$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c40c7106-86b6-4b59-9dc1-1003f0bf118e.roa File: c40c7106-86b6-4b59-9dc1-1003f0bf118e.roa (raw, json) Hash identifier: D3E3e7P6rzxK4yqThrux5gFI5FbjoU6minZsqyXf5kk= Subject key identifier: F2:CF:FB:44:AC:C3:B1:9A:8A:35:FD:10:08:CA:CC:EE:42:45:43:01 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 37DC586362C9755ED274F6C86EEF1AA1EAF4A97B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c40c7106-86b6-4b59-9dc1-1003f0bf118e.roa Signing time: Fri 24 Oct 2025 00:00:26 +0000 ROA not before: Fri 24 Oct 2025 00:00:26 +0000 ROA not after: Fri 28 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:a0c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:dc:58:63:62:c9:75:5e:d2:74:f6:c8:6e:ef:1a:a1:ea:f4:a9:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 24 00:00:26 2025 GMT Not After : Nov 28 23:59:59 2025 GMT Subject: serialNumber=d5cfd003c347d3e6573a70eb554ab8a3855c771037b3d7ee10e02a57e1565947, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:86:7e:40:e7:b0:5f:c1:35:5f:5f:86:40:9c: d9:fb:f5:31:b6:fa:c7:c0:73:b8:e9:c7:f8:38:13: 1a:8e:a2:dc:21:0c:b3:17:65:ee:d1:38:7e:cf:9b: 1c:03:78:ec:4f:85:f9:39:d3:b2:6d:8d:c4:1f:e4: 89:ee:13:a8:60:02:bb:48:a2:a3:bb:92:9a:06:7b: 40:bf:29:18:d1:15:98:7d:f7:a6:af:78:0b:86:4a: 37:cf:6c:1b:96:9b:18:01:e8:a7:c6:06:73:19:ad: 14:66:35:5b:43:8d:65:b0:69:85:6b:9c:fa:e9:19: 6a:39:78:88:d9:c6:b0:b3:a2:5a:47:1a:07:5c:49: 6d:0b:05:93:9c:cf:70:b2:b1:2d:2d:bb:60:ac:79: 1f:f4:af:6b:3a:ad:b5:f8:c3:07:72:e1:f7:a1:a0: 4c:4a:b1:7c:42:73:86:22:d7:97:d7:40:37:66:3f: d0:79:62:a8:ea:56:ee:ea:45:09:b3:45:6f:1d:11: f8:fc:55:00:2f:94:ca:9d:db:c9:bc:ee:58:2a:33: d2:34:44:a9:9f:b8:e6:79:64:4b:1e:98:71:c8:83: dc:1f:d7:90:22:13:42:f2:77:94:46:2a:33:c4:8b: a0:d8:68:30:68:45:e8:3d:9a:c5:8c:51:12:d0:3e: 03:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:CF:FB:44:AC:C3:B1:9A:8A:35:FD:10:08:CA:CC:EE:42:45:43:01 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c40c7106-86b6-4b59-9dc1-1003f0bf118e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:a0c0::/46 Signature Algorithm: sha256WithRSAEncryption 2d:5b:16:67:ab:fb:9d:98:43:fe:ce:d9:18:92:49:24:f5:bf: 2a:e8:a5:24:1b:af:1d:41:89:b3:8e:91:8b:52:e3:23:cc:da: b8:bb:85:ab:5f:c9:85:1c:e5:88:48:23:53:0a:7f:1f:3a:53: 21:bc:eb:d6:4e:6c:84:82:4c:9b:65:59:bf:d5:ed:ae:66:6f: ae:63:5d:45:99:37:a5:45:ee:8f:a5:8b:16:82:ba:04:b2:cc: c8:d6:09:50:e4:af:84:fe:84:ea:4a:53:a8:79:b6:09:f0:20: 33:43:62:9b:dd:e0:42:a5:99:99:9b:1c:bf:42:3a:70:b7:14: 77:a2:40:24:d2:25:83:83:dc:ed:02:2e:d1:d4:85:0b:c6:ba: 31:30:7e:1d:32:aa:74:b9:fc:c4:36:70:05:c5:54:cb:32:e9: a1:02:9a:da:72:f2:c2:e8:2f:c4:db:9d:f6:cc:56:5b:0c:65: 69:3b:3a:14:79:df:e2:9c:16:a9:ee:7e:ca:6d:b4:d8:0b:c5: 77:e3:31:91:40:d1:f9:57:35:02:e9:bb:7f:96:66:f7:eb:e5: a3:ed:39:24:0e:f5:b3:7c:42:c9:68:51:1f:df:5b:a6:cc:84: ed:46:d9:53:b3:ac:14:d2:7d:51:da:98:38:2f:df:c1:9b:5e: 20:60:e6:d4 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUN9xYY2LJdV7SdPbIbu8aoer0qXswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyNDAwMDAyNloX DTI1MTEyODIzNTk1OVowejFJMEcGA1UEBRNAZDVjZmQwMDNjMzQ3ZDNlNjU3M2E3 MGViNTU0YWI4YTM4NTVjNzcxMDM3YjNkN2VlMTBlMDJhNTdlMTU2NTk0NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYZ+QOewX8E1X1+GQJzZ+/UxtvrH wHO46cf4OBMajqLcIQyzF2Xu0Th+z5scA3jsT4X5OdOybY3EH+SJ7hOoYAK7SKKj u5KaBntAvykY0RWYffemr3gLhko3z2wblpsYAeinxgZzGa0UZjVbQ41lsGmFa5z6 6RlqOXiI2caws6JaRxoHXEltCwWTnM9wsrEtLbtgrHkf9K9rOq21+MMHcuH3oaBM SrF8QnOGIteX10A3Zj/QeWKo6lbu6kUJs0VvHRH4/FUAL5TKndvJvO5YKjPSNESp n7jmeWRLHphxyIPcH9eQIhNC8neURiozxIug2GgwaEXoPZrFjFES0D4DAQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPLP+0Ssw7GaijX9EAjKzO5CRUMBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M0MGM3MTA2LTg2YjYtNGI1OS05ZGMxLTEwMDNmMGJmMTE4ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAbaaKDAMA0GCSqGSIb3DQEBCwUAA4IBAQAtWxZnq/udmEP+ztkY kkkk9b8q6KUkG68dQYmzjpGLUuMjzNq4u4WrX8mFHOWISCNTCn8fOlMhvOvWTmyE gkybZVm/1e2uZm+uY11FmTelRe6PpYsWgroEsszI1glQ5K+E/oTqSlOoebYJ8CAz Q2Kb3eBCpZmZmxy/QjpwtxR3okAk0iWDg9ztAi7R1IULxroxMH4dMqp0ufzENnAF xVTLMumhApracvLC6C/E2532zFZbDGVpOzoUed/inBap7n7KbbTYC8V34zGRQNH5 VzUC6bt/lmb36+Wj7TkkDvWzfELJaFEf31umzITtRtlTs6wU0n1R2pg4L9/Bm14g YObU -----END CERTIFICATE-----Generated at Wed Nov 5 05:36:15 2025 by rpki-client