$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c9433fe9-a966-4fae-87f4-03367d6b18b4.roa File: c9433fe9-a966-4fae-87f4-03367d6b18b4.roa (raw, json) Hash identifier: B9khId8qCJKIhQogk4rH0f/X6xjyyVech5yDoaY5rqQ= Subject key identifier: CA:62:E2:C5:30:41:A1:AF:FA:3D:68:11:41:15:29:8C:28:61:B5:D3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 20A476F0C06E4897ECA17535B6A9F1B6D1817D97 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c9433fe9-a966-4fae-87f4-03367d6b18b4.roa Signing time: Wed 05 Nov 2025 00:10:05 +0000 ROA not before: Wed 05 Nov 2025 00:10:05 +0000 ROA not after: Wed 10 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:2080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:a4:76:f0:c0:6e:48:97:ec:a1:75:35:b6:a9:f1:b6:d1:81:7d:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 5 00:10:05 2025 GMT Not After : Dec 10 23:59:59 2025 GMT Subject: serialNumber=df3085c04b05c23bdfcda2d9244e69c8e1bfe3088eab8499d1451057c14d5d48, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:a7:e5:19:7c:26:8c:b2:45:0a:05:7b:0e:04: 2a:fe:f7:78:2c:86:f2:a0:a5:d3:55:4f:69:5c:a4: 7e:4e:b3:81:5d:9d:e1:fd:ab:dd:b3:96:59:11:b9: 1e:fe:b2:25:25:86:c8:d7:e2:9a:a8:16:e7:2c:88: ea:db:67:b4:22:04:a1:e3:64:24:f4:4a:d6:a0:75: c7:d8:1e:8f:a4:b4:1e:ce:a9:e3:93:8b:22:7a:fc: b4:42:41:c9:59:f7:43:ff:9f:e9:45:1a:81:ed:f4: 60:ee:58:14:c6:53:e4:b0:bb:bd:40:b2:f8:46:bf: 07:dd:07:68:bb:2b:6b:aa:c8:5b:be:e0:8c:74:11: 21:d1:7a:5f:30:9e:bf:71:7b:54:71:7a:2a:92:4c: bb:3d:5b:bd:61:3d:ea:18:cb:bd:e7:4c:0a:af:16: a5:8d:69:8f:df:85:1c:30:63:df:28:28:83:34:ba: f3:7f:b6:24:88:2f:4a:95:d6:bc:28:74:54:08:8b: 51:b0:40:8e:95:47:7a:08:5e:32:3f:8d:c9:6f:a2: 14:ed:df:a9:b8:93:b9:fe:ec:40:ad:ed:44:b2:6b: b3:e0:4a:7c:a0:31:53:ca:a9:00:dc:4e:7e:4c:3b: 29:cd:8f:2b:87:92:ef:35:5f:62:5b:66:c4:eb:a5: af:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:62:E2:C5:30:41:A1:AF:FA:3D:68:11:41:15:29:8C:28:61:B5:D3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c9433fe9-a966-4fae-87f4-03367d6b18b4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:2080::/48 Signature Algorithm: sha256WithRSAEncryption 08:69:3b:47:0a:b6:74:e4:4d:f9:9a:84:02:66:b2:99:74:59: a5:4c:fa:dc:00:78:7a:03:b0:d0:aa:80:2b:dc:2b:27:9d:56: f5:0e:6e:e2:d4:de:0d:86:40:3c:5a:20:94:9a:66:2f:1c:88: c8:48:af:dd:9d:1c:6c:b7:40:7c:25:ff:e1:35:77:f3:c2:e8: 46:d3:11:77:1c:a4:65:02:86:19:9e:00:8d:b0:d3:b7:19:a5: f9:7c:3f:3f:d2:b2:ee:47:8c:b9:33:61:e9:6e:51:73:1d:34: 2c:3b:f8:be:e4:ae:7e:61:6f:6a:ee:99:14:4d:0d:e4:2c:66: 1e:6c:46:a6:52:a2:0a:18:eb:de:ab:0e:5e:37:59:5c:7f:21: fd:c8:1a:5b:83:90:57:d3:bb:48:c9:7f:a9:04:5d:a5:70:62: 6e:a6:81:50:05:1e:26:e6:d7:86:f8:26:89:05:0d:20:bb:db: fd:00:97:e5:74:68:75:9b:5c:af:5e:28:05:40:4f:ec:e8:a0: 7f:55:27:b4:16:a1:b8:f5:5e:aa:04:04:27:d5:07:07:e5:50: 0d:39:c5:8d:6a:a6:23:7c:58:67:19:91:92:c5:99:ac:87:f7: 5c:97:c1:48:5a:4a:f4:54:71:13:be:63:62:91:88:85:1d:55: d9:34:b3:b4 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUIKR28MBuSJfsoXU1tqnxttGBfZcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNTAwMTAwNVoX DTI1MTIxMDIzNTk1OVowejFJMEcGA1UEBRNAZGYzMDg1YzA0YjA1YzIzYmRmY2Rh MmQ5MjQ0ZTY5YzhlMWJmZTMwODhlYWI4NDk5ZDE0NTEwNTdjMTRkNWQ0ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7aflGXwmjLJFCgV7DgQq/vd4LIby oKXTVU9pXKR+TrOBXZ3h/avds5ZZEbke/rIlJYbI1+KaqBbnLIjq22e0IgSh42Qk 9ErWoHXH2B6PpLQezqnjk4sievy0QkHJWfdD/5/pRRqB7fRg7lgUxlPksLu9QLL4 Rr8H3QdouytrqshbvuCMdBEh0XpfMJ6/cXtUcXoqkky7PVu9YT3qGMu950wKrxal jWmP34UcMGPfKCiDNLrzf7YkiC9Klda8KHRUCItRsECOlUd6CF4yP43Jb6IU7d+p uJO5/uxAre1Esmuz4Ep8oDFTyqkA3E5+TDspzY8rh5LvNV9iW2bE66WvcwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMpi4sUwQaGv+j1oEUEVKYwoYbXTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M5NDMzZmU5LWE5NjYtNGZhZS04N2Y0LTAzMzY3ZDZiMThiNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYSCAMA0GCSqGSIb3DQEBCwUAA4IBAQAIaTtHCrZ05E35moQC ZrKZdFmlTPrcAHh6A7DQqoAr3CsnnVb1Dm7i1N4NhkA8WiCUmmYvHIjISK/dnRxs t0B8Jf/hNXfzwuhG0xF3HKRlAoYZngCNsNO3GaX5fD8/0rLuR4y5M2HpblFzHTQs O/i+5K5+YW9q7pkUTQ3kLGYebEamUqIKGOveqw5eN1lcfyH9yBpbg5BX07tIyX+p BF2lcGJupoFQBR4m5teG+CaJBQ0gu9v9AJfldGh1m1yvXigFQE/s6KB/VSe0FqG4 9V6qBAQn1QcH5VANOcWNaqYjfFhnGZGSxZmsh/dcl8FIWkr0VHETvmNikYiFHVXZ NLO0 -----END CERTIFICATE-----Generated at Wed Nov 5 09:49:27 2025 by rpki-client