$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/81172d75-5a52-4f36-88ec-3f25283c8dba.roa File: 81172d75-5a52-4f36-88ec-3f25283c8dba.roa (raw, json) Hash identifier: kDIikENJszZitNRwdWBCyLUSh/fFMbUPtxMSNIhi3g4= Subject key identifier: 48:19:9B:BE:8E:96:4A:D6:57:CF:1B:17:71:35:FB:5C:6B:CB:51:58 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 43C70B4C285D0C965B97B7EA57A43EE94947BFDC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/81172d75-5a52-4f36-88ec-3f25283c8dba.roa Signing time: Fri 07 Nov 2025 00:30:45 +0000 ROA not before: Fri 07 Nov 2025 00:30:45 +0000 ROA not after: Fri 12 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:8800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:c7:0b:4c:28:5d:0c:96:5b:97:b7:ea:57:a4:3e:e9:49:47:bf:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 7 00:30:45 2025 GMT Not After : Dec 12 23:59:59 2025 GMT Subject: serialNumber=b1da12474ac1dd9553b38a9846e7e5f617a4e124cbbc1debb94788e8433b54f3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:fc:3b:b9:5b:61:d6:7a:67:e1:fe:d4:06:0d: da:6a:23:c1:d0:e0:ae:89:74:b2:b8:81:a1:f2:10: 40:cd:ab:35:46:84:d0:5f:4a:a2:02:2a:0d:a4:35: 4d:e0:2f:e1:b1:54:45:37:33:c3:f4:37:98:08:28: ee:f1:28:ff:b9:0c:dd:97:d2:d3:76:54:fe:ea:c5: f5:87:92:a6:d0:c7:af:dc:2e:a2:6b:89:de:ce:0e: b5:76:d2:31:bd:64:e8:7c:24:74:ef:7a:7a:0e:7e: 2d:42:83:e6:61:8e:c5:17:fc:4f:e7:e4:52:d9:e6: 8e:ed:60:dc:26:ff:b2:c1:6a:b4:f4:ac:7f:0c:40: 5b:bb:b9:55:2c:9e:83:2b:66:80:88:4f:54:ae:de: 68:80:ef:f1:c3:3b:60:86:7a:88:c6:66:ac:07:f7: 4f:c9:76:fe:bc:b0:8b:07:af:54:71:d7:b8:e0:37: cf:08:91:c2:23:14:ee:fc:74:d1:ad:cf:f7:b0:d7: 27:6d:ff:eb:b2:8c:9d:1e:2b:3e:fd:b5:c2:05:e6: 34:ce:9b:8f:2d:ea:1c:a3:3b:f0:62:da:b0:d6:bd: aa:f6:2a:dc:46:1f:8c:b9:9b:c7:48:a7:9a:e3:d7: c8:c1:ac:33:f5:eb:66:2d:c3:03:df:ba:72:a0:a9: 13:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:19:9B:BE:8E:96:4A:D6:57:CF:1B:17:71:35:FB:5C:6B:CB:51:58 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/81172d75-5a52-4f36-88ec-3f25283c8dba.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:8800::/40 Signature Algorithm: sha256WithRSAEncryption a9:d7:2b:39:e3:3c:09:82:3d:5b:48:ff:10:32:9a:7e:dd:d7: 22:90:bf:2a:94:f2:aa:d8:45:2d:02:38:37:e2:13:ce:c4:a3: a9:2c:b1:0d:5a:45:9a:1e:69:43:18:b0:07:2c:80:7b:c2:25: f6:e2:79:b4:e6:a7:e1:6f:74:86:e9:f8:48:f2:2a:6e:93:c0: 4d:af:05:1b:bf:0d:af:94:a9:01:d7:f1:04:91:f7:d2:b3:ce: b0:be:af:ab:84:e1:8d:da:99:ab:c6:35:88:87:2f:3b:23:ac: eb:ed:af:87:b2:7e:c8:b3:5b:41:cc:88:f4:13:1c:88:80:c0: 98:d0:42:08:b0:1a:1c:dd:b5:44:9f:14:9a:b7:ca:c2:37:0c: fd:6e:9b:af:2c:e5:a5:ec:6c:b9:82:4b:f1:bd:9e:15:c7:22: 2f:a3:75:fe:69:47:69:a0:fc:6c:8c:c3:db:9f:a7:31:71:4e: bc:20:96:09:0e:bc:ca:22:29:81:05:f7:72:1d:b1:f1:69:f8: c1:da:ea:92:e5:35:fa:92:4c:b2:24:5f:36:f4:ba:2b:95:71: 0b:1c:cb:a2:1c:ed:13:6e:cb:8f:dc:61:4d:4f:70:98:b7:69: b6:a3:f1:b4:23:66:5f:b4:0a:12:3c:9e:ca:36:5e:cb:44:0f: 9f:79:9a:21 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQ8cLTChdDJZbl7fqV6Q+6UlHv9wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNzAwMzA0NVoX DTI1MTIxMjIzNTk1OVowejFJMEcGA1UEBRNAYjFkYTEyNDc0YWMxZGQ5NTUzYjM4 YTk4NDZlN2U1ZjYxN2E0ZTEyNGNiYmMxZGViYjk0Nzg4ZTg0MzNiNTRmMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvw7uVth1npn4f7UBg3aaiPB0OCu iXSyuIGh8hBAzas1RoTQX0qiAioNpDVN4C/hsVRFNzPD9DeYCCju8Sj/uQzdl9LT dlT+6sX1h5Km0Mev3C6ia4nezg61dtIxvWTofCR073p6Dn4tQoPmYY7FF/xP5+RS 2eaO7WDcJv+ywWq09Kx/DEBbu7lVLJ6DK2aAiE9Urt5ogO/xwztghnqIxmasB/dP yXb+vLCLB69Ucde44DfPCJHCIxTu/HTRrc/3sNcnbf/rsoydHis+/bXCBeY0zpuP LeocozvwYtqw1r2q9ircRh+MuZvHSKea49fIwawz9etmLcMD37pyoKkT5QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEgZm76OlkrWV88bF3E1+1xry1FYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzgxMTcyZDc1LTVhNTItNGYzNi04OGVjLTNmMjUyODNjOGRiYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYYgwDQYJKoZIhvcNAQELBQADggEBAKnXKznjPAmCPVtI/xAy mn7d1yKQvyqU8qrYRS0CODfiE87Eo6kssQ1aRZoeaUMYsAcsgHvCJfbiebTmp+Fv dIbp+EjyKm6TwE2vBRu/Da+UqQHX8QSR99KzzrC+r6uE4Y3amavGNYiHLzsjrOvt r4eyfsizW0HMiPQTHIiAwJjQQgiwGhzdtUSfFJq3ysI3DP1um68s5aXsbLmCS/G9 nhXHIi+jdf5pR2mg/GyMw9ufpzFxTrwglgkOvMoiKYEF93IdsfFp+MHa6pLlNfqS TLIkXzb0uiuVcQscy6Ic7RNuy4/cYU1PcJi3abaj8bQjZl+0ChI8nso2XstED595 miE= -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:38 2025 by rpki-client