$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/070bdab9-7162-422b-9f8a-f8d4ae428be1.roa File: 070bdab9-7162-422b-9f8a-f8d4ae428be1.roa (raw, json) Hash identifier: bf3LbXs9ClrK3rla0WOVGXzaUFBYseGOTaLAV5g6E5Q= Subject key identifier: 7C:AC:7C:44:A8:BC:8A:AD:6A:DA:C9:76:EF:FF:47:52:07:6F:62:B2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 65E59D0A9A6F28F9FF68CEF82E43B344586DB7DE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/070bdab9-7162-422b-9f8a-f8d4ae428be1.roa Signing time: Sat 15 Nov 2025 00:00:09 +0000 ROA not before: Sat 15 Nov 2025 00:00:09 +0000 ROA not after: Sat 20 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da2a:8000::/37 maxlen: 37 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:e5:9d:0a:9a:6f:28:f9:ff:68:ce:f8:2e:43:b3:44:58:6d:b7:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 15 00:00:09 2025 GMT Not After : Dec 20 23:59:59 2025 GMT Subject: serialNumber=b745b89f47c199507d6f17b9b40020de70f7ff10b7bcebc50a329cb92a396328, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:c7:88:f6:48:5b:94:70:1b:4c:06:d6:e4:32: 17:d4:27:36:7a:f9:b6:fe:64:07:23:7d:02:8d:6a: 6b:8c:fe:14:e6:de:2a:be:2a:3a:93:ac:45:e9:75: 40:f1:6e:f1:a5:d3:42:9e:24:3c:ec:43:e8:cc:c1: 9e:44:f0:55:07:f9:f5:ab:37:16:cd:36:e7:24:84: e9:34:41:16:82:6a:40:72:4b:c1:06:20:6f:b3:c0: c7:38:04:45:0a:e8:41:61:f4:f3:39:e2:77:84:fa: 17:f9:4e:d1:77:45:f8:b3:9e:6e:8f:20:6f:06:60: 9a:ce:ea:68:98:c1:81:66:6d:b1:00:98:32:a1:ed: 6a:82:60:f7:c2:cb:d6:53:80:ce:6c:29:f0:5b:1e: a0:9c:8f:8c:75:25:9d:1a:7d:c8:c7:ce:ef:65:0c: fd:93:89:72:f9:54:27:57:f1:84:87:8e:4c:55:fd: 83:be:e3:70:e7:f5:d9:27:23:6f:9d:c4:12:38:9e: 76:62:60:b4:b5:f6:7d:ea:18:4d:b7:38:22:52:e5: 02:40:9f:f9:56:81:8a:cc:b4:cf:47:fe:3d:72:ed: 8f:b3:1a:b6:e8:99:06:3e:0a:3c:7c:1b:73:0f:6d: e9:2a:7b:1f:1e:e8:b4:e6:86:f6:c2:fe:ae:10:7f: ab:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:AC:7C:44:A8:BC:8A:AD:6A:DA:C9:76:EF:FF:47:52:07:6F:62:B2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/070bdab9-7162-422b-9f8a-f8d4ae428be1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da2a:8000::/37 Signature Algorithm: sha256WithRSAEncryption aa:0e:38:bf:61:05:9a:5c:96:81:f5:10:2f:b3:90:7e:25:a8: c8:e8:64:31:e2:6a:0a:db:82:b0:6d:56:74:db:1c:e3:65:3c: 76:6d:b2:3b:13:23:9f:2b:b5:04:0e:0f:3f:9e:b6:e6:6d:b7: 04:a7:57:bc:68:e9:c4:0d:e1:04:cd:c2:0e:9b:3b:66:27:a6: ea:bc:4d:d5:f3:6b:ec:08:e6:fd:03:56:51:2a:a9:3e:3b:7f: 49:cf:78:0b:a7:a1:30:d7:7a:1d:a3:3d:45:58:26:bb:61:c8: f5:5a:35:9b:c6:93:f3:ed:5d:ae:93:c2:5d:ab:12:9e:fc:68: 78:92:49:43:b2:4f:d6:d3:1a:36:90:16:12:35:d4:0d:2c:68: 71:d7:bf:31:03:34:fe:d2:a7:60:57:c5:8d:25:d1:a6:70:28: 32:9d:e8:4f:84:4e:af:b0:d9:c2:14:a7:54:6e:89:6a:e8:7a: be:b4:2b:1f:7a:db:35:06:b8:9e:08:3d:0f:6f:21:0c:8e:67: dc:6a:29:46:94:a2:a4:dc:c2:7c:bf:f7:35:76:11:5a:68:66: 24:f0:d8:76:79:98:ef:d8:c2:4a:42:44:21:88:9b:39:a4:49: 15:4d:84:5f:73:f7:cc:a8:ac:bf:fa:4f:79:00:40:aa:09:fd: 37:af:7a:67 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZeWdCppvKPn/aM74LkOzRFhtt94wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTExNTAwMDAwOVoX DTI1MTIyMDIzNTk1OVowejFJMEcGA1UEBRNAYjc0NWI4OWY0N2MxOTk1MDdkNmYx N2I5YjQwMDIwZGU3MGY3ZmYxMGI3YmNlYmM1MGEzMjljYjkyYTM5NjMyODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkceI9khblHAbTAbW5DIX1Cc2evm2 /mQHI30CjWprjP4U5t4qvio6k6xF6XVA8W7xpdNCniQ87EPozMGeRPBVB/n1qzcW zTbnJITpNEEWgmpAckvBBiBvs8DHOARFCuhBYfTzOeJ3hPoX+U7Rd0X4s55ujyBv BmCazupomMGBZm2xAJgyoe1qgmD3wsvWU4DObCnwWx6gnI+MdSWdGn3Ix87vZQz9 k4ly+VQnV/GEh45MVf2DvuNw5/XZJyNvncQSOJ52YmC0tfZ96hhNtzgiUuUCQJ/5 VoGKzLTPR/49cu2Psxq26JkGPgo8fBtzD23pKnsfHui05ob2wv6uEH+rUwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHysfESovIqtatrJdu//R1IHb2KyMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA3MGJkYWI5LTcxNjItNDIyYi05ZjhhLWY4ZDRhZTQyOGJlMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYDJAbaKoAwDQYJKoZIhvcNAQELBQADggEBAKoOOL9hBZpcloH1EC+z kH4lqMjoZDHiagrbgrBtVnTbHONlPHZtsjsTI58rtQQODz+etuZttwSnV7xo6cQN 4QTNwg6bO2Ynpuq8TdXza+wI5v0DVlEqqT47f0nPeAunoTDXeh2jPUVYJrthyPVa NZvGk/PtXa6Twl2rEp78aHiSSUOyT9bTGjaQFhI11A0saHHXvzEDNP7Sp2BXxY0l 0aZwKDKd6E+ETq+w2cIUp1RuiWroer60Kx962zUGuJ4IPQ9vIQyOZ9xqKUaUoqTc wny/9zV2EVpoZiTw2HZ5mO/YwkpCRCGImzmkSRVNhF9z98yorL/6T3kAQKoJ/Tev emc= -----END CERTIFICATE-----Generated at Tue Nov 18 09:37:12 2025 by rpki-client