$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/df283100-6f05-4533-89fd-648b23de2ce4.roa File: df283100-6f05-4533-89fd-648b23de2ce4.roa (raw, json) Hash identifier: xWfkiBju8iWgdTCPwduTDc3LMhdGrONHqrhAwKbbR+A= Subject key identifier: 88:15:FE:09:2C:0C:F3:7F:8A:64:22:47:59:F8:E7:46:67:B4:0C:2C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5EB7E83ADFAA73A8FDAA4F212A1C5ED10628DE87 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/df283100-6f05-4533-89fd-648b23de2ce4.roa Signing time: Fri 31 Oct 2025 00:00:21 +0000 ROA not before: Fri 31 Oct 2025 00:00:21 +0000 ROA not after: Fri 05 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da25::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:b7:e8:3a:df:aa:73:a8:fd:aa:4f:21:2a:1c:5e:d1:06:28:de:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 31 00:00:21 2025 GMT Not After : Dec 5 23:59:59 2025 GMT Subject: serialNumber=8b5d4d66dcb4b5be1e8b22567eac208480c742382f75029e427e8ac4478a03b9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:a5:a5:34:8b:6e:4d:42:80:63:3e:89:c6:3a: e7:27:8c:c1:90:49:4b:bc:04:0b:c5:06:0f:f7:c2: c5:ca:60:be:39:c6:f2:ad:44:4d:ab:4d:b6:3a:e6: a3:ef:fe:4f:02:48:de:e9:ad:81:2f:e1:78:da:0d: 2d:b6:56:2f:64:59:59:a3:19:9a:bb:7a:d1:3c:ee: 64:a1:da:3d:0f:f5:db:31:fe:10:86:fc:65:fa:ee: 9f:16:4c:87:5a:0e:8a:31:16:86:35:02:4c:23:bf: 43:1b:a2:db:13:34:2c:37:e3:42:00:b7:a9:da:95: 13:aa:6d:df:37:db:6f:52:8d:dd:42:ee:22:e7:96: d5:e9:50:dc:3d:6d:5a:41:57:dc:49:15:5f:6e:69: c9:e4:4f:b1:53:8e:59:c2:91:7f:fe:79:d6:87:72: c5:a6:d8:9d:8e:9e:86:59:97:df:0c:b4:ea:c3:59: 9d:75:b4:61:7c:b3:5e:eb:b1:f6:4e:47:44:9a:1a: 83:26:fd:e1:9f:fa:45:f5:33:db:d1:b3:35:70:a7: a2:e3:c4:c2:5b:95:64:4d:ec:bf:a4:bf:87:e6:60: 8c:27:f1:57:f6:d9:88:b2:2f:29:94:4e:50:a0:ea: 65:d3:5d:19:00:b3:61:66:59:45:d0:c0:a6:84:b8: b3:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:15:FE:09:2C:0C:F3:7F:8A:64:22:47:59:F8:E7:46:67:B4:0C:2C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/df283100-6f05-4533-89fd-648b23de2ce4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da25::/36 Signature Algorithm: sha256WithRSAEncryption 13:83:df:6d:c3:8d:26:07:91:98:f6:ca:69:ac:06:59:1f:46: 25:78:27:7d:47:3f:0e:a7:20:8d:4f:be:a0:6c:f1:16:27:84: 2b:4e:45:51:f2:c6:fd:7e:43:34:24:a1:15:47:35:34:18:22: a6:ad:59:8e:a5:c0:9d:29:16:c0:c7:b6:08:75:0c:67:61:fd: 64:8f:d3:da:a9:71:65:38:99:6a:0e:c5:c6:e3:41:2d:42:6e: d9:a5:c3:a6:93:a2:0c:5c:28:76:fe:ae:67:ab:e4:cc:e4:77: 2e:0c:35:b6:ed:ec:65:c2:4f:81:2a:c6:a7:3b:55:88:bf:48: 81:c7:c0:85:87:83:a7:12:1f:66:f0:b8:47:1c:5f:38:d9:e0: ae:64:c5:6c:42:ad:d6:53:38:0a:86:5d:31:48:62:e0:9d:46: 62:1b:96:38:11:95:d1:ad:ba:38:e2:84:1f:c2:d1:f5:8f:0a: bf:f4:d4:c9:9b:b6:93:21:a5:83:77:3a:dd:4e:e3:df:79:20: 24:9b:c0:45:95:8a:99:b7:be:ce:3d:6a:a9:33:0e:92:59:b4: c5:ea:53:83:6e:7e:21:81:a0:06:a6:b4:8a:c4:48:e0:53:f8: 20:a6:95:49:86:48:09:be:39:10:82:30:57:14:f4:fb:05:94: 51:e2:83:a7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXrfoOt+qc6j9qk8hKhxe0QYo3ocwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAzMTAwMDAyMVoX DTI1MTIwNTIzNTk1OVowejFJMEcGA1UEBRNAOGI1ZDRkNjZkY2I0YjViZTFlOGIy MjU2N2VhYzIwODQ4MGM3NDIzODJmNzUwMjllNDI3ZThhYzQ0NzhhMDNiOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6WlNItuTUKAYz6JxjrnJ4zBkElL vAQLxQYP98LFymC+OcbyrURNq022Ouaj7/5PAkje6a2BL+F42g0ttlYvZFlZoxma u3rRPO5kodo9D/XbMf4Qhvxl+u6fFkyHWg6KMRaGNQJMI79DG6LbEzQsN+NCALep 2pUTqm3fN9tvUo3dQu4i55bV6VDcPW1aQVfcSRVfbmnJ5E+xU45ZwpF//nnWh3LF ptidjp6GWZffDLTqw1mddbRhfLNe67H2TkdEmhqDJv3hn/pF9TPb0bM1cKei48TC W5VkTey/pL+H5mCMJ/FX9tmIsi8plE5QoOpl010ZALNhZllF0MCmhLiz6wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIgV/gksDPN/imQiR1n450ZntAwsMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RmMjgzMTAwLTZmMDUtNDUzMy04OWZkLTY0OGIyM2RlMmNlNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaJQAwDQYJKoZIhvcNAQELBQADggEBABOD323DjSYHkZj2ymms BlkfRiV4J31HPw6nII1PvqBs8RYnhCtORVHyxv1+QzQkoRVHNTQYIqatWY6lwJ0p FsDHtgh1DGdh/WSP09qpcWU4mWoOxcbjQS1Cbtmlw6aTogxcKHb+rmer5Mzkdy4M Nbbt7GXCT4Eqxqc7VYi/SIHHwIWHg6cSH2bwuEccXzjZ4K5kxWxCrdZTOAqGXTFI YuCdRmIbljgRldGtujjihB/C0fWPCr/01MmbtpMhpYN3Ot1O4995ICSbwEWVipm3 vs49aqkzDpJZtMXqU4NufiGBoAamtIrESOBT+CCmlUmGSAm+ORCCMFcU9PsFlFHi g6c= -----END CERTIFICATE-----Generated at Wed Nov 5 07:59:40 2025 by rpki-client