$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e32899b9-14c3-4649-a1dc-82fec0214193.roa File: e32899b9-14c3-4649-a1dc-82fec0214193.roa (raw, json) Hash identifier: gMxA+dwO3CXUkUgtjprfOJZhzss257nT5pVGdjBsaXo= Subject key identifier: 2E:2F:4C:95:4A:23:F9:55:AC:C8:DB:48:4A:3A:28:C3:B1:BE:D0:A3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1526D65ACA48D4BB2BB19FF26E7AB2D41DF7329C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e32899b9-14c3-4649-a1dc-82fec0214193.roa Signing time: Wed 05 Nov 2025 00:01:03 +0000 ROA not before: Wed 05 Nov 2025 00:01:03 +0000 ROA not after: Wed 10 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:e080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:26:d6:5a:ca:48:d4:bb:2b:b1:9f:f2:6e:7a:b2:d4:1d:f7:32:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 5 00:01:03 2025 GMT Not After : Dec 10 23:59:59 2025 GMT Subject: serialNumber=e3e20b40ad3c2783d86f8f43e2e49ff8c73574da6b2964e754708e9278095068, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:da:e7:f9:e8:90:b9:0e:f2:83:dd:17:98:b7: c2:42:cf:5c:7f:b5:71:26:5d:61:48:cb:e9:26:a6: ad:bd:9a:5b:ee:f2:7d:b0:ee:30:35:50:f4:a2:c2: 3c:87:1b:ca:6e:dd:c1:bc:da:11:16:2b:38:60:75: 69:98:f6:81:1b:41:c5:78:22:53:29:7d:b3:13:2a: e3:8b:86:bf:1b:92:a5:7e:52:90:32:f1:70:43:5b: a0:c9:94:6f:dc:36:1a:d0:10:ab:a9:02:ac:f2:0e: 26:95:18:09:dc:b4:2b:1b:84:00:68:61:16:5d:26: 36:33:dd:8d:4e:76:97:6a:52:c2:9e:9e:62:a0:8b: a7:bc:eb:5b:7a:01:2d:a9:02:da:a1:e3:92:3d:f2: 7d:89:e5:51:b1:10:43:a7:25:51:a2:ec:dd:ff:71: dc:b7:fa:06:0d:4a:50:2e:45:4e:e4:68:03:ef:3a: bb:be:b0:0d:1f:81:07:d4:95:1e:35:c9:54:dd:82: 7f:35:d1:f1:6b:20:9a:ba:77:c0:38:d5:85:23:4f: 05:e1:bd:a2:41:fb:90:79:b0:51:a4:71:0e:97:0f: e4:7f:9f:3b:bf:8f:da:ce:f5:1a:e3:7c:65:d3:c3: 9e:96:e2:b2:e3:be:ae:cb:29:f0:5e:d0:ee:5a:55: c9:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:2F:4C:95:4A:23:F9:55:AC:C8:DB:48:4A:3A:28:C3:B1:BE:D0:A3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e32899b9-14c3-4649-a1dc-82fec0214193.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:e080::/48 Signature Algorithm: sha256WithRSAEncryption 4a:4a:67:82:4f:b8:26:33:4d:3e:83:0a:10:aa:92:eb:a1:4b: 6d:83:70:fb:19:4f:5c:dc:db:bf:8b:cc:82:b5:3c:6c:cb:40: d9:f7:92:c3:f0:19:cb:67:55:36:cb:fd:17:d7:b8:8d:dd:74: c4:cd:2c:d2:d5:7a:f6:99:62:ff:49:0b:20:e4:c2:79:34:57: 71:03:ae:cd:51:9c:8f:e6:48:ba:d9:90:36:a7:ee:8d:9f:11: 4a:46:c7:94:0d:dd:8b:ee:c3:e7:ff:56:f4:8b:58:9e:87:ca: de:bf:51:51:69:29:de:58:cf:ff:ce:c1:7f:2b:5e:d8:4f:e8: 17:fa:99:52:19:af:77:13:f0:51:3e:c7:42:70:3b:84:f3:a6: 4f:9c:43:97:89:99:36:3c:5c:2b:3c:2a:e4:f1:0b:86:30:98: c7:f4:5e:08:bd:64:66:1f:17:6f:71:59:38:f2:a9:35:96:34: 8a:2b:91:35:96:2d:7f:dc:33:1c:90:94:7f:90:2b:9a:c0:0c: 01:f9:cd:ef:bf:1e:0c:73:ac:80:f8:39:1e:5b:ab:a9:ca:ad: 3f:11:e5:4a:a6:cc:ae:45:bf:f1:55:e7:2e:aa:16:61:6d:66: 48:c1:84:bc:36:9d:5f:db:6b:8d:14:37:61:4b:3f:4e:f5:66: 60:aa:c6:1e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUFSbWWspI1LsrsZ/ybnqy1B33MpwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNTAwMDEwM1oX DTI1MTIxMDIzNTk1OVowejFJMEcGA1UEBRNAZTNlMjBiNDBhZDNjMjc4M2Q4NmY4 ZjQzZTJlNDlmZjhjNzM1NzRkYTZiMjk2NGU3NTQ3MDhlOTI3ODA5NTA2ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9rn+eiQuQ7yg90XmLfCQs9cf7Vx Jl1hSMvpJqatvZpb7vJ9sO4wNVD0osI8hxvKbt3BvNoRFis4YHVpmPaBG0HFeCJT KX2zEyrji4a/G5KlflKQMvFwQ1ugyZRv3DYa0BCrqQKs8g4mlRgJ3LQrG4QAaGEW XSY2M92NTnaXalLCnp5ioIunvOtbegEtqQLaoeOSPfJ9ieVRsRBDpyVRouzd/3Hc t/oGDUpQLkVO5GgD7zq7vrANH4EH1JUeNclU3YJ/NdHxayCaunfAONWFI08F4b2i QfuQebBRpHEOlw/kf587v4/azvUa43xl08OeluKy476uyynwXtDuWlXJqwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFC4vTJVKI/lVrMjbSEo6KMOxvtCjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UzMjg5OWI5LTE0YzMtNDY0OS1hMWRjLTgyZmVjMDIxNDE5My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAOCAMA0GCSqGSIb3DQEBCwUAA4IBAQBKSmeCT7gmM00+gwoQ qpLroUttg3D7GU9c3Nu/i8yCtTxsy0DZ95LD8BnLZ1U2y/0X17iN3XTEzSzS1Xr2 mWL/SQsg5MJ5NFdxA67NUZyP5ki62ZA2p+6NnxFKRseUDd2L7sPn/1b0i1ieh8re v1FRaSneWM//zsF/K17YT+gX+plSGa93E/BRPsdCcDuE86ZPnEOXiZk2PFwrPCrk 8QuGMJjH9F4IvWRmHxdvcVk48qk1ljSKK5E1li1/3DMckJR/kCuawAwB+c3vvx4M c6yA+DkeW6upyq0/EeVKpsyuRb/xVecuqhZhbWZIwYS8Np1f22uNFDdhSz9O9WZg qsYe -----END CERTIFICATE-----Generated at Wed Nov 5 05:41:19 2025 by rpki-client