$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f2dd6a07-efa1-4a66-9f07-179c2e6d4574.roa File: f2dd6a07-efa1-4a66-9f07-179c2e6d4574.roa (raw, json) Hash identifier: 2ltuFxUwol7Otbru1o1Hz75tAc5wTUlUeOlzCaZJH74= Subject key identifier: 67:81:03:1E:30:2D:7B:54:4E:30:16:79:14:98:93:6F:5E:BC:20:C5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7FCEB8F59E220A639E73D1F978591D3289BA6FB9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f2dd6a07-efa1-4a66-9f07-179c2e6d4574.roa Signing time: Sun 02 Nov 2025 00:00:35 +0000 ROA not before: Sun 02 Nov 2025 00:00:35 +0000 ROA not after: Sun 07 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:ce:b8:f5:9e:22:0a:63:9e:73:d1:f9:78:59:1d:32:89:ba:6f:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 2 00:00:35 2025 GMT Not After : Dec 7 23:59:59 2025 GMT Subject: serialNumber=b4bda65a7aea21ef5363949a3e00d7ad0d5ec63a40b248a3714d2743a00f4b6f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:fe:52:2a:ee:64:11:3e:43:07:32:12:e2:81: ef:f1:2b:a4:23:54:1b:b1:b5:07:2c:76:c2:5c:ec: ea:53:d6:93:07:61:e6:15:b3:ed:ba:77:49:83:1e: e8:ef:52:94:38:e5:93:06:56:63:03:41:14:e6:e1: 4a:fa:22:1b:10:02:f2:70:18:ff:b2:85:6c:44:e2: 38:38:60:79:dc:71:a2:34:cc:2e:f0:9e:0e:6a:8f: f9:96:31:60:34:3f:05:17:00:76:65:5a:81:ad:ec: 48:3a:ff:fc:3f:48:bf:ba:ee:8b:ff:7a:c0:2d:68: 82:c5:1a:88:83:77:19:f1:f7:7c:60:95:82:a0:2e: 87:fb:60:2f:31:e2:2e:3b:4a:b4:ca:a6:07:2d:6e: 23:3a:5b:d9:d5:3c:a7:f8:cc:f0:a0:51:a1:2d:62: 70:0a:12:4f:14:70:47:4a:44:e1:12:33:36:b8:8d: 3d:d3:13:84:c7:40:a6:49:f5:4b:d4:40:35:14:af: e0:33:14:59:30:05:dd:32:ba:92:ea:4a:dc:b9:a2: bf:cf:a1:6a:52:44:9d:d0:c2:64:ed:8d:8b:f1:8e: 48:3c:06:84:1a:8f:3e:d2:ba:9a:3d:39:d2:3f:ee: ab:29:d6:82:db:d7:1c:31:1d:d8:f4:b8:44:dc:5e: 5c:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:81:03:1E:30:2D:7B:54:4E:30:16:79:14:98:93:6F:5E:BC:20:C5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f2dd6a07-efa1-4a66-9f07-179c2e6d4574.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:6000::/40 Signature Algorithm: sha256WithRSAEncryption b8:a5:5d:0f:9d:9a:76:d3:18:6f:85:d7:f5:8a:65:85:c2:df: e3:7f:d4:36:11:11:ae:76:06:90:d1:16:10:6d:42:ae:26:fa: 0e:f3:51:98:3a:07:03:56:66:24:c7:ee:ea:25:29:80:53:2a: 35:d3:c7:47:15:3d:2f:78:12:ad:8d:e4:23:d6:5b:dd:5a:47: 6e:ad:dd:f6:08:06:e3:92:f5:d9:e0:a1:04:12:b3:9d:60:f9: 02:8c:6e:88:e1:43:9e:4d:81:0c:7c:31:1b:1c:c6:57:aa:1c: 16:fa:7c:1c:5e:68:0c:8c:13:fe:53:6b:5e:b2:b4:50:8c:11: 10:47:ff:cd:86:1f:9d:ae:a3:f2:b4:06:6c:5b:4f:17:b3:be: 14:66:57:d4:45:5d:36:6f:59:fa:c6:4f:91:c1:26:e2:40:22: 94:a9:41:1c:b9:b5:f5:8a:ad:b5:31:fa:f6:38:38:08:47:cb: 60:47:b2:88:17:97:b0:35:a6:76:ff:9a:7c:12:ed:8c:58:b5: 29:50:ef:12:a2:ff:5d:c5:46:97:6a:ac:c6:32:8a:f2:e1:0e: f5:c7:ab:12:e5:1d:9c:8e:11:ca:bd:52:83:f2:fd:cd:3a:db: e0:09:58:ee:d8:2f:d7:70:2f:c1:01:b7:48:d3:15:21:76:58: df:36:1e:4c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUf8649Z4iCmOec9H5eFkdMom6b7kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwMjAwMDAzNVoX DTI1MTIwNzIzNTk1OVowejFJMEcGA1UEBRNAYjRiZGE2NWE3YWVhMjFlZjUzNjM5 NDlhM2UwMGQ3YWQwZDVlYzYzYTQwYjI0OGEzNzE0ZDI3NDNhMDBmNGI2ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/5SKu5kET5DBzIS4oHv8SukI1Qb sbUHLHbCXOzqU9aTB2HmFbPtundJgx7o71KUOOWTBlZjA0EU5uFK+iIbEALycBj/ soVsROI4OGB53HGiNMwu8J4Oao/5ljFgND8FFwB2ZVqBrexIOv/8P0i/uu6L/3rA LWiCxRqIg3cZ8fd8YJWCoC6H+2AvMeIuO0q0yqYHLW4jOlvZ1Tyn+MzwoFGhLWJw ChJPFHBHSkThEjM2uI090xOEx0CmSfVL1EA1FK/gMxRZMAXdMrqS6krcuaK/z6Fq UkSd0MJk7Y2L8Y5IPAaEGo8+0rqaPTnSP+6rKdaC29ccMR3Y9LhE3F5cpwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGeBAx4wLXtUTjAWeRSYk29evCDFMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YyZGQ2YTA3LWVmYTEtNGE2Ni05ZjA3LTE3OWMyZTZkNDU3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYGAwDQYJKoZIhvcNAQELBQADggEBALilXQ+dmnbTGG+F1/WK ZYXC3+N/1DYREa52BpDRFhBtQq4m+g7zUZg6BwNWZiTH7uolKYBTKjXTx0cVPS94 Eq2N5CPWW91aR26t3fYIBuOS9dngoQQSs51g+QKMbojhQ55NgQx8MRscxleqHBb6 fBxeaAyME/5Ta16ytFCMERBH/82GH52uo/K0BmxbTxezvhRmV9RFXTZvWfrGT5HB JuJAIpSpQRy5tfWKrbUx+vY4OAhHy2BHsogXl7A1pnb/mnwS7YxYtSlQ7xKi/13F RpdqrMYyivLhDvXHqxLlHZyOEcq9UoPy/c062+AJWO7YL9dwL8EBt0jTFSF2WN82 Hkw= -----END CERTIFICATE-----Generated at Wed Nov 5 05:42:03 2025 by rpki-client