$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/faf03c26-86cc-4b80-a160-2861ff66c03b.roa File: faf03c26-86cc-4b80-a160-2861ff66c03b.roa (raw, json) Hash identifier: a1F8JKn/GJZFxgrO1f5imz3qngQRf4eUf3VZ+EiISZo= Subject key identifier: 4A:64:EB:9F:E9:82:C3:6A:AB:6E:68:EE:16:08:CB:DA:9B:F9:75:75 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2F9A67F9C7807EA00B063936AC20C6E10489E34D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/faf03c26-86cc-4b80-a160-2861ff66c03b.roa Signing time: Sat 11 Oct 2025 00:00:37 +0000 ROA not before: Sat 11 Oct 2025 00:00:37 +0000 ROA not after: Sat 15 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:c0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:9a:67:f9:c7:80:7e:a0:0b:06:39:36:ac:20:c6:e1:04:89:e3:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 11 00:00:37 2025 GMT Not After : Nov 15 23:59:59 2025 GMT Subject: serialNumber=c83364bc89425632440de3d4fadfbd302200246d1cfbf93a88239ecad3471844, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:61:3e:2e:b4:63:4c:de:26:0a:a4:06:c0:a6: d0:f2:56:e7:39:7a:25:e3:84:72:da:89:69:90:ca: 5a:d8:dd:30:f5:03:5b:ca:b1:8f:e9:85:8a:25:e7: 34:98:f5:7a:05:54:3d:52:1a:fb:6d:73:41:c8:73: ae:31:8b:bc:89:a6:81:a6:f5:58:e8:7c:fa:40:83: 2c:de:dc:c6:7e:15:c0:a7:36:c4:25:b4:92:ef:51: 69:7f:40:cd:64:32:8e:55:ff:6d:e3:44:24:71:c5: 1f:f7:b6:52:03:e6:45:1a:dd:87:2e:10:da:b0:cc: b9:51:68:4e:e2:73:88:fa:26:00:40:01:c7:25:6d: 59:50:99:93:60:26:54:c9:c1:92:0e:a4:1d:dd:df: 8f:a8:e2:19:ec:ef:91:af:3b:dc:0b:7e:33:20:37: 9b:52:26:92:fb:8d:5d:d6:35:09:88:4e:4f:51:e3: aa:54:d6:2c:6b:f3:6f:67:7b:96:98:ac:76:2c:32: 20:45:f4:4f:0b:88:3c:6b:8f:0b:d6:3e:88:f6:31: c6:9d:4b:25:e3:73:88:cd:7a:03:a4:e8:b0:c7:80: da:16:d4:8c:b2:ac:b1:3c:e1:24:6e:1f:7e:f4:14: 4d:2c:e8:94:e7:e4:43:84:2c:db:24:47:c6:8e:c7: 11:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:64:EB:9F:E9:82:C3:6A:AB:6E:68:EE:16:08:CB:DA:9B:F9:75:75 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/faf03c26-86cc-4b80-a160-2861ff66c03b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:c0c0::/48 Signature Algorithm: sha256WithRSAEncryption 75:74:63:3a:12:f6:7c:1c:3b:e1:65:51:0e:5f:d3:fd:d9:8d: b4:7a:bc:98:99:fc:41:ab:e2:23:49:a5:04:68:8c:72:ae:20: df:bd:7b:ca:a9:a8:1c:af:d3:e1:6b:71:33:ac:df:48:a7:14: da:8b:72:92:3d:d1:84:54:5e:3d:2c:24:c7:73:c4:43:17:59: 85:03:41:c1:17:0c:02:1f:6a:fd:07:bf:74:26:14:8b:12:36: 9e:8e:74:2b:87:5d:b7:97:1c:64:d5:6d:8d:4b:4d:59:f3:a3: 3e:3c:93:f7:7c:2f:2a:ed:b2:cf:78:c4:f6:14:f1:2b:f5:ce: 45:3a:1e:9f:63:67:43:0d:d0:be:c2:0c:0b:dd:b2:60:34:fa: 7f:66:ce:0b:52:2f:59:f2:d6:af:0c:ce:be:b0:24:5a:b2:9f: c5:e9:1c:25:12:95:5a:0d:f3:a6:e5:9c:d7:e3:83:ea:8c:79: 6e:b6:68:61:12:d3:47:77:2a:d3:6d:09:8b:15:4b:10:cc:c8: bd:66:f7:9b:9b:2a:89:99:69:1c:5e:76:10:7a:76:dc:e7:12: e9:10:73:c4:de:52:51:e9:2b:e8:92:b6:a2:65:69:f7:82:ac: 3e:41:a9:4f:9c:b5:e2:33:b1:95:27:41:7e:c1:59:74:1c:19: 06:43:c0:ba -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUL5pn+ceAfqALBjk2rCDG4QSJ400wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTAxMTAwMDAzN1oX DTI1MTExNTIzNTk1OVowejFJMEcGA1UEBRNAYzgzMzY0YmM4OTQyNTYzMjQ0MGRl M2Q0ZmFkZmJkMzAyMjAwMjQ2ZDFjZmJmOTNhODgyMzllY2FkMzQ3MTg0NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymE+LrRjTN4mCqQGwKbQ8lbnOXol 44Ry2olpkMpa2N0w9QNbyrGP6YWKJec0mPV6BVQ9Uhr7bXNByHOuMYu8iaaBpvVY 6Hz6QIMs3tzGfhXApzbEJbSS71Fpf0DNZDKOVf9t40QkccUf97ZSA+ZFGt2HLhDa sMy5UWhO4nOI+iYAQAHHJW1ZUJmTYCZUycGSDqQd3d+PqOIZ7O+RrzvcC34zIDeb UiaS+41d1jUJiE5PUeOqVNYsa/NvZ3uWmKx2LDIgRfRPC4g8a48L1j6I9jHGnUsl 43OIzXoDpOiwx4DaFtSMsqyxPOEkbh9+9BRNLOiU5+RDhCzbJEfGjscREwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEpk65/pgsNqq25o7hYIy9qb+XV1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZhZjAzYzI2LTg2Y2MtNGI4MC1hMTYwLTI4NjFmZjY2YzAzYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYcDAMA0GCSqGSIb3DQEBCwUAA4IBAQB1dGM6EvZ8HDvhZVEO X9P92Y20eryYmfxBq+IjSaUEaIxyriDfvXvKqagcr9Pha3EzrN9IpxTai3KSPdGE VF49LCTHc8RDF1mFA0HBFwwCH2r9B790JhSLEjaejnQrh123lxxk1W2NS01Z86M+ PJP3fC8q7bLPeMT2FPEr9c5FOh6fY2dDDdC+wgwL3bJgNPp/Zs4LUi9Z8tavDM6+ sCRasp/F6RwlEpVaDfOm5ZzX44PqjHlutmhhEtNHdyrTbQmLFUsQzMi9ZvebmyqJ mWkcXnYQenbc5xLpEHPE3lJR6SvokraiZWn3gqw+QalPnLXiM7GVJ0F+wVl0HBkG Q8C6 -----END CERTIFICATE-----Generated at Mon Oct 20 12:56:56 2025 by rpki-client