$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/57e5a746-78cb-4122-b964-f449ba6f6e5f.roa File: 57e5a746-78cb-4122-b964-f449ba6f6e5f.roa (raw, json) Hash identifier: U2TcTx/bYoeSsWxtD0DmCFiFzMAPUPh32GlKh8P7Htc= Subject key identifier: 96:95:D6:D2:88:7C:F5:3A:BE:36:20:41:0E:E1:D0:5C:E6:D7:FE:CF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 27E84E4639FB95F9FF1112FF314F48EEC3FAF5BE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/57e5a746-78cb-4122-b964-f449ba6f6e5f.roa Signing time: Sat 08 Nov 2025 00:20:36 +0000 ROA not before: Sat 08 Nov 2025 00:20:36 +0000 ROA not after: Sat 13 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:e8:4e:46:39:fb:95:f9:ff:11:12:ff:31:4f:48:ee:c3:fa:f5:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 8 00:20:36 2025 GMT Not After : Dec 13 23:59:59 2025 GMT Subject: serialNumber=14ee8813f701ff45e3e65a911dc26eac044122ced1a24dcb7515e098f7f6dbd4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:6d:27:25:9e:e2:8c:07:30:cb:1e:b0:57:de: 32:c4:08:4d:10:67:34:a5:e1:b8:03:16:22:79:55: a3:53:4d:ee:0a:68:3b:fb:80:2a:ce:fe:65:39:5d: 23:0f:71:db:3b:8a:7c:5e:90:f7:58:47:11:f1:9a: 7e:cc:cf:06:44:f6:c6:a6:c4:b6:13:7d:ca:19:fe: 01:81:e4:33:48:19:95:ad:2e:c4:67:22:ce:fd:29: 56:c3:64:11:99:91:ff:61:2d:75:35:f1:c3:a3:ee: 67:96:ac:3b:82:f7:8a:4b:76:da:24:f9:87:94:01: e6:4c:56:92:23:7c:6c:b0:95:2e:6f:7b:78:ec:19: 87:de:91:6e:1c:43:38:5c:e2:92:f2:54:83:41:df: d7:6d:b2:11:1a:de:f1:b8:4a:ad:5a:04:b9:16:63: af:b3:9c:8c:94:d7:78:15:18:f6:f1:39:70:4d:d5: 03:18:38:c5:35:c3:7c:0e:c9:68:d9:db:04:a9:8e: cc:5b:af:89:61:75:a6:ea:3e:5b:2a:df:dd:b8:43: 4e:86:5c:c6:88:9a:6b:61:db:cf:fb:d8:6d:4e:58: 4c:3d:c3:74:d1:e4:09:73:80:94:c1:8c:a3:95:32: 66:a0:d3:2f:9f:6e:99:93:c5:0e:96:6c:4c:fd:1a: e4:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:95:D6:D2:88:7C:F5:3A:BE:36:20:41:0E:E1:D0:5C:E6:D7:FE:CF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/57e5a746-78cb-4122-b964-f449ba6f6e5f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:a000::/40 Signature Algorithm: sha256WithRSAEncryption 77:4d:1c:e6:cb:64:8b:d8:cc:3e:d7:69:7c:65:cc:69:88:e6: 2f:a1:b0:45:65:69:dd:b0:ca:d6:3c:88:19:81:2a:fd:53:7e: ea:4b:f9:38:6a:e2:55:7b:8c:fe:6c:1e:c0:35:1a:10:54:6c: 02:e1:ab:19:2b:c9:7d:cf:f3:09:d6:7e:52:e9:b6:19:62:cf: 91:e8:c0:bf:2b:91:7a:73:2d:55:78:32:3d:84:36:5d:69:9c: 4b:30:8d:84:22:04:9d:61:7d:58:33:23:54:2e:ee:3b:34:9e: cc:7b:f7:a5:f7:be:13:65:c6:fe:f0:9c:2d:d5:36:5d:42:22: 95:37:28:9a:74:09:77:f7:1c:1f:87:94:2d:e4:0f:1f:45:29: 4c:47:47:a2:cb:e5:5b:d2:00:d7:ba:f5:9b:40:a8:70:0f:8c: 0e:29:a2:86:9f:99:33:91:44:12:6c:5c:b5:7b:25:07:c6:9f: ae:a9:87:fe:ec:7c:d1:b8:5c:d3:68:7f:00:df:67:23:5b:86: 78:27:94:55:68:3c:ed:91:3b:2c:7c:f7:73:ae:2e:cd:58:74: 1a:bc:16:39:69:d8:31:56:22:d9:55:14:ab:8a:b0:5a:db:c5: 91:40:e0:2f:1c:00:e5:54:ae:c9:fd:6f:80:de:cd:61:ec:50: c8:cd:9b:41 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJ+hORjn7lfn/ERL/MU9I7sP69b4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwODAwMjAzNloX DTI1MTIxMzIzNTk1OVowejFJMEcGA1UEBRNAMTRlZTg4MTNmNzAxZmY0NWUzZTY1 YTkxMWRjMjZlYWMwNDQxMjJjZWQxYTI0ZGNiNzUxNWUwOThmN2Y2ZGJkNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjG0nJZ7ijAcwyx6wV94yxAhNEGc0 peG4AxYieVWjU03uCmg7+4Aqzv5lOV0jD3HbO4p8XpD3WEcR8Zp+zM8GRPbGpsS2 E33KGf4BgeQzSBmVrS7EZyLO/SlWw2QRmZH/YS11NfHDo+5nlqw7gveKS3baJPmH lAHmTFaSI3xssJUub3t47BmH3pFuHEM4XOKS8lSDQd/XbbIRGt7xuEqtWgS5FmOv s5yMlNd4FRj28TlwTdUDGDjFNcN8Dslo2dsEqY7MW6+JYXWm6j5bKt/duENOhlzG iJprYdvP+9htTlhMPcN00eQJc4CUwYyjlTJmoNMvn26Zk8UOlmxM/RrkxwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJaV1tKIfPU6vjYgQQ7h0Fzm1/7PMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU3ZTVhNzQ2LTc4Y2ItNDEyMi1iOTY0LWY0NDliYTZmNmU1Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOKAwDQYJKoZIhvcNAQELBQADggEBAHdNHObLZIvYzD7XaXxl zGmI5i+hsEVlad2wytY8iBmBKv1TfupL+Thq4lV7jP5sHsA1GhBUbALhqxkryX3P 8wnWflLpthliz5HowL8rkXpzLVV4Mj2ENl1pnEswjYQiBJ1hfVgzI1Qu7js0nsx7 96X3vhNlxv7wnC3VNl1CIpU3KJp0CXf3HB+HlC3kDx9FKUxHR6LL5VvSANe69ZtA qHAPjA4pooafmTORRBJsXLV7JQfGn66ph/7sfNG4XNNofwDfZyNbhngnlFVoPO2R Oyx893OuLs1YdBq8Fjlp2DFWItlVFKuKsFrbxZFA4C8cAOVUrsn9b4DezWHsUMjN m0E= -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:29 2025 by rpki-client