$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f9d49fe9-a284-47e5-8002-41310ce8752e.roa File: f9d49fe9-a284-47e5-8002-41310ce8752e.roa (raw, json) Hash identifier: v3lulObkRSnq58XJei3Z0nni4C9gFbAAq4Mphof/RBI= Subject key identifier: 27:4F:27:48:80:AC:E1:9A:26:E6:82:0B:49:D0:28:CE:9B:33:DD:9D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7B5F286022BE81A23C00EDE79A7FAAC02CB0E430 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f9d49fe9-a284-47e5-8002-41310ce8752e.roa Signing time: Wed 05 Nov 2025 00:10:05 +0000 ROA not before: Wed 05 Nov 2025 00:10:05 +0000 ROA not after: Wed 10 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:1040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:5f:28:60:22:be:81:a2:3c:00:ed:e7:9a:7f:aa:c0:2c:b0:e4:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 5 00:10:05 2025 GMT Not After : Dec 10 23:59:59 2025 GMT Subject: serialNumber=a16d07c9f1da236a1fe0de0df9a479c738eca0981c265579c41ef6da48112c43, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:9b:da:01:94:d3:af:25:fd:d6:55:27:d8:0c: f8:3a:97:d9:b7:f5:02:40:74:46:f4:51:c5:35:25: f6:e9:07:88:49:a5:a0:1d:f7:e6:47:79:51:c9:e8: d8:58:66:c4:21:46:35:b7:fd:43:0b:73:64:08:0a: 7c:66:cb:15:19:f5:70:26:b3:18:36:29:ea:36:d6: 7b:7c:d9:7b:61:03:41:7b:ac:8a:cc:05:62:72:92: 23:82:55:d7:29:1e:fe:ba:ff:09:91:73:d9:b4:09: 0d:7a:b9:54:04:43:2c:ac:ac:b9:dd:d9:d4:2a:1e: 5b:ec:e7:9f:4f:20:81:88:70:db:b8:eb:d3:06:47: bf:65:35:e0:45:67:f5:cb:3c:8f:3c:0b:3f:c6:0d: 07:48:12:d1:2b:01:eb:04:f3:1e:74:21:b4:67:ee: fd:bd:36:17:03:f3:ed:a0:5d:80:ab:b2:6a:b1:4e: f6:3a:44:28:40:f7:47:18:7a:e5:ed:44:b7:ae:67: 17:ee:fd:92:a9:65:bf:c0:97:0a:6a:9b:1c:ed:21: eb:d9:4e:f0:ba:8c:96:4c:47:14:0e:e7:9f:e2:87: 74:e5:59:f1:2b:07:f4:88:39:3d:06:6e:a9:33:4e: a2:0d:cf:a0:ac:17:55:d2:66:12:b5:61:9d:a7:7e: 63:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:4F:27:48:80:AC:E1:9A:26:E6:82:0B:49:D0:28:CE:9B:33:DD:9D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f9d49fe9-a284-47e5-8002-41310ce8752e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:1040::/48 Signature Algorithm: sha256WithRSAEncryption 1e:a9:e1:a3:5d:6f:33:c9:85:49:40:e7:23:5d:7e:14:bc:74: b7:10:88:db:88:ef:37:1e:4b:7f:44:e9:04:81:44:1e:2c:a1: 25:c9:d8:f2:c2:1d:2f:62:05:f9:7c:89:73:c4:f7:10:36:f1: 38:c9:f2:2d:1d:a8:0f:cb:a1:d5:4f:67:04:7f:fd:87:d2:b1: d6:f9:b3:2b:99:7f:cc:95:ab:93:49:8f:bb:e3:74:95:aa:ae: 6b:ce:90:66:a4:21:81:da:de:02:c8:a1:b4:d6:2e:16:d0:63: 82:df:2f:e0:55:f0:ca:e0:b7:df:8f:f1:dc:bf:4d:71:7a:99: 8e:71:f1:e0:19:de:72:51:7f:83:d3:1a:31:d7:2e:3e:dd:38: 33:83:f2:ea:9b:e5:57:d5:c4:88:ad:65:70:3b:0d:e2:41:42: 32:a6:7a:1c:79:3e:46:f8:03:d3:b4:82:6d:f3:b6:ed:cb:99: f7:d0:9f:99:73:16:f3:cd:03:4c:2f:10:93:43:5a:9a:41:ee: 01:34:d2:d1:39:8c:08:e9:17:b9:1f:1a:a9:84:55:33:5a:36: 03:12:e9:09:4a:26:60:5d:fb:ab:5e:c8:33:39:d3:75:6d:c8: d1:26:4a:69:9b:f3:0f:a1:de:ea:44:8a:1b:f1:43:d1:ae:b0: 1a:55:42:e8 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUe18oYCK+gaI8AO3nmn+qwCyw5DAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNTAwMTAwNVoX DTI1MTIxMDIzNTk1OVowejFJMEcGA1UEBRNAYTE2ZDA3YzlmMWRhMjM2YTFmZTBk ZTBkZjlhNDc5YzczOGVjYTA5ODFjMjY1NTc5YzQxZWY2ZGE0ODExMmM0MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJvaAZTTryX91lUn2Az4OpfZt/UC QHRG9FHFNSX26QeISaWgHffmR3lRyejYWGbEIUY1t/1DC3NkCAp8ZssVGfVwJrMY NinqNtZ7fNl7YQNBe6yKzAVicpIjglXXKR7+uv8JkXPZtAkNerlUBEMsrKy53dnU Kh5b7OefTyCBiHDbuOvTBke/ZTXgRWf1yzyPPAs/xg0HSBLRKwHrBPMedCG0Z+79 vTYXA/PtoF2Aq7JqsU72OkQoQPdHGHrl7US3rmcX7v2SqWW/wJcKapsc7SHr2U7w uoyWTEcUDuef4od05VnxKwf0iDk9Bm6pM06iDc+grBdV0mYStWGdp35jBQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCdPJ0iArOGaJuaCC0nQKM6bM92dMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y5ZDQ5ZmU5LWEyODQtNDdlNS04MDAyLTQxMzEwY2U4NzUyZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaABBAMA0GCSqGSIb3DQEBCwUAA4IBAQAeqeGjXW8zyYVJQOcj XX4UvHS3EIjbiO83Hkt/ROkEgUQeLKElydjywh0vYgX5fIlzxPcQNvE4yfItHagP y6HVT2cEf/2H0rHW+bMrmX/MlauTSY+743SVqq5rzpBmpCGB2t4CyKG01i4W0GOC 3y/gVfDK4Lffj/Hcv01xepmOcfHgGd5yUX+D0xox1y4+3Tgzg/Lqm+VX1cSIrWVw Ow3iQUIypnoceT5G+APTtIJt87bty5n30J+ZcxbzzQNMLxCTQ1qaQe4BNNLROYwI 6Re5HxqphFUzWjYDEukJSiZgXfurXsgzOdN1bcjRJkppm/MPod7qRIob8UPRrrAa VULo -----END CERTIFICATE-----Generated at Wed Nov 5 05:40:13 2025 by rpki-client