$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/61c0a164-da93-428a-bae0-35d34ec93555.roa File: 61c0a164-da93-428a-bae0-35d34ec93555.roa (raw, json) Hash identifier: V8ElVQ+h21sEr5GW88s+6yopWozuFin+DEtKr8oE3fo= Subject key identifier: FB:93:88:90:64:AD:58:5F:36:37:86:9B:42:3C:AB:4E:19:E8:16:EB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 23A18792EBFD273A7A6D0A674CE846B3122BB0BA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/61c0a164-da93-428a-bae0-35d34ec93555.roa Signing time: Sun 09 Nov 2025 00:40:53 +0000 ROA not before: Sun 09 Nov 2025 00:40:53 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1a:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:a1:87:92:eb:fd:27:3a:7a:6d:0a:67:4c:e8:46:b3:12:2b:b0:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:40:53 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=b4279cfccbff84e22d4a23dd6ca5cbf6c275c6d123e32346c7664d7855340d28, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:22:6c:0d:d1:63:bf:27:45:f6:8c:27:e7:79: 29:2e:8b:47:e2:80:23:39:c2:11:51:d2:ca:0e:e2: 80:12:83:3b:f0:d6:23:44:c0:c9:69:23:7f:90:38: cb:7a:53:5a:c6:5c:9f:ca:dd:23:91:a9:c2:63:ec: 83:67:1d:e5:c1:d5:5c:af:bc:9f:57:63:5b:69:94: d6:c8:33:8c:5b:34:93:86:0e:29:3c:73:60:0b:54: 69:aa:47:20:35:6c:3b:66:03:c3:35:de:ba:5e:85: 2e:c7:58:21:96:ec:c6:59:c6:cf:ca:47:e3:41:da: 18:b5:9e:bc:e1:38:86:73:9b:60:79:e4:ab:b9:3a: 7a:e4:e6:41:0e:31:6f:7f:29:01:3f:33:68:97:df: bd:a8:c7:3f:f4:0f:8e:69:0e:a8:09:f4:8d:fe:97: 9e:25:76:6d:a4:a6:11:5f:64:ff:48:d9:79:71:da: 05:19:9d:fe:94:e6:12:80:48:f0:d0:09:03:86:9d: 31:3f:8c:8a:95:f1:0f:57:13:05:37:43:bf:b8:12: 3f:50:c5:d6:da:ed:e2:b3:30:90:3c:d0:48:72:c3: 6d:ae:57:9f:a0:c2:fe:83:65:48:93:04:90:c8:29: 2f:f8:e9:13:79:f3:bb:30:e0:5f:c8:11:22:6b:e9: 39:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:93:88:90:64:AD:58:5F:36:37:86:9B:42:3C:AB:4E:19:E8:16:EB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/61c0a164-da93-428a-bae0-35d34ec93555.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1a:400::/38 Signature Algorithm: sha256WithRSAEncryption 73:8d:bb:40:b7:ac:53:17:10:fa:c6:19:60:2c:84:a9:9a:0c: db:ad:df:c7:a7:9a:f9:d0:1d:3d:27:75:9d:fc:47:a4:d4:dd: 6c:01:ce:b8:be:bc:af:36:dd:73:36:c5:e0:5d:8d:84:d5:4b: 1b:c2:97:19:3e:ac:fc:d7:3f:7e:28:21:d5:d2:d2:a6:d4:46: ef:f9:67:40:10:82:1e:88:c4:39:20:70:75:42:4e:4c:24:14: 26:e6:3e:03:be:83:d1:d3:43:87:bf:56:04:43:0a:1d:fe:23: d5:5a:08:a1:d4:98:49:00:39:df:92:6a:be:bf:37:e9:82:ca: 12:81:92:37:b0:62:55:bc:17:ca:4a:f8:14:69:e2:ff:b3:f9: 9f:64:ca:3c:51:4b:22:38:60:77:bd:c6:39:f3:8c:19:e0:d8: a9:01:b8:68:32:95:e2:5b:61:0a:5d:4f:3e:10:6f:16:02:17: 4c:a9:35:f4:65:b1:bb:d5:fb:1e:ca:48:b5:98:6d:98:25:c4: 88:46:de:cf:d2:cb:b2:60:e4:04:cb:bc:90:9c:6f:a7:ac:48: aa:e3:ce:cd:4b:ff:d1:0c:f6:fe:51:d9:d6:a1:24:fc:21:71: 9c:d6:12:3f:28:42:c6:14:b7:b4:53:1c:22:04:ab:19:13:30: 82:69:b6:21 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUI6GHkuv9Jzp6bQpnTOhGsxIrsLowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwNDA1M1oX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAYjQyNzljZmNjYmZmODRlMjJkNGEy M2RkNmNhNWNiZjZjMjc1YzZkMTIzZTMyMzQ2Yzc2NjRkNzg1NTM0MGQyODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCJsDdFjvydF9own53kpLotH4oAj OcIRUdLKDuKAEoM78NYjRMDJaSN/kDjLelNaxlyfyt0jkanCY+yDZx3lwdVcr7yf V2NbaZTWyDOMWzSThg4pPHNgC1RpqkcgNWw7ZgPDNd66XoUux1ghluzGWcbPykfj QdoYtZ684TiGc5tgeeSruTp65OZBDjFvfykBPzNol9+9qMc/9A+OaQ6oCfSN/pee JXZtpKYRX2T/SNl5cdoFGZ3+lOYSgEjw0AkDhp0xP4yKlfEPVxMFN0O/uBI/UMXW 2u3iszCQPNBIcsNtrlefoML+g2VIkwSQyCkv+OkTefO7MOBfyBEia+k5SwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPuTiJBkrVhfNjeGm0I8q04Z6BbrMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzYxYzBhMTY0LWRhOTMtNDI4YS1iYWUwLTM1ZDM0ZWM5MzU1NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaGgQwDQYJKoZIhvcNAQELBQADggEBAHONu0C3rFMXEPrGGWAs hKmaDNut38enmvnQHT0ndZ38R6TU3WwBzri+vK823XM2xeBdjYTVSxvClxk+rPzX P34oIdXS0qbURu/5Z0AQgh6IxDkgcHVCTkwkFCbmPgO+g9HTQ4e/VgRDCh3+I9Va CKHUmEkAOd+Sar6/N+mCyhKBkjewYlW8F8pK+BRp4v+z+Z9kyjxRSyI4YHe9xjnz jBng2KkBuGgyleJbYQpdTz4QbxYCF0ypNfRlsbvV+x7KSLWYbZglxIhG3s/Sy7Jg 5ATLvJCcb6esSKrjzs1L/9EM9v5R2dahJPwhcZzWEj8oQsYUt7RTHCIEqxkTMIJp tiE= -----END CERTIFICATE-----Generated at Tue Nov 18 08:23:54 2025 by rpki-client