$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa File: bffbf7d3-f229-458a-8400-7dc848730d21.roa (raw, json) Hash identifier: AkD6g3agaw0KSePme8BvF/atV53T44L8hqBUNcSS/KA= Subject key identifier: 19:A5:8B:28:8F:0B:E3:A5:3F:4B:B8:60:15:25:F1:B1:74:F0:78:32 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 040683E7336CEB4F1B4132FE70A263844B604926 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa Signing time: Wed 05 Nov 2025 00:01:05 +0000 ROA not before: Wed 05 Nov 2025 00:01:05 +0000 ROA not after: Wed 10 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:c080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:06:83:e7:33:6c:eb:4f:1b:41:32:fe:70:a2:63:84:4b:60:49:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 5 00:01:05 2025 GMT Not After : Dec 10 23:59:59 2025 GMT Subject: serialNumber=e41e7fb7c23924bb624a6544fbd5247df88b65f75a59a9bf8782dd01e27eced8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:cb:5f:82:10:3f:4d:f7:0f:a4:65:63:b4:18: 98:52:ac:9e:03:4b:b7:1b:88:79:4f:99:1c:1c:ab: da:0a:0a:0d:3d:03:d0:fc:70:51:88:fa:bf:8a:25: b8:d9:0d:0a:9f:ae:1a:e4:c1:6f:76:63:1a:c8:13: ef:41:c1:d2:7f:e0:40:41:31:ed:93:43:d8:5a:6c: 12:f6:8d:73:0f:1e:c7:53:c3:5e:91:f3:f0:1a:87: 89:0e:0b:06:23:e1:4e:24:18:79:8c:23:fd:be:d2: 13:ba:37:72:4e:b5:ae:7e:78:b2:e5:4e:94:37:7e: 6c:a7:69:80:99:bd:45:76:b3:f2:7c:e4:87:b8:f4: 84:54:40:b4:a2:01:70:46:ca:34:b8:3e:72:8b:38: 31:bd:87:4c:ee:2a:a4:fe:f3:bd:04:09:fc:65:ad: 31:ca:3b:43:bf:2a:df:6e:87:11:ff:22:f7:67:b0: 49:ce:b2:90:eb:3b:b1:16:18:b7:03:95:9f:83:12: 65:45:b6:35:16:e9:f1:3a:35:bf:b4:6f:6b:12:6d: 21:ac:bb:5e:d1:ae:9e:b0:ef:b2:c2:2d:5f:a6:3e: 40:d4:41:53:ad:65:d7:01:00:3a:33:5e:24:d0:e5: 19:e1:a7:89:5c:62:42:cc:98:5f:96:bf:6c:2b:bb: 91:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:A5:8B:28:8F:0B:E3:A5:3F:4B:B8:60:15:25:F1:B1:74:F0:78:32 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:c080::/48 Signature Algorithm: sha256WithRSAEncryption 9b:67:ad:f2:bd:b2:b9:c5:21:0c:a9:ca:c3:55:43:eb:11:1e: 75:64:c6:4a:80:e4:7b:bf:bc:9e:82:a1:f8:e7:b1:fa:79:c3: 3f:d9:18:3a:64:d7:4d:f8:da:55:51:fa:92:99:ce:c3:ec:d6: b6:40:2a:6b:a5:27:62:95:9d:f3:5a:7b:2c:15:8d:9a:60:30: df:e0:eb:07:a2:64:8a:98:e3:73:f7:ee:22:71:04:45:d3:51: 10:c2:6c:bd:1c:48:d6:48:cb:d2:8b:d2:36:60:a1:b5:40:43: c8:bc:4f:13:7d:cb:18:5b:26:55:83:7b:26:92:61:46:b1:9c: b6:78:37:c0:79:ad:68:1b:70:7b:c1:42:3a:a9:73:16:d4:fd: 87:6e:03:83:7a:52:08:aa:24:1e:2f:01:9c:37:ee:04:3b:96: f0:a8:02:d4:8c:00:ce:9a:18:c2:ea:a2:08:80:47:e7:6d:f0: 36:1b:54:5f:2a:59:b3:25:5d:df:32:61:d5:a1:f0:7e:63:1b: f7:be:14:d3:75:42:ea:f4:03:56:4e:93:2d:5b:c5:5c:5a:cf: e8:7b:92:2d:b0:3c:72:cc:e3:10:43:8b:53:4c:b7:b0:92:32: 9f:e7:2d:8d:73:c9:26:19:73:11:c7:99:a0:b7:ff:c5:35:7a: cb:a9:7a:f0 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUBAaD5zNs608bQTL+cKJjhEtgSSYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNTAwMDEwNVoX DTI1MTIxMDIzNTk1OVowejFJMEcGA1UEBRNAZTQxZTdmYjdjMjM5MjRiYjYyNGE2 NTQ0ZmJkNTI0N2RmODhiNjVmNzVhNTlhOWJmODc4MmRkMDFlMjdlY2VkODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8tfghA/TfcPpGVjtBiYUqyeA0u3 G4h5T5kcHKvaCgoNPQPQ/HBRiPq/iiW42Q0Kn64a5MFvdmMayBPvQcHSf+BAQTHt k0PYWmwS9o1zDx7HU8NekfPwGoeJDgsGI+FOJBh5jCP9vtITujdyTrWufniy5U6U N35sp2mAmb1FdrPyfOSHuPSEVEC0ogFwRso0uD5yizgxvYdM7iqk/vO9BAn8Za0x yjtDvyrfbocR/yL3Z7BJzrKQ6zuxFhi3A5WfgxJlRbY1FunxOjW/tG9rEm0hrLte 0a6esO+ywi1fpj5A1EFTrWXXAQA6M14k0OUZ4aeJXGJCzJhflr9sK7uRJwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBmliyiPC+OlP0u4YBUl8bF08HgyMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JmZmJmN2QzLWYyMjktNDU4YS04NDAwLTdkYzg0ODczMGQyMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8sCAMA0GCSqGSIb3DQEBCwUAA4IBAQCbZ63yvbK5xSEMqcrD VUPrER51ZMZKgOR7v7yegqH457H6ecM/2Rg6ZNdN+NpVUfqSmc7D7Na2QCprpSdi lZ3zWnssFY2aYDDf4OsHomSKmONz9+4icQRF01EQwmy9HEjWSMvSi9I2YKG1QEPI vE8TfcsYWyZVg3smkmFGsZy2eDfAea1oG3B7wUI6qXMW1P2HbgODelIIqiQeLwGc N+4EO5bwqALUjADOmhjC6qIIgEfnbfA2G1RfKlmzJV3fMmHVofB+Yxv3vhTTdULq 9ANWTpMtW8VcWs/oe5ItsDxyzOMQQ4tTTLewkjKf5y2Nc8kmGXMRx5mgt//FNXrL qXrw -----END CERTIFICATE-----Generated at Wed Nov 5 05:48:29 2025 by rpki-client