$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ff7aeb9b-4fc4-44e8-aa35-b92698a6c334.roa File: ff7aeb9b-4fc4-44e8-aa35-b92698a6c334.roa (raw, json) Hash identifier: ZRc8SmTjLak5iTn5uY+sIyXnQJjeR8VkRej7ygl8yac= Subject key identifier: 7F:E1:64:A2:DE:C4:0F:91:47:05:D1:73:C3:D0:57:EA:A5:BE:13:36 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4A19E9DDCEBA05BB577F2BD350F0D8ECC678E72F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ff7aeb9b-4fc4-44e8-aa35-b92698a6c334.roa Signing time: Wed 05 Nov 2025 00:00:04 +0000 ROA not before: Wed 05 Nov 2025 00:00:04 +0000 ROA not after: Wed 10 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:28c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 00:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:19:e9:dd:ce:ba:05:bb:57:7f:2b:d3:50:f0:d8:ec:c6:78:e7:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 5 00:00:04 2025 GMT Not After : Dec 10 23:59:59 2025 GMT Subject: serialNumber=22f2eb995158f9f49d71bae4db8c49fe323d44434577e25d8b7fbb2d59e7b8ea, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:62:d4:f8:be:24:23:06:1a:64:16:38:24:a0: 31:f8:ed:6a:96:5f:9b:39:67:db:11:7a:ca:71:10: 56:23:62:3c:ed:8e:74:9f:8f:23:e4:a6:7e:ee:a8: 38:8d:ea:d2:4b:ba:a4:ee:b7:2a:98:4f:6b:bf:74: 49:d5:ad:d5:1d:cf:9e:cf:8f:0f:44:46:8a:2a:cd: 58:ac:bb:26:a4:da:37:b9:73:35:dd:bf:2c:59:a9: 4f:88:db:1b:c3:21:cd:17:39:a5:45:86:dd:ee:6a: 10:c9:2d:a0:a5:e3:16:26:d8:e4:b7:aa:01:a8:25: 8a:8f:51:89:c8:c1:40:51:2d:cd:f8:b0:4a:fd:3b: 11:be:06:b2:49:2a:1d:de:f4:98:95:7b:72:3a:25: 61:09:2c:e2:f0:fe:b6:b3:80:31:c9:1c:7e:ca:8b: d8:9f:69:8d:0d:cd:ec:8f:3d:6a:fb:f3:af:66:34: d0:4f:bd:90:bf:4b:d1:36:12:e5:ff:20:9e:6d:b7: b8:ca:0d:ab:10:66:74:11:34:9c:16:cd:ca:ed:3f: d2:19:9e:41:f8:1c:7b:3d:42:34:46:c7:be:3e:76: 2e:26:41:bb:5e:95:97:e6:96:2e:4d:33:d2:a0:35: ef:6b:f3:10:b7:c8:95:85:b1:3c:e9:81:41:28:60: e5:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:E1:64:A2:DE:C4:0F:91:47:05:D1:73:C3:D0:57:EA:A5:BE:13:36 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ff7aeb9b-4fc4-44e8-aa35-b92698a6c334.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:28c0::/48 Signature Algorithm: sha256WithRSAEncryption 56:09:4e:25:43:3f:1d:c1:b7:fe:98:74:c0:fa:dd:75:a1:70: e2:30:43:be:15:b7:ad:7c:e9:05:d9:b6:63:f7:1f:78:c4:dd: fa:21:f1:28:fa:94:49:93:b3:32:96:34:a1:35:b1:bf:f4:e0: 31:4c:8a:15:74:a6:c5:4e:c3:ed:de:c7:9e:34:3d:10:df:7e: 48:79:92:d5:c8:26:1c:0f:4c:ff:3c:62:87:00:59:28:0d:f9: 3f:49:b7:f2:5e:28:8c:3f:0c:93:84:5b:ad:c5:e7:03:7f:95: b6:74:cc:13:f0:1e:34:1c:a1:3e:19:50:89:43:9f:5e:eb:1c: cd:8d:a0:50:c7:6c:b6:4e:62:ca:eb:42:19:02:ee:04:8f:0a: 3b:44:ee:8e:a2:1f:05:2a:35:90:ae:c8:cb:15:f0:79:ea:64: 50:ae:b5:8f:ad:7e:44:32:12:8b:71:4e:a9:93:c5:aa:29:4d: ca:36:24:cb:cd:87:b6:3c:c0:35:3f:aa:17:ac:f3:af:ef:3a: 0d:88:4c:39:25:5b:06:5c:d7:fa:a6:31:78:81:d5:75:35:05: 82:35:d5:7f:56:9d:a8:68:3d:f7:0e:44:01:77:f1:8f:ad:72: 95:19:09:69:c5:9a:1c:6a:3a:3a:c1:d1:6f:0e:84:99:da:32: e6:3c:2d:85 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUShnp3c66BbtXfyvTUPDY7MZ45y8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNTAwMDAwNFoX DTI1MTIxMDIzNTk1OVowejFJMEcGA1UEBRNAMjJmMmViOTk1MTU4ZjlmNDlkNzFi YWU0ZGI4YzQ5ZmUzMjNkNDQ0MzQ1NzdlMjVkOGI3ZmJiMmQ1OWU3YjhlYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mLU+L4kIwYaZBY4JKAx+O1qll+b OWfbEXrKcRBWI2I87Y50n48j5KZ+7qg4jerSS7qk7rcqmE9rv3RJ1a3VHc+ez48P REaKKs1YrLsmpNo3uXM13b8sWalPiNsbwyHNFzmlRYbd7moQyS2gpeMWJtjkt6oB qCWKj1GJyMFAUS3N+LBK/TsRvgaySSod3vSYlXtyOiVhCSzi8P62s4AxyRx+yovY n2mNDc3sjz1q+/OvZjTQT72Qv0vRNhLl/yCebbe4yg2rEGZ0ETScFs3K7T/SGZ5B +Bx7PUI0Rse+PnYuJkG7XpWX5pYuTTPSoDXva/MQt8iVhbE86YFBKGDluQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFH/hZKLexA+RRwXRc8PQV+qlvhM2MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZmN2FlYjliLTRmYzQtNDRlOC1hYTM1LWI5MjY5OGE2YzMzNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOCjAMA0GCSqGSIb3DQEBCwUAA4IBAQBWCU4lQz8dwbf+mHTA +t11oXDiMEO+FbetfOkF2bZj9x94xN36IfEo+pRJk7MyljShNbG/9OAxTIoVdKbF TsPt3seeND0Q335IeZLVyCYcD0z/PGKHAFkoDfk/SbfyXiiMPwyThFutxecDf5W2 dMwT8B40HKE+GVCJQ59e6xzNjaBQx2y2TmLK60IZAu4Ejwo7RO6Ooh8FKjWQrsjL FfB56mRQrrWPrX5EMhKLcU6pk8WqKU3KNiTLzYe2PMA1P6oXrPOv7zoNiEw5JVsG XNf6pjF4gdV1NQWCNdV/Vp2oaD33DkQBd/GPrXKVGQlpxZocajo6wdFvDoSZ2jLm PC2F -----END CERTIFICATE-----Generated at Wed Nov 5 09:51:31 2025 by rpki-client