$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f4fb3c5-ffd6-4ac8-9a84-32400beb25a7.roa File: 5f4fb3c5-ffd6-4ac8-9a84-32400beb25a7.roa (raw, json) Hash identifier: c6N10lf02nXge0zH5pDV5IpTVfbc2NpSl18k6fWrJdU= Subject key identifier: 44:97:07:A1:69:AC:18:54:D2:75:C6:00:06:EF:93:8F:30:DA:86:F8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 67248E97203D79246DEE80C44E4DC72AD5DA6EFF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f4fb3c5-ffd6-4ac8-9a84-32400beb25a7.roa Signing time: Fri 07 Nov 2025 00:30:33 +0000 ROA not before: Fri 07 Nov 2025 00:30:33 +0000 ROA not after: Fri 12 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:f040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:24:8e:97:20:3d:79:24:6d:ee:80:c4:4e:4d:c7:2a:d5:da:6e:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 7 00:30:33 2025 GMT Not After : Dec 12 23:59:59 2025 GMT Subject: serialNumber=d0743629f7b7e6385ad51f94a2cb4816daf2e5c3f1e46435e219670e36e66192, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:83:60:06:08:38:b7:c9:50:67:9d:35:e3:54: 40:02:83:16:3f:eb:2a:f7:69:22:82:a0:fa:63:df: 7c:ba:9a:26:fe:b3:4a:60:51:98:56:ef:eb:41:e4: b0:06:10:51:b4:7b:d2:d2:15:22:ad:b9:2a:da:f6: 94:3d:5b:c9:e0:6d:fa:27:7f:0e:8c:d7:9d:a4:53: 1e:10:68:40:b7:98:d4:4f:9d:91:83:b7:3e:56:e9: 62:e9:21:7f:e2:a9:51:44:68:b1:6b:a8:11:23:bf: 65:d4:cd:0a:b7:4d:e7:4e:45:82:1a:58:21:e5:32: f9:74:77:4c:8e:d2:2a:ec:cf:0d:93:6d:a4:99:05: d5:7b:bf:71:9c:cc:fb:b6:5c:1c:a1:5e:6b:86:bd: 8b:81:0a:dd:ea:2c:31:37:63:95:a8:ae:fa:1b:1f: 15:d5:b7:7f:31:0f:e8:28:ba:c4:f0:b0:3c:d0:69: 54:78:e9:f1:eb:f2:1d:b0:ff:41:5d:e1:22:4e:ca: ff:2a:2e:97:96:84:ef:a0:ef:c5:5c:93:c9:ab:a8: 70:a3:68:3b:69:ad:db:46:ba:5c:d5:05:8c:8b:c8: 14:2f:5d:77:dd:a6:c3:e8:7a:cd:25:21:6e:da:49: fd:9c:d9:e1:09:6d:ae:c2:c6:43:39:12:02:8b:a5: 95:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:97:07:A1:69:AC:18:54:D2:75:C6:00:06:EF:93:8F:30:DA:86:F8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f4fb3c5-ffd6-4ac8-9a84-32400beb25a7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:f040::/48 Signature Algorithm: sha256WithRSAEncryption 45:9d:c3:bb:db:79:1a:4a:d8:2b:f8:29:23:d6:b6:1c:f3:48: 7c:fb:e4:f8:50:16:12:c7:82:f9:16:d3:1a:89:0e:b7:ae:86: e8:ff:6e:5e:cd:17:8d:b7:45:b1:2a:e5:73:3f:08:af:a0:cd: 2c:bf:b3:61:1d:0b:40:06:8b:9c:9e:4c:0a:68:38:9f:5b:7e: 2b:69:db:6e:8b:75:63:48:6c:2f:f0:2b:91:84:d8:eb:84:43: 15:68:06:8e:98:71:ea:80:57:80:94:80:73:e9:30:b3:1f:d0: ae:be:ae:1a:09:86:4f:b7:06:d3:72:0f:ab:cc:73:9b:1d:8a: cb:fa:3f:52:9e:8d:89:8b:56:e0:1e:8e:1b:90:ec:d7:aa:bc: ac:16:12:43:11:26:fa:1b:f4:09:23:16:da:13:4f:bc:ad:d0: 88:0c:7c:59:d4:6b:ab:6a:2c:de:ba:23:16:09:24:c2:43:a5: 2a:53:4c:71:26:25:93:0c:8e:64:ae:87:34:ca:43:d0:de:62: ce:69:ff:7f:b3:56:6f:83:8b:d4:30:7d:4a:fb:b8:9f:94:74: f3:9c:07:55:f5:5f:ec:20:19:a5:4b:23:11:ab:ae:d0:25:2a: d7:78:bc:2b:a7:1a:b7:dc:48:d6:95:03:58:45:66:0d:3b:f5: a0:be:33:1e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZySOlyA9eSRt7oDETk3HKtXabv8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNzAwMzAzM1oX DTI1MTIxMjIzNTk1OVowejFJMEcGA1UEBRNAZDA3NDM2MjlmN2I3ZTYzODVhZDUx Zjk0YTJjYjQ4MTZkYWYyZTVjM2YxZTQ2NDM1ZTIxOTY3MGUzNmU2NjE5MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6INgBgg4t8lQZ50141RAAoMWP+sq 92kigqD6Y998upom/rNKYFGYVu/rQeSwBhBRtHvS0hUirbkq2vaUPVvJ4G36J38O jNedpFMeEGhAt5jUT52Rg7c+Vuli6SF/4qlRRGixa6gRI79l1M0Kt03nTkWCGlgh 5TL5dHdMjtIq7M8Nk22kmQXVe79xnMz7tlwcoV5rhr2LgQrd6iwxN2OVqK76Gx8V 1bd/MQ/oKLrE8LA80GlUeOnx6/IdsP9BXeEiTsr/Ki6XloTvoO/FXJPJq6hwo2g7 aa3bRrpc1QWMi8gUL1133abD6HrNJSFu2kn9nNnhCW2uwsZDORICi6WVpQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFESXB6FprBhU0nXGAAbvk48w2ob4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVmNGZiM2M1LWZmZDYtNGFjOC05YTg0LTMyNDAwYmViMjVhNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYfBAMA0GCSqGSIb3DQEBCwUAA4IBAQBFncO723kaStgr+Ckj 1rYc80h8++T4UBYSx4L5FtMaiQ63robo/25ezReNt0WxKuVzPwivoM0sv7NhHQtA BoucnkwKaDifW34radtui3VjSGwv8CuRhNjrhEMVaAaOmHHqgFeAlIBz6TCzH9Cu vq4aCYZPtwbTcg+rzHObHYrL+j9Sno2Ji1bgHo4bkOzXqrysFhJDESb6G/QJIxba E0+8rdCIDHxZ1GuraizeuiMWCSTCQ6UqU0xxJiWTDI5kroc0ykPQ3mLOaf9/s1Zv g4vUMH1K+7iflHTznAdV9V/sIBmlSyMRq67QJSrXeLwrpxq33EjWlQNYRWYNO/Wg vjMe -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:59 2025 by rpki-client