$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f6f0cefe-48aa-47d9-9887-859511074a41.roa File: f6f0cefe-48aa-47d9-9887-859511074a41.roa (raw, json) Hash identifier: /b9sK8QEWaU1D4StLV/QT4EH7lxQtbDbB7x2TIv+NBM= Subject key identifier: C3:FE:21:77:10:47:1D:71:90:1C:C0:60:02:88:C2:CD:83:9C:E1:67 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2220E6359C45AD589979181E006ACFFFB88D37AF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f6f0cefe-48aa-47d9-9887-859511074a41.roa Signing time: Wed 29 Oct 2025 07:38:05 +0000 ROA not before: Wed 29 Oct 2025 07:38:05 +0000 ROA not after: Wed 03 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:20:e6:35:9c:45:ad:58:99:79:18:1e:00:6a:cf:ff:b8:8d:37:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 29 07:38:05 2025 GMT Not After : Dec 3 23:59:59 2025 GMT Subject: serialNumber=d16687bc25c853800e967bd0f384532dcf101dc35ee878e79856c5953f60db66, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:04:f2:fe:c2:b6:f5:cb:fa:d3:13:c1:60:3e: 61:ea:fa:0b:ab:c2:54:e4:8e:84:f3:29:3a:77:32: 80:15:ae:af:8c:c5:71:a8:1e:60:16:9a:2d:d3:e3: 31:01:5f:66:c7:1c:c4:19:21:60:6e:80:18:77:7b: 88:a5:85:94:38:22:69:fe:01:f0:99:08:bf:b4:00: 5a:8e:20:37:0d:21:06:b4:50:ff:e9:51:6a:bf:c3: ab:84:96:d1:f6:f6:65:51:90:fd:8e:bb:df:d8:31: 93:38:8c:dc:ba:ff:6b:f6:9a:91:67:6d:63:87:2c: ff:3d:7a:fa:ab:fc:8f:fa:62:cc:be:72:72:7c:82: 17:77:ac:5b:72:fc:fd:d9:dd:d6:15:d6:c6:71:b9: d3:3f:4d:55:93:f4:3b:24:44:c0:1f:6e:70:90:7b: 72:1f:2d:b1:58:39:1b:4f:b1:04:6f:ec:a6:f5:b5: f4:a9:a7:29:0d:00:53:e7:f6:0a:86:c9:bd:d7:2e: f3:7e:4e:d7:bb:aa:06:83:c7:81:c5:ea:60:61:97: 85:19:61:a9:67:1d:66:81:30:89:38:56:9f:f9:74: 9f:15:34:99:ba:7c:c5:5d:68:78:90:e4:cd:24:5e: fc:f5:04:63:9e:7b:52:48:b4:1d:95:32:6f:e3:c6: 6f:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:FE:21:77:10:47:1D:71:90:1C:C0:60:02:88:C2:CD:83:9C:E1:67 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f6f0cefe-48aa-47d9-9887-859511074a41.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:880::/48 Signature Algorithm: sha256WithRSAEncryption 5e:63:ad:f6:d5:cd:8c:15:75:7e:45:e1:7e:8a:90:83:b5:74: 70:c5:a6:14:47:a5:25:3c:f3:af:af:94:32:34:c7:39:30:b4: a5:c5:67:05:1c:bd:97:56:c1:41:f1:40:97:50:18:94:5d:82: b8:a1:83:3e:fd:a1:06:01:be:f7:c3:ff:55:91:ed:ad:79:f2: ba:27:d3:a4:ea:15:46:4f:a2:a3:09:f1:39:11:78:8d:b6:ab: e1:4e:65:89:c7:dc:9f:3c:f3:5f:f1:70:22:d1:63:20:17:88: 6b:1d:f7:6e:28:84:e3:21:2f:63:0d:cb:2f:12:e9:55:51:85: 1a:78:3b:67:c6:f3:08:48:ea:7b:95:1c:18:bb:4c:ef:ce:48: 11:56:ee:ad:56:25:25:e4:a4:e1:ba:5a:6d:56:59:1d:d0:7f: 94:30:ec:17:c1:e2:b8:b3:76:c4:1f:18:e2:de:65:67:f1:b6: 78:5b:d9:56:35:c7:2f:e7:a7:89:3a:53:10:23:6d:0d:0b:46: 2c:c2:ae:84:d4:5b:8f:04:9f:a8:8e:df:70:98:94:81:5e:28: 54:1b:54:ef:cb:b0:32:6c:1d:7a:04:4e:54:42:99:33:9e:65: f9:32:80:01:2e:50:35:42:38:76:6a:cf:03:7f:3e:de:94:8e: 8e:c4:9e:89 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUIiDmNZxFrViZeRgeAGrP/7iNN68wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAyOTA3MzgwNVoX DTI1MTIwMzIzNTk1OVowejFJMEcGA1UEBRNAZDE2Njg3YmMyNWM4NTM4MDBlOTY3 YmQwZjM4NDUzMmRjZjEwMWRjMzVlZTg3OGU3OTg1NmM1OTUzZjYwZGI2NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQTy/sK29cv60xPBYD5h6voLq8JU 5I6E8yk6dzKAFa6vjMVxqB5gFpot0+MxAV9mxxzEGSFgboAYd3uIpYWUOCJp/gHw mQi/tABajiA3DSEGtFD/6VFqv8OrhJbR9vZlUZD9jrvf2DGTOIzcuv9r9pqRZ21j hyz/PXr6q/yP+mLMvnJyfIIXd6xbcvz92d3WFdbGcbnTP01Vk/Q7JETAH25wkHty Hy2xWDkbT7EEb+ym9bX0qacpDQBT5/YKhsm91y7zfk7Xu6oGg8eBxepgYZeFGWGp Zx1mgTCJOFaf+XSfFTSZunzFXWh4kOTNJF789QRjnntSSLQdlTJv48ZvbQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMP+IXcQRx1xkBzAYAKIws2DnOFnMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y2ZjBjZWZlLTQ4YWEtNDdkOS05ODg3LTg1OTUxMTA3NGE0MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6giAMA0GCSqGSIb3DQEBCwUAA4IBAQBeY6321c2MFXV+ReF+ ipCDtXRwxaYUR6UlPPOvr5QyNMc5MLSlxWcFHL2XVsFB8UCXUBiUXYK4oYM+/aEG Ab73w/9Vke2tefK6J9Ok6hVGT6KjCfE5EXiNtqvhTmWJx9yfPPNf8XAi0WMgF4hr HfduKITjIS9jDcsvEulVUYUaeDtnxvMISOp7lRwYu0zvzkgRVu6tViUl5KThulpt Vlkd0H+UMOwXweK4s3bEHxji3mVn8bZ4W9lWNccv56eJOlMQI20NC0Yswq6E1FuP BJ+ojt9wmJSBXihUG1Tvy7AybB16BE5UQpkznmX5MoABLlA1Qjh2as8Dfz7elI6O xJ6J -----END CERTIFICATE-----Generated at Wed Nov 5 09:34:37 2025 by rpki-client