$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fa7e3294-e52d-460b-b3b0-7025fd72e0d2.roa File: fa7e3294-e52d-460b-b3b0-7025fd72e0d2.roa (raw, json) Hash identifier: iix8itz4skQUP0CdSZHxGFFkV4MqZn5xSaOj04eZLfI= Subject key identifier: 42:71:3A:C9:9F:67:48:54:50:DA:5B:09:CB:3E:82:9A:57:45:DF:68 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 170A777B94EE71815855E9D14362E6A72779314B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fa7e3294-e52d-460b-b3b0-7025fd72e0d2.roa Signing time: Tue 14 Oct 2025 00:20:11 +0000 ROA not before: Tue 14 Oct 2025 00:20:11 +0000 ROA not after: Tue 18 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:4800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:0a:77:7b:94:ee:71:81:58:55:e9:d1:43:62:e6:a7:27:79:31:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 14 00:20:11 2025 GMT Not After : Nov 18 23:59:59 2025 GMT Subject: serialNumber=fd727cf3757321b3c5088e9ea5cfc54944d64770bb731468881197c3f6cf402d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:f3:8a:1a:83:f5:de:df:7e:2c:17:bd:b3:45: c3:30:08:10:8d:65:32:18:f4:74:12:76:5f:57:39: 8a:3e:76:6f:b0:10:e7:45:ae:e3:48:03:c2:18:b7: c0:25:50:d5:aa:35:86:db:c2:39:c0:c9:03:a5:1f: ca:2a:da:79:36:3e:65:54:4a:27:4a:61:18:d3:89: c7:71:a4:fe:5e:8e:a2:30:b7:2e:b5:a3:63:b2:4e: 85:ac:f2:72:8e:e2:4d:6c:2d:85:91:23:d0:6d:20: d5:d0:26:9f:a2:e1:c3:b2:81:00:31:39:a4:bc:59: 27:a7:27:83:17:90:1b:c5:2a:fb:c1:f9:78:51:ce: 32:48:07:91:78:8d:bb:1c:ba:10:82:d8:5d:ff:2f: a7:e5:ab:16:57:e7:03:68:10:a3:3c:3f:97:0b:7d: 15:95:00:91:df:92:d1:a9:f8:a7:48:c3:fa:2d:73: 11:1a:e0:50:05:fa:88:09:f0:28:3a:c0:7e:12:7a: 6b:6a:dc:56:c3:92:0c:f7:29:df:52:10:04:4d:f2: 3d:94:00:30:8c:eb:59:5a:73:8f:96:e2:b3:de:82: 18:f4:c3:ac:6a:92:e9:a9:ae:78:68:62:54:3c:6e: f8:36:8d:f2:d3:b8:ce:1b:dd:e2:be:ca:01:ce:f1: 7e:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:71:3A:C9:9F:67:48:54:50:DA:5B:09:CB:3E:82:9A:57:45:DF:68 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fa7e3294-e52d-460b-b3b0-7025fd72e0d2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:4800::/40 Signature Algorithm: sha256WithRSAEncryption 9e:0b:9a:1a:89:25:29:6a:98:9f:71:fa:c3:e2:3b:3f:9b:ff: 1a:72:0c:7d:a4:42:7e:cf:dc:c5:14:fe:30:75:b0:fc:be:af: 30:2a:02:86:24:8f:43:42:c1:51:e5:a1:90:35:cf:b0:d2:90: b4:94:a3:b3:50:3a:04:a3:d3:ba:24:1d:f6:60:4e:a8:ee:9e: 23:4a:9d:fa:ef:82:6b:f8:12:24:a2:d1:f5:e4:ad:ba:2c:34: 19:62:d3:b7:61:c6:2a:38:32:20:9b:6f:6b:7e:c9:c0:25:32: 81:70:5c:83:47:2d:0b:0a:61:a9:d5:fd:80:4b:5c:f4:5f:cd: bd:5f:6c:af:42:df:0d:81:1f:cd:22:1f:c5:98:5f:be:e5:2b: 4e:7b:08:9d:ac:75:91:26:92:51:59:cb:8a:eb:ca:a4:ab:2b: 04:f5:e1:ae:da:30:ba:b9:41:ce:31:d2:ca:f6:1b:43:8d:2e: e9:51:33:8b:ab:fe:09:ce:7f:4e:4f:04:6c:57:2d:81:d4:a9: 58:10:c6:ff:0a:42:33:3c:b9:7d:21:dc:8e:0d:ad:8e:2d:de: 7e:16:f6:8a:68:34:9a:76:95:a8:71:41:6e:36:d1:33:21:9f: 8b:7d:6d:aa:3e:c5:61:26:99:67:88:6d:bb:89:62:33:fb:a4: 4b:0e:95:a8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFwp3e5TucYFYVenRQ2Lmpyd5MUswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxNDAwMjAxMVoX DTI1MTExODIzNTk1OVowejFJMEcGA1UEBRNAZmQ3MjdjZjM3NTczMjFiM2M1MDg4 ZTllYTVjZmM1NDk0NGQ2NDc3MGJiNzMxNDY4ODgxMTk3YzNmNmNmNDAyZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/OKGoP13t9+LBe9s0XDMAgQjWUy GPR0EnZfVzmKPnZvsBDnRa7jSAPCGLfAJVDVqjWG28I5wMkDpR/KKtp5Nj5lVEon SmEY04nHcaT+Xo6iMLcutaNjsk6FrPJyjuJNbC2FkSPQbSDV0CafouHDsoEAMTmk vFknpyeDF5AbxSr7wfl4Uc4ySAeReI27HLoQgthd/y+n5asWV+cDaBCjPD+XC30V lQCR35LRqfinSMP6LXMRGuBQBfqICfAoOsB+EnpratxWw5IM9ynfUhAETfI9lAAw jOtZWnOPluKz3oIY9MOsapLpqa54aGJUPG74No3y07jOG93ivsoBzvF+9QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEJxOsmfZ0hUUNpbCcs+gppXRd9oMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZhN2UzMjk0LWU1MmQtNDYwYi1iM2IwLTcwMjVmZDcyZTBkMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaUgwDQYJKoZIhvcNAQELBQADggEBAJ4LmhqJJSlqmJ9x+sPi Oz+b/xpyDH2kQn7P3MUU/jB1sPy+rzAqAoYkj0NCwVHloZA1z7DSkLSUo7NQOgSj 07okHfZgTqjuniNKnfrvgmv4EiSi0fXkrbosNBli07dhxio4MiCbb2t+ycAlMoFw XINHLQsKYanV/YBLXPRfzb1fbK9C3w2BH80iH8WYX77lK057CJ2sdZEmklFZy4rr yqSrKwT14a7aMLq5Qc4x0sr2G0ONLulRM4ur/gnOf05PBGxXLYHUqVgQxv8KQjM8 uX0h3I4NrY4t3n4W9opoNJp2lahxQW420TMhn4t9bao+xWEmmWeIbbuJYjP7pEsO lag= -----END CERTIFICATE-----Generated at Wed Nov 5 05:41:00 2025 by rpki-client