$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/efe1334d-71f0-409b-b70a-e650ab1bb41d.roa File: efe1334d-71f0-409b-b70a-e650ab1bb41d.roa (raw, json) Hash identifier: r//Hj/stWUMvVyDuygAd340FytzDqV30/d5wUHPCX2I= Subject key identifier: AD:6E:B9:20:5D:88:79:9C:DE:AC:D6:B6:74:FE:E4:1D:B0:37:76:BC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 60EC10AFD65F652E00E50373CC11E1314B452B8D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/efe1334d-71f0-409b-b70a-e650ab1bb41d.roa Signing time: Wed 29 Oct 2025 00:10:46 +0000 ROA not before: Wed 29 Oct 2025 00:10:46 +0000 ROA not after: Wed 03 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:b040::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:ec:10:af:d6:5f:65:2e:00:e5:03:73:cc:11:e1:31:4b:45:2b:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 29 00:10:46 2025 GMT Not After : Dec 3 23:59:59 2025 GMT Subject: serialNumber=9f61e639c8e758a11ccc2c3189ff5179583b4a6f1250a97a6a45f6ac435bc2fe, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:dc:2c:84:71:52:e5:60:5f:dd:64:ab:75:63: 42:f1:c2:e5:3e:15:59:55:73:f5:20:9a:1d:a5:47: d3:a4:99:75:80:eb:75:73:fa:0c:39:0a:e9:1a:95: 01:72:a3:a6:ab:02:38:7a:ee:5f:b6:7f:78:e0:a7: 44:59:df:3e:39:e1:6d:72:aa:03:ec:6c:f5:8a:c5: 94:ac:a7:25:b1:d9:78:9d:7d:e8:99:20:ad:6f:bb: 57:65:53:53:32:c4:bd:46:74:3b:09:3f:2b:17:eb: 84:f9:81:60:ef:ec:fd:bb:9c:34:72:49:42:bc:62: fd:21:68:b9:d7:39:15:be:ae:9c:68:e4:f7:2c:f9: 98:1f:a0:89:7f:64:10:5a:48:77:9e:eb:0c:d3:1e: 90:41:34:3d:b0:27:7e:7a:92:ae:40:8f:cd:c4:87: 60:e7:13:e9:bd:c2:d4:b1:2f:b8:54:37:b8:6c:4b: e5:fd:fd:9d:3b:46:0c:fa:f1:76:86:34:1e:ed:cb: 2f:c5:02:7a:42:e2:44:e5:dc:bd:fc:d7:45:2b:94: 24:60:0f:35:f7:3c:6c:6f:6d:ae:0b:88:ce:4d:5f: 1c:f0:0e:0b:43:99:34:fe:75:7f:22:b6:9c:f9:21: 00:90:7a:83:9d:c8:54:8b:4e:ba:a4:6c:f7:e3:6c: 08:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:6E:B9:20:5D:88:79:9C:DE:AC:D6:B6:74:FE:E4:1D:B0:37:76:BC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/efe1334d-71f0-409b-b70a-e650ab1bb41d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:b040::/46 Signature Algorithm: sha256WithRSAEncryption 24:ea:0a:85:d7:d1:c8:f5:bc:02:d6:be:22:5d:09:75:24:6e: b9:03:9b:0d:9d:ef:31:12:c2:cd:48:e2:25:10:aa:33:8d:b7: 82:f6:44:eb:9b:a3:5d:04:76:76:d2:b1:08:b2:65:8b:fa:13: 1f:41:c1:ef:8d:de:38:46:96:77:43:26:4a:e3:d5:8b:fb:57: a1:93:88:48:5a:27:b0:aa:48:e1:08:3b:19:d9:cd:04:c3:36: 82:d4:cb:d4:63:ba:4d:75:30:c4:dd:b8:03:a0:a6:eb:15:aa: 0a:53:6c:0c:63:9e:ef:ef:3a:8f:c2:5e:76:ba:93:50:d2:40: 52:81:05:44:18:1f:e9:55:c1:77:19:4d:ae:8c:03:39:2d:4e: a6:0a:d5:b9:da:75:e7:f0:d3:a3:ec:ca:66:ea:c0:21:96:39: dd:ab:00:0a:6c:85:98:c1:b3:90:7e:51:a2:75:20:2c:86:38: ea:3e:4c:e9:03:e4:7a:59:32:ee:52:27:9c:7d:6f:a1:d9:04: 71:f1:68:a6:de:3e:33:d0:c4:6b:3b:95:10:ec:ca:17:26:d2: c5:39:84:03:1f:a4:ff:83:68:e9:62:bf:7a:0f:5a:fa:b1:50: 5d:89:0d:f8:58:23:10:cd:4a:6f:94:2c:3c:ff:fa:1a:80:c1: b2:09:90:9e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYOwQr9ZfZS4A5QNzzBHhMUtFK40wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyOTAwMTA0NloX DTI1MTIwMzIzNTk1OVowejFJMEcGA1UEBRNAOWY2MWU2MzljOGU3NThhMTFjY2My YzMxODlmZjUxNzk1ODNiNGE2ZjEyNTBhOTdhNmE0NWY2YWM0MzViYzJmZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtwshHFS5WBf3WSrdWNC8cLlPhVZ VXP1IJodpUfTpJl1gOt1c/oMOQrpGpUBcqOmqwI4eu5ftn944KdEWd8+OeFtcqoD 7Gz1isWUrKclsdl4nX3omSCtb7tXZVNTMsS9RnQ7CT8rF+uE+YFg7+z9u5w0cklC vGL9IWi51zkVvq6caOT3LPmYH6CJf2QQWkh3nusM0x6QQTQ9sCd+epKuQI/NxIdg 5xPpvcLUsS+4VDe4bEvl/f2dO0YM+vF2hjQe7csvxQJ6QuJE5dy9/NdFK5QkYA81 9zxsb22uC4jOTV8c8A4LQ5k0/nV/Irac+SEAkHqDnchUi066pGz342wIrwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFK1uuSBdiHmc3qzWtnT+5B2wN3a8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VmZTEzMzRkLTcxZjAtNDA5Yi1iNzBhLWU2NTBhYjFiYjQxZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba87BAMA0GCSqGSIb3DQEBCwUAA4IBAQAk6gqF19HI9bwC1r4i XQl1JG65A5sNne8xEsLNSOIlEKozjbeC9kTrm6NdBHZ20rEIsmWL+hMfQcHvjd44 RpZ3QyZK49WL+1ehk4hIWiewqkjhCDsZ2c0EwzaC1MvUY7pNdTDE3bgDoKbrFaoK U2wMY57v7zqPwl52upNQ0kBSgQVEGB/pVcF3GU2ujAM5LU6mCtW52nXn8NOj7Mpm 6sAhljndqwAKbIWYwbOQflGidSAshjjqPkzpA+R6WTLuUiecfW+h2QRx8Wim3j4z 0MRrO5UQ7MoXJtLFOYQDH6T/g2jpYr96D1r6sVBdiQ34WCMQzUpvlCw8//oagMGy CZCe -----END CERTIFICATE-----Generated at Wed Nov 5 11:32:03 2025 by rpki-client