$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e3ded5c4-f2d6-4dc4-b01c-590927072e2e.roa File: e3ded5c4-f2d6-4dc4-b01c-590927072e2e.roa (raw, json) Hash identifier: ssQFwPUrxBFiaIq9N0/MwxEinfoQDblHhsydb0UQUMo= Subject key identifier: E8:C2:8A:7F:AF:24:FA:F2:08:C8:E6:99:07:0E:A0:FD:4E:3A:34:1C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 47E6CDAAB6F692F9EA19D456F2AC68EBD4EF2188 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e3ded5c4-f2d6-4dc4-b01c-590927072e2e.roa Signing time: Wed 05 Nov 2025 00:00:11 +0000 ROA not before: Wed 05 Nov 2025 00:00:11 +0000 ROA not after: Wed 10 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:80c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:e6:cd:aa:b6:f6:92:f9:ea:19:d4:56:f2:ac:68:eb:d4:ef:21:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 5 00:00:11 2025 GMT Not After : Dec 10 23:59:59 2025 GMT Subject: serialNumber=4dd62388664c7dc5ff39a648ea9497a2c8a850a5f911f105869076ebc8950e48, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:3a:a8:ce:bd:06:f5:03:85:3e:c4:dc:1b:c0: a6:d2:c9:96:b9:3f:1b:b4:10:52:69:28:75:a0:5e: 1b:4e:e6:09:d3:8f:b2:85:e3:fb:3c:be:61:fb:09: 2d:9e:83:db:9b:4b:39:d8:ba:c6:e0:1e:96:43:74: b8:31:ad:91:2a:bd:de:88:6e:b9:0f:60:37:60:08: 31:5f:68:ef:b8:6a:6e:21:99:58:00:ce:b6:ce:6a: 7c:e1:5a:94:80:4d:50:b0:cd:d5:d6:e6:08:68:48: 95:3c:a8:9c:f4:88:aa:f4:7f:c9:37:81:44:4e:ac: 48:0b:82:29:08:20:d7:99:b7:8b:f9:50:0c:ce:af: c0:3a:3b:8a:e0:8b:19:59:c4:05:f0:a4:6e:50:ab: 3f:93:55:b2:71:0d:d8:16:64:89:5c:f0:43:0b:16: e3:5a:0f:3a:d2:94:ef:7a:f2:c7:7f:18:46:69:91: fa:0a:36:34:44:d7:a5:20:30:53:40:c1:96:fb:f1: 2e:94:04:62:92:54:e0:ba:ab:83:23:6b:ac:da:c7: d4:76:e5:a7:a6:60:8d:06:31:2c:53:da:b0:38:fa: 41:f4:59:6e:7c:13:0a:6d:b8:fa:06:97:ed:30:32: b3:dd:5a:77:48:60:b3:92:1c:36:c9:8d:0b:7b:94: d3:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:C2:8A:7F:AF:24:FA:F2:08:C8:E6:99:07:0E:A0:FD:4E:3A:34:1C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e3ded5c4-f2d6-4dc4-b01c-590927072e2e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:80c0::/48 Signature Algorithm: sha256WithRSAEncryption 58:e4:11:5a:b1:29:cd:f2:f8:50:2d:b3:d7:f0:a8:8c:1d:81: 49:dd:47:db:00:9b:b5:ba:0c:8a:39:10:42:13:a9:61:29:9c: 8c:ad:7a:b4:a5:8b:8a:91:51:94:30:43:ec:4f:ff:26:95:fe: b9:22:5c:b3:85:d0:49:0f:34:4a:c4:32:5c:56:e4:b4:82:51: e7:85:d5:e4:82:a5:f1:a6:e5:7b:48:ee:d7:ec:f0:5e:df:96: 91:e9:68:24:79:b0:90:36:e5:cf:b8:7c:d3:6c:a5:44:13:bd: e9:63:66:f1:37:ca:15:f9:b0:cf:3d:2e:7c:98:90:18:d6:05: d7:fb:36:2b:00:af:5b:30:a6:f7:74:5b:4e:fe:25:42:84:7e: 9d:e1:26:da:4b:d7:6b:57:43:b5:78:aa:25:9e:b9:f6:d3:d8: 02:57:f0:0f:fe:64:b1:ce:0f:42:ec:6c:b6:2d:45:b2:de:b7: 21:66:ee:3c:17:55:70:c9:78:e0:28:14:45:be:20:67:04:f1: f2:ba:53:2a:b5:06:44:5f:38:1f:3b:ec:cc:27:ab:1e:21:88: fb:3b:67:5f:73:8f:ac:5f:d6:f5:bc:77:45:cf:20:14:4f:7c: 63:ca:2f:2e:15:b5:95:1d:f1:5b:a7:c0:56:3b:8e:8f:c7:40: db:ca:c1:69 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUR+bNqrb2kvnqGdRW8qxo69TvIYgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNTAwMDAxMVoX DTI1MTIxMDIzNTk1OVowejFJMEcGA1UEBRNANGRkNjIzODg2NjRjN2RjNWZmMzlh NjQ4ZWE5NDk3YTJjOGE4NTBhNWY5MTFmMTA1ODY5MDc2ZWJjODk1MGU0ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTqozr0G9QOFPsTcG8Cm0smWuT8b tBBSaSh1oF4bTuYJ04+yheP7PL5h+wktnoPbm0s52LrG4B6WQ3S4Ma2RKr3eiG65 D2A3YAgxX2jvuGpuIZlYAM62zmp84VqUgE1QsM3V1uYIaEiVPKic9Iiq9H/JN4FE TqxIC4IpCCDXmbeL+VAMzq/AOjuK4IsZWcQF8KRuUKs/k1WycQ3YFmSJXPBDCxbj Wg860pTvevLHfxhGaZH6CjY0RNelIDBTQMGW+/EulARiklTguquDI2us2sfUduWn pmCNBjEsU9qwOPpB9FlufBMKbbj6BpftMDKz3Vp3SGCzkhw2yY0Le5TTlQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOjCin+vJPryCMjmmQcOoP1OOjQcMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UzZGVkNWM0LWYyZDYtNGRjNC1iMDFjLTU5MDkyNzA3MmUyZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYYDAMA0GCSqGSIb3DQEBCwUAA4IBAQBY5BFasSnN8vhQLbPX 8KiMHYFJ3UfbAJu1ugyKORBCE6lhKZyMrXq0pYuKkVGUMEPsT/8mlf65IlyzhdBJ DzRKxDJcVuS0glHnhdXkgqXxpuV7SO7X7PBe35aR6WgkebCQNuXPuHzTbKVEE73p Y2bxN8oV+bDPPS58mJAY1gXX+zYrAK9bMKb3dFtO/iVChH6d4SbaS9drV0O1eKol nrn209gCV/AP/mSxzg9C7Gy2LUWy3rchZu48F1VwyXjgKBRFviBnBPHyulMqtQZE XzgfO+zMJ6seIYj7O2dfc4+sX9b1vHdFzyAUT3xjyi8uFbWVHfFbp8BWO46Px0Db ysFp -----END CERTIFICATE-----Generated at Wed Nov 5 07:43:45 2025 by rpki-client