b:98:12:24:02:03:18:4f:8e:43:db:2f:94:33:8e:9c: 3f:39:b5:09:8e:5d:4a:97:5e:b4:f7:b4:37:63:fa:5a:7a:84: e3:14:74:25:a5:78:bb:82:8f:d6:34:15:08:8a:d2:ab:e1:5d: 5b:5d:1d:4a:17:fd:72:aa:25:37:ef:4f:d0:bd:2d:c4:59:e6: 35:0e:0c:6d:07:3c:1d:68:75:b8:60:2c:aa:bc:3c:44:5f:a0: 7b:58:1c:69:8a:2b:a7:db:15:d3:a4:2f:bc:a4:21:84:2f:51: 7b:7e:bf:42:20:f8:54:c2:b8:28:c5:04:54:61:74:b5:1b:f8: 0d:0b:9a:c9:7b:b9:f0:d3:2d:32:56:00:1b:4b:5a:82:8b:6e: 89:79:ef:e9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUS8J1vBTGLcf5fTCOQeHiVXKor+swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyOTAwMDAyNloX DTI1MTIwMzIzNTk1OVowejFJMEcGA1UEBRNAYzEyN2ViODVhMzY3NTg4ZTUwMGYx NTc5NzkxYTBmYzc5MzM5ZWEwYWQyYWUxNTI4NGRmYzRlYjM5MTI3NGM5ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyH5dJFS1/oTiALaNg+6TSdvgteUF J6s1SbeYmsIssqllUUFKVfaWKorP5OTH8eQaEpWnVGt+UB6znwaOzUbdOSWdYhY4 lJVjUPKFwlv5HmTmHtt1/ErlFui2AiKlxsI2yLPQtAal4F/pdMBLmD+2CCv3xQBQ g2DHjwhBepwVGTNs4zzaKpeP0yfejaaeV+rcwxPrxP3/2bmrpZ842qghZlZvFWJg D92sVGTeJt3Y9tFC37OEsgysrlyfAMKbf4H+eBFyPQ10+9jn0vNNgJ7x7kbuQ8Cu T+NAW68yZZx38iyG7XHWUvouD8Jm4cqlK8jGhDp8JksVvXFbOfbpl40gwwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG1AcznE7jCpLFkny1abnz7w1e20MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I4MzQzMzdmLWE3NTMtNDRiNy1iZTllLTM4OWFiMmQyYWNhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba86AwDQYJKoZIhvcNAQELBQADggEBAJUXyfsSmBkDoNcpsP9q u8gGMqazMI4tsxD+5Llcvg8WrnHxM03BHvwwiSZBXZrWRHdgnpAiCDGPlMsEcjiq KeEIBRNhH60T7lZUzthcYSZVQon1Nv1IEFD/HbMexWahUMgJ4o8PPRRN4Io2kuR6 a5gSJAIDGE+OQ9svlDOOnD85tQmOXUqXXrT3tDdj+lp6hOMUdCWleLuCj9Y0FQiK 0qvhXVtdHUoX/XKqJTfvT9C9LcRZ5jUODG0HPB1odbhgLKq8PERfoHtYHGmKK6fb FdOkL7ykIYQvUXt+v0Ig+FTCuCjFBFRhdLUb+A0Lmsl7ufDTLTJWABtLWoKLbol5 7+k= -----END CERTIFICATE-----Generated at Wed Nov 5 12:55:30 2025 by rpki-client