$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/404b1f09-58ed-4d8b-8b95-8dfe3d833427.roa File: 404b1f09-58ed-4d8b-8b95-8dfe3d833427.roa (raw, json) Hash identifier: P3Y210Z6aUqWhfrcTAs1gVKaUOQUBOYhDT8F3fcXiSE= Subject key identifier: 93:A4:2F:A7:80:FF:A4:3C:7B:68:FC:54:B6:AA:C9:DE:28:DB:53:EF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 363E37AA476C70CCDC9931B823DE740612BE6F7E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/404b1f09-58ed-4d8b-8b95-8dfe3d833427.roa Signing time: Tue 11 Nov 2025 00:00:10 +0000 ROA not before: Tue 11 Nov 2025 00:00:10 +0000 ROA not after: Tue 16 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:3e:37:aa:47:6c:70:cc:dc:99:31:b8:23:de:74:06:12:be:6f:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 11 00:00:10 2025 GMT Not After : Dec 16 23:59:59 2025 GMT Subject: serialNumber=37ff456b9e8bc3436f94af83294c6a5f85f1c3aad7fe61e46abfb1d06a1b4fd8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:2e:5a:4c:66:ff:ff:e7:5f:16:3f:e8:40:be: 06:a3:53:97:1e:dd:a2:c9:22:62:63:05:cf:d2:af: 5f:25:97:56:83:ea:d6:d2:af:00:2a:a3:40:ca:38: c8:23:38:fd:4d:02:97:4a:a0:a7:21:23:9d:46:85: ec:47:c6:0a:98:39:55:76:1e:5e:44:8b:24:07:2a: ae:a8:52:b7:8b:ff:e4:dc:58:bb:24:9f:8a:39:7c: 6f:fb:9f:da:30:24:ae:e7:e9:b9:82:85:ad:0b:aa: ba:24:e7:5f:b0:8e:86:27:b0:1f:68:7f:eb:fe:7b: af:5b:22:ab:d1:fd:ab:bd:8d:4b:4f:17:6f:7a:28: ea:f5:85:5a:67:07:6d:ac:b6:56:c0:c9:50:55:32: 1e:74:45:a0:18:2d:63:15:98:e2:93:d9:3b:cd:9f: 57:3f:6e:33:c6:28:ae:61:2d:30:28:81:66:c3:96: 1f:91:55:70:f5:4d:99:a7:88:9a:96:a6:fe:33:98: fa:18:fb:54:86:5c:49:ef:e7:40:ed:bb:78:15:37: d6:50:af:86:18:50:fa:4d:54:b7:c7:96:8a:29:52: e3:42:e3:47:db:22:53:63:59:38:74:2f:e0:a6:a2: f8:2f:6d:6c:2c:73:89:dc:a1:92:59:82:ce:00:4e: 90:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:A4:2F:A7:80:FF:A4:3C:7B:68:FC:54:B6:AA:C9:DE:28:DB:53:EF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/404b1f09-58ed-4d8b-8b95-8dfe3d833427.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5::/32 Signature Algorithm: sha256WithRSAEncryption 25:3e:3e:5f:aa:9e:40:3d:92:7b:00:c9:4f:d5:47:f6:09:9a: 5c:5b:cf:b3:9b:bb:07:e4:c0:69:52:ba:8f:53:f7:41:a8:3f: 5e:ff:2f:9c:ca:67:e2:bb:b4:00:8e:8e:87:fe:65:4e:d9:31: 21:93:cc:a2:a3:3c:0b:3c:b8:1b:71:50:7c:10:40:c1:64:ce: 1c:92:a6:e4:93:5a:48:ca:c3:17:30:95:42:72:6c:fe:36:b1: 88:d5:ef:c9:07:81:09:1a:5b:24:12:f0:ae:05:3d:33:d1:c9: 45:40:77:1d:f6:ee:48:ec:1c:b6:38:59:de:6a:88:9d:a7:0f: 33:d1:f1:62:dc:4e:ca:d1:9f:54:97:21:cc:d9:1f:15:73:c5: fd:ea:05:f9:8b:96:1e:af:fc:53:54:2d:3b:fa:e5:5b:45:d2: 89:b2:cc:88:cd:93:9d:c6:7e:8c:40:1e:38:cd:08:47:5a:f2: d3:3f:12:44:f4:06:28:1d:38:21:2c:9a:c9:50:fb:64:c1:ca: 4a:7b:70:f0:81:df:54:50:2e:0c:58:e0:d7:c3:c6:69:40:1a: ea:1d:a4:ac:6f:e8:ee:2c:05:f3:8a:45:11:56:15:c5:17:b3: cd:f2:46:32:20:96:df:40:18:d0:91:68:a1:fd:e2:04:c1:b1: 45:56:9c:d0 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUNj43qkdscMzcmTG4I950BhK+b34wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTExMTAwMDAxMFoX DTI1MTIxNjIzNTk1OVowejFJMEcGA1UEBRNAMzdmZjQ1NmI5ZThiYzM0MzZmOTRh ZjgzMjk0YzZhNWY4NWYxYzNhYWQ3ZmU2MWU0NmFiZmIxZDA2YTFiNGZkODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmC5aTGb//+dfFj/oQL4Go1OXHt2i ySJiYwXP0q9fJZdWg+rW0q8AKqNAyjjIIzj9TQKXSqCnISOdRoXsR8YKmDlVdh5e RIskByquqFK3i//k3Fi7JJ+KOXxv+5/aMCSu5+m5goWtC6q6JOdfsI6GJ7AfaH/r /nuvWyKr0f2rvY1LTxdveijq9YVaZwdtrLZWwMlQVTIedEWgGC1jFZjik9k7zZ9X P24zxiiuYS0wKIFmw5YfkVVw9U2Zp4ialqb+M5j6GPtUhlxJ7+dA7bt4FTfWUK+G GFD6TVS3x5aKKVLjQuNH2yJTY1k4dC/gpqL4L21sLHOJ3KGSWYLOAE6QtwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFJOkL6eA/6Q8e2j8VLaqyd4o21PvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQwNGIxZjA5LTU4ZWQtNGQ4Yi04Yjk1LThkZmUzZDgzMzQyNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAba9TANBgkqhkiG9w0BAQsFAAOCAQEAJT4+X6qeQD2SewDJT9VH 9gmaXFvPs5u7B+TAaVK6j1P3Qag/Xv8vnMpn4ru0AI6Oh/5lTtkxIZPMoqM8Czy4 G3FQfBBAwWTOHJKm5JNaSMrDFzCVQnJs/jaxiNXvyQeBCRpbJBLwrgU9M9HJRUB3 HfbuSOwctjhZ3mqInacPM9HxYtxOytGfVJchzNkfFXPF/eoF+YuWHq/8U1QtO/rl W0XSibLMiM2TncZ+jEAeOM0IR1ry0z8SRPQGKB04ISyayVD7ZMHKSntw8IHfVFAu DFjg18PGaUAa6h2krG/o7iwF84pFEVYVxRezzfJGMiCW30AY0JFoof3iBMGxRVac 0A== -----END CERTIFICATE-----Generated at Tue Nov 18 09:36:57 2025 by rpki-client