$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/eb256107-485a-42e4-8372-1aca6582970f.roa File: eb256107-485a-42e4-8372-1aca6582970f.roa (raw, json) Hash identifier: 3r/XdLL0izk/yzw3UPBseYUlU3Du4eW9m3kEWNWyycc= Subject key identifier: D9:CA:E9:22:11:12:99:FA:BE:F7:C8:B8:45:EF:E9:0F:6D:5F:07:EA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 60A352AFE128B065DC988FF385E2E12BFEBC9950 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/eb256107-485a-42e4-8372-1aca6582970f.roa Signing time: Sat 01 Nov 2025 00:00:05 +0000 ROA not before: Sat 01 Nov 2025 00:00:05 +0000 ROA not after: Sat 06 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daee::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:a3:52:af:e1:28:b0:65:dc:98:8f:f3:85:e2:e1:2b:fe:bc:99:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 1 00:00:05 2025 GMT Not After : Dec 6 23:59:59 2025 GMT Subject: serialNumber=fb42e7229b8dfa9e5090afe21da134b15fb7b58c22d9c0fef60021d09cdc1b6d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:51:68:15:51:84:a0:e5:fb:c0:80:78:63:f6: 8f:39:51:c8:01:9f:67:d0:80:db:9d:2d:a9:02:3f: 71:7b:06:54:4b:31:bb:88:69:fa:9e:40:37:70:27: c6:22:70:ba:46:6c:6f:55:4b:4f:02:6d:4f:9a:ae: ac:21:7c:0f:a7:e6:e9:2a:4d:7c:9c:d2:f4:8d:9f: 41:58:c1:80:07:8b:b5:40:6b:d1:9e:e3:14:46:72: fd:2d:2e:1e:cd:8d:7e:28:66:54:42:41:8c:9f:0e: 9f:d4:ae:1b:ef:8e:f5:2c:58:9c:97:53:80:d5:a0: e6:77:a4:47:1e:a6:05:97:d3:3e:a8:d6:96:d6:fc: 05:40:63:33:cd:e5:8e:60:a1:24:8e:c5:dd:a0:da: 08:b2:70:2f:1e:f7:ec:d8:5d:2a:4f:77:a3:a9:b0: 6e:8f:db:11:60:1b:1c:8e:ce:fd:6b:df:37:f5:4d: 98:88:3e:96:84:ca:57:f9:d0:27:2d:29:ba:1e:68: 32:0e:d0:02:33:f9:b2:6e:aa:ac:35:84:18:f1:bd: fa:35:95:8b:38:95:47:24:89:43:62:73:aa:2f:d7: b0:5d:50:99:c3:12:b9:eb:5f:89:19:dc:01:a7:b6: 65:44:f6:f1:22:cb:66:d5:91:9c:d9:9a:b3:c3:43: 2e:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:CA:E9:22:11:12:99:FA:BE:F7:C8:B8:45:EF:E9:0F:6D:5F:07:EA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/eb256107-485a-42e4-8372-1aca6582970f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daee::/32 Signature Algorithm: sha256WithRSAEncryption 9e:36:f2:21:e6:40:db:bd:e2:38:f2:40:f9:44:79:9a:1c:e3: c0:60:e3:18:1e:9d:cf:51:e1:bf:d1:17:03:7b:0e:50:73:94: 64:3e:bd:7c:8f:f4:19:f1:93:22:0e:3a:a7:69:34:b3:3b:27: 59:dc:c2:fc:a2:09:e0:38:5a:49:8f:1a:c2:2d:74:e4:c4:eb: ab:7c:0a:2c:15:d7:56:8f:aa:6e:da:77:13:fa:8c:74:68:ba: 51:bc:ea:5f:2e:d4:26:62:fb:98:9b:48:b4:a7:e0:a1:d5:1f: c9:17:84:86:50:04:b2:88:66:10:83:8a:58:3e:88:9e:ca:66: 48:14:38:59:dd:f5:6e:a9:9f:f9:b4:82:b5:84:e7:df:c8:c6: e8:10:ea:d3:f5:fe:01:90:32:0f:d0:87:ad:47:7a:2d:40:fe: 65:b6:76:bc:02:24:5b:ca:9d:f7:7a:98:e8:41:ab:8c:d3:5c: 76:06:f6:5f:ec:b8:53:8c:4d:a1:ac:7a:98:7a:6f:16:0d:40: 95:6b:d9:42:2e:40:91:c6:c2:59:14:3d:ee:f7:89:33:21:e2: b6:b0:dc:40:73:9a:44:91:57:6c:0b:bd:7f:6d:e0:33:e0:ec: 29:41:ce:78:52:4f:5a:10:e8:07:07:ce:da:52:ec:56:43:ee: 5e:93:30:4b -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUYKNSr+EosGXcmI/zheLhK/68mVAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwMTAwMDAwNVoX DTI1MTIwNjIzNTk1OVowejFJMEcGA1UEBRNAZmI0MmU3MjI5YjhkZmE5ZTUwOTBh ZmUyMWRhMTM0YjE1ZmI3YjU4YzIyZDljMGZlZjYwMDIxZDA5Y2RjMWI2ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFFoFVGEoOX7wIB4Y/aPOVHIAZ9n 0IDbnS2pAj9xewZUSzG7iGn6nkA3cCfGInC6RmxvVUtPAm1Pmq6sIXwPp+bpKk18 nNL0jZ9BWMGAB4u1QGvRnuMURnL9LS4ezY1+KGZUQkGMnw6f1K4b7471LFicl1OA 1aDmd6RHHqYFl9M+qNaW1vwFQGMzzeWOYKEkjsXdoNoIsnAvHvfs2F0qT3ejqbBu j9sRYBscjs79a9839U2YiD6WhMpX+dAnLSm6HmgyDtACM/mybqqsNYQY8b36NZWL OJVHJIlDYnOqL9ewXVCZwxK561+JGdwBp7ZlRPbxIstm1ZGc2Zqzw0MuZQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFNnK6SIREpn6vvfIuEXv6Q9tXwfqMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ViMjU2MTA3LTQ4NWEtNDJlNC04MzcyLTFhY2E2NTgyOTcwZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAba7jANBgkqhkiG9w0BAQsFAAOCAQEAnjbyIeZA273iOPJA+UR5 mhzjwGDjGB6dz1Hhv9EXA3sOUHOUZD69fI/0GfGTIg46p2k0szsnWdzC/KIJ4Dha SY8awi105MTrq3wKLBXXVo+qbtp3E/qMdGi6UbzqXy7UJmL7mJtItKfgodUfyReE hlAEsohmEIOKWD6InspmSBQ4Wd31bqmf+bSCtYTn38jG6BDq0/X+AZAyD9CHrUd6 LUD+ZbZ2vAIkW8qd93qY6EGrjNNcdgb2X+y4U4xNoax6mHpvFg1AlWvZQi5AkcbC WRQ97veJMyHitrDcQHOaRJFXbAu9f23gM+DsKUHOeFJPWhDoBwfO2lLsVkPuXpMw Sw== -----END CERTIFICATE-----Generated at Wed Nov 5 09:53:11 2025 by rpki-client