$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0716d05-e421-4b76-b3d0-5a92c5c93094.roa File: d0716d05-e421-4b76-b3d0-5a92c5c93094.roa (raw, json) Hash identifier: N4+Gm2TrDjSUNJUVA2bTMbV9yFIAN21SWyir2Q/sgW4= Subject key identifier: 56:21:04:08:C9:4C:35:67:04:0F:A2:B9:59:32:14:E5:39:25:E8:22 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 772248797D35FCE0CC380AB1CC62A537479E50E2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0716d05-e421-4b76-b3d0-5a92c5c93094.roa Signing time: Wed 05 Nov 2025 00:00:47 +0000 ROA not before: Wed 05 Nov 2025 00:00:47 +0000 ROA not after: Wed 10 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:70c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:22:48:79:7d:35:fc:e0:cc:38:0a:b1:cc:62:a5:37:47:9e:50:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 5 00:00:47 2025 GMT Not After : Dec 10 23:59:59 2025 GMT Subject: serialNumber=169872964e8c7c7d177721ea6984b78bd2782a967145b97346cd8620dfd7f7fd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:0e:e8:99:a5:3d:51:a5:73:7d:ec:5b:8b:56: 32:41:ba:bd:06:5e:d3:3e:73:66:f5:a0:34:fe:64: bb:2d:a3:f8:16:3e:b0:5d:8b:ed:ab:e3:98:58:e8: 4f:aa:83:ee:e4:a3:c8:c8:2d:97:9e:42:5b:24:0c: 78:bd:5a:62:22:08:51:c2:12:9f:b3:e1:dd:7c:c9: 6b:09:34:23:64:5f:96:9a:c5:fa:3b:5c:67:5d:3b: 0b:3f:39:af:1c:ca:c9:cc:63:ca:9b:18:f7:01:6e: 6c:ac:65:34:78:02:d5:ad:40:09:5a:78:a9:9b:60: d1:e7:fd:07:db:27:6c:df:bc:05:ac:2d:44:9b:41: 72:79:66:8e:bc:e7:f8:7d:a2:8c:1b:5b:86:ea:b4: 14:7d:da:f8:35:10:2d:63:69:50:41:49:ef:48:7b: 41:f0:81:72:89:ef:0d:4b:30:78:11:12:46:d2:da: 05:fd:fc:81:1f:9f:21:00:c3:07:3e:76:25:8c:c7: cd:58:62:e8:7f:4e:aa:d0:e8:8e:37:ad:9e:a3:67: 13:a3:24:91:9f:68:e6:df:0c:72:80:e9:6a:ec:ef: 74:87:d6:a8:68:ac:4a:be:02:eb:7d:58:f9:46:b3: 15:76:b1:de:6d:61:e6:0d:ca:eb:f2:ea:9c:63:3e: d1:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:21:04:08:C9:4C:35:67:04:0F:A2:B9:59:32:14:E5:39:25:E8:22 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0716d05-e421-4b76-b3d0-5a92c5c93094.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:70c0::/48 Signature Algorithm: sha256WithRSAEncryption 78:a0:7b:b7:ba:02:1c:31:aa:4b:0f:eb:fd:94:67:a0:76:61: 8c:7e:df:40:63:bd:c9:d9:2a:f2:69:31:c2:8c:f1:cd:a4:aa: af:e9:9c:73:96:a7:a5:1c:95:85:4c:b7:2b:85:21:fd:3a:2d: ef:52:1a:44:6c:3b:06:3b:aa:5b:f0:50:62:3a:79:b5:99:0f: e9:3d:35:f3:ec:43:29:3a:8c:3c:4f:7e:49:9a:71:91:4b:cc: ce:68:d1:ad:16:61:80:f3:50:f7:4f:7c:a6:7c:39:d7:57:47: 78:a0:8a:87:36:5b:17:ad:a9:44:ed:ab:c3:1e:cb:ba:47:d8: e7:e6:0b:e8:a3:6e:59:6a:3b:cf:82:7f:46:1a:7c:9d:d7:53: 20:fc:17:a1:7a:17:d7:53:e3:e8:4d:3a:82:83:a1:08:a9:4f: 25:6f:82:f5:60:35:7b:09:af:55:7f:9f:6c:63:f5:8d:5f:96: 2e:4d:6e:2d:82:db:cd:5f:43:64:24:e1:d0:61:ae:b2:3a:15: 90:95:80:14:7f:47:5a:a1:c7:71:47:d6:cd:27:3d:93:60:25: 31:23:ac:ec:55:5a:bf:8d:64:8c:eb:d1:68:51:a1:08:e1:dc: c0:e9:a7:37:2d:46:af:7d:97:55:1b:bc:31:e5:d4:5d:19:f2: 81:df:87:cd -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUdyJIeX01/ODMOAqxzGKlN0eeUOIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNTAwMDA0N1oX DTI1MTIxMDIzNTk1OVowejFJMEcGA1UEBRNAMTY5ODcyOTY0ZThjN2M3ZDE3Nzcy MWVhNjk4NGI3OGJkMjc4MmE5NjcxNDViOTczNDZjZDg2MjBkZmQ3ZjdmZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvg7omaU9UaVzfexbi1YyQbq9Bl7T PnNm9aA0/mS7LaP4Fj6wXYvtq+OYWOhPqoPu5KPIyC2XnkJbJAx4vVpiIghRwhKf s+HdfMlrCTQjZF+WmsX6O1xnXTsLPzmvHMrJzGPKmxj3AW5srGU0eALVrUAJWnip m2DR5/0H2yds37wFrC1Em0FyeWaOvOf4faKMG1uG6rQUfdr4NRAtY2lQQUnvSHtB 8IFyie8NSzB4ERJG0toF/fyBH58hAMMHPnYljMfNWGLof06q0OiON62eo2cToySR n2jm3wxygOlq7O90h9aoaKxKvgLrfVj5RrMVdrHebWHmDcrr8uqcYz7RLQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFYhBAjJTDVnBA+iuVkyFOU5JegiMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QwNzE2ZDA1LWU0MjEtNGI3Ni1iM2QwLTVhOTJjNWM5MzA5NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/3DAMA0GCSqGSIb3DQEBCwUAA4IBAQB4oHu3ugIcMapLD+v9 lGegdmGMft9AY73J2SryaTHCjPHNpKqv6ZxzlqelHJWFTLcrhSH9Oi3vUhpEbDsG O6pb8FBiOnm1mQ/pPTXz7EMpOow8T35JmnGRS8zOaNGtFmGA81D3T3ymfDnXV0d4 oIqHNlsXralE7avDHsu6R9jn5gvoo25ZajvPgn9GGnyd11Mg/BehehfXU+PoTTqC g6EIqU8lb4L1YDV7Ca9Vf59sY/WNX5YuTW4tgtvNX0NkJOHQYa6yOhWQlYAUf0da ocdxR9bNJz2TYCUxI6zsVVq/jWSM69FoUaEI4dzA6ac3LUavfZdVG7wx5dRdGfKB 34fN -----END CERTIFICATE-----Generated at Wed Nov 5 07:44:26 2025 by rpki-client