$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/faf03c26-86cc-4b80-a160-2861ff66c03b.roa File: faf03c26-86cc-4b80-a160-2861ff66c03b.roa (raw, json) Hash identifier: 78ITk599lg+8VJVQGcN4Y9DJ2tZWF/QwCQ5E/fMLbls= Subject key identifier: 06:5F:EB:A5:9F:0B:BB:37:4E:37:7F:97:2B:E4:99:D9:AD:5B:1A:CF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 38516E20E2462336AFDF60175F05C865491D6368 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/faf03c26-86cc-4b80-a160-2861ff66c03b.roa Signing time: Wed 05 Nov 2025 00:00:44 +0000 ROA not before: Wed 05 Nov 2025 00:00:44 +0000 ROA not after: Wed 10 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:c0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:51:6e:20:e2:46:23:36:af:df:60:17:5f:05:c8:65:49:1d:63:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 5 00:00:44 2025 GMT Not After : Dec 10 23:59:59 2025 GMT Subject: serialNumber=f664fa82e2b958ff2bef35903bb650df1f7194dcf4936bf9243e51ea72d2138e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:1e:69:dc:fb:9b:70:c7:7f:99:a4:e1:91:56: 12:6d:1e:1a:fa:e2:dd:04:84:36:4e:22:fa:97:ec: 3d:11:d6:2d:af:09:73:58:51:36:33:e9:62:13:00: 9e:77:40:f0:51:4f:89:1b:c1:59:e0:57:12:b5:24: 69:40:9c:4d:3c:f2:1b:d3:65:b6:82:f7:73:52:89: ce:7a:e6:20:37:e0:3d:2f:68:f5:a3:ce:1b:ab:fa: ae:7e:1c:9a:5e:ce:d4:2a:83:81:ab:fa:41:fc:ad: 2d:47:0e:78:d4:97:57:aa:ad:82:69:66:9c:40:74: 29:79:9d:a1:70:59:aa:74:94:72:c2:ea:10:56:0e: 8a:4b:6a:99:1c:f5:d2:30:02:b2:c6:cd:56:7d:b4: 89:f1:e3:53:70:bf:0b:f4:49:07:06:e7:7a:75:88: 0d:e5:cf:17:a7:11:7b:d6:cd:2c:ed:43:db:b1:4d: cc:73:d3:14:72:ee:0a:41:e0:e4:6c:70:3d:a5:d1: 65:41:38:4e:a8:61:b4:6e:11:7d:6e:69:ad:57:d3: f4:b3:ae:e9:34:1b:31:74:f5:97:41:56:10:d9:85: 06:8c:80:cf:c2:23:aa:2b:93:ed:8b:82:44:99:4a: 1c:8d:65:8f:ff:cf:9c:63:cb:95:2c:2e:17:39:96: 10:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:5F:EB:A5:9F:0B:BB:37:4E:37:7F:97:2B:E4:99:D9:AD:5B:1A:CF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/faf03c26-86cc-4b80-a160-2861ff66c03b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:c0c0::/48 Signature Algorithm: sha256WithRSAEncryption 89:57:af:78:aa:2c:1b:26:12:b9:26:a7:4e:2b:1c:cf:82:31: 92:91:65:48:9f:ec:63:fb:4a:9e:82:3c:39:b1:5a:c3:9a:62: 4c:0a:bb:e8:c7:e0:f5:e3:55:e4:ef:6f:4f:44:aa:c1:2e:02: 50:b3:4a:ef:9f:68:fe:b7:dd:13:7e:32:01:3d:e0:98:cb:da: bc:19:06:72:80:36:a4:e5:cc:a8:67:bf:97:dc:36:60:f4:8d: 06:a2:a8:eb:20:e8:1f:7a:e3:de:fb:e1:a7:56:b9:ec:fe:6d: b5:08:1d:19:87:45:de:d5:13:6f:36:17:58:27:d2:62:db:44: 90:37:f8:ea:f2:01:f2:74:92:97:da:07:0e:f6:67:0b:36:83: 82:21:65:83:c7:59:44:a5:f2:f7:aa:b4:9d:5b:23:bf:96:3a: 05:d7:d1:73:ee:16:c1:cc:26:b1:9b:29:b2:e9:d4:f8:e9:eb: 8a:4e:f9:6b:d7:fd:d3:39:40:5a:3e:9a:72:29:7e:0d:d8:a4: e4:f5:67:79:91:01:20:47:91:89:b6:cd:39:c4:7c:f6:86:57: e7:c0:d4:a1:b3:a2:46:7a:2e:06:4d:d6:df:f6:5d:d0:7f:2b: 8d:65:7a:c9:ba:c0:2c:3d:32:99:8f:0a:81:47:bf:99:a1:bb: 49:4d:e7:f6 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUOFFuIOJGIzav32AXXwXIZUkdY2gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNTAwMDA0NFoX DTI1MTIxMDIzNTk1OVowejFJMEcGA1UEBRNAZjY2NGZhODJlMmI5NThmZjJiZWYz NTkwM2JiNjUwZGYxZjcxOTRkY2Y0OTM2YmY5MjQzZTUxZWE3MmQyMTM4ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2h5p3PubcMd/maThkVYSbR4a+uLd BIQ2TiL6l+w9EdYtrwlzWFE2M+liEwCed0DwUU+JG8FZ4FcStSRpQJxNPPIb02W2 gvdzUonOeuYgN+A9L2j1o84bq/qufhyaXs7UKoOBq/pB/K0tRw541JdXqq2CaWac QHQpeZ2hcFmqdJRywuoQVg6KS2qZHPXSMAKyxs1WfbSJ8eNTcL8L9EkHBud6dYgN 5c8XpxF71s0s7UPbsU3Mc9MUcu4KQeDkbHA9pdFlQThOqGG0bhF9bmmtV9P0s67p NBsxdPWXQVYQ2YUGjIDPwiOqK5Pti4JEmUocjWWP/8+cY8uVLC4XOZYQGQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAZf66WfC7s3Tjd/lyvkmdmtWxrPMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZhZjAzYzI2LTg2Y2MtNGI4MC1hMTYwLTI4NjFmZjY2YzAzYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYcDAMA0GCSqGSIb3DQEBCwUAA4IBAQCJV694qiwbJhK5JqdO KxzPgjGSkWVIn+xj+0qegjw5sVrDmmJMCrvox+D141Xk729PRKrBLgJQs0rvn2j+ t90TfjIBPeCYy9q8GQZygDak5cyoZ7+X3DZg9I0GoqjrIOgfeuPe++GnVrns/m21 CB0Zh0Xe1RNvNhdYJ9Ji20SQN/jq8gHydJKX2gcO9mcLNoOCIWWDx1lEpfL3qrSd WyO/ljoF19Fz7hbBzCaxmymy6dT46euKTvlr1/3TOUBaPppyKX4N2KTk9Wd5kQEg R5GJts05xHz2hlfnwNShs6JGei4GTdbf9l3QfyuNZXrJusAsPTKZjwqBR7+ZobtJ Tef2 -----END CERTIFICATE-----Generated at Wed Nov 5 22:13:17 2025 by rpki-client