$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/84ce14d5-7bf8-4610-8dae-0f2ea4ce82be.roa File: 84ce14d5-7bf8-4610-8dae-0f2ea4ce82be.roa (raw, json) Hash identifier: PxuuDGXGwv3g2m7Y/dDPswc0ZA0jrlCi5X6n/cf3D4A= Subject key identifier: AA:64:3B:A0:9A:E6:0D:F2:4B:9D:6C:86:9F:73:36:FD:A2:F6:BC:F4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5E963C7A1BD4C946E584887E00AE9CC452E82625 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/84ce14d5-7bf8-4610-8dae-0f2ea4ce82be.roa Signing time: Fri 07 Nov 2025 00:41:02 +0000 ROA not before: Fri 07 Nov 2025 00:41:02 +0000 ROA not after: Fri 12 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:80c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:96:3c:7a:1b:d4:c9:46:e5:84:88:7e:00:ae:9c:c4:52:e8:26:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 7 00:41:02 2025 GMT Not After : Dec 12 23:59:59 2025 GMT Subject: serialNumber=f309bc5370541c40470821f7c17d3435f1e36b9d928d452bcc5ea38c8ca1a484, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:64:43:36:a7:4c:e2:25:11:f0:47:33:4a:f8: c3:9d:c6:32:37:34:c4:89:27:44:9e:81:af:fd:ba: 2d:93:94:b3:29:f1:ce:2e:9f:cc:71:47:24:4b:c0: 33:70:75:8c:e4:84:a4:35:ef:16:b9:af:37:3c:4e: 06:7e:de:20:15:76:5c:75:98:a8:cd:28:f6:6f:d7: 34:d6:a2:47:a4:26:56:9d:97:9b:a5:27:10:df:14: f4:b6:4e:cc:32:31:f0:67:74:24:27:91:57:d5:13: 88:9a:16:cb:ad:52:c3:4b:c5:9e:c3:b8:2f:3a:eb: 87:df:4c:93:6d:9b:92:6d:f3:08:34:61:2e:00:26: 0d:7e:a2:75:a9:39:d0:75:fb:16:f8:c4:45:e1:2d: 2a:8e:fb:96:5a:e4:20:69:f8:3f:0c:d8:2c:20:e0: f8:4f:7e:88:48:bc:56:72:80:af:1a:fe:0e:65:49: 66:3e:3a:55:34:b4:24:f8:07:a4:0b:91:89:3b:81: 5d:6d:ac:06:d3:0c:39:6d:12:6a:9c:5b:2c:bd:7a: ab:a1:f1:d6:88:25:6d:02:8d:ec:e1:50:c9:0f:6c: ed:7a:b4:85:4d:a8:63:4b:3c:27:7a:5d:8d:53:33: 03:e2:da:46:75:00:79:3e:70:6a:ec:f8:2c:80:c9: ef:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:64:3B:A0:9A:E6:0D:F2:4B:9D:6C:86:9F:73:36:FD:A2:F6:BC:F4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/84ce14d5-7bf8-4610-8dae-0f2ea4ce82be.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:80c0::/48 Signature Algorithm: sha256WithRSAEncryption 48:8a:2f:a8:36:1c:36:b6:e9:db:dd:35:4d:9f:df:b1:ff:92: 2a:c1:c1:11:6a:0c:cf:13:8a:99:34:4a:95:b7:b2:c4:10:75: 18:61:f6:d2:6b:87:45:a1:ef:1e:12:85:51:16:85:ba:c8:00: 05:79:34:a4:73:d6:40:c7:b3:ae:e5:a6:99:be:a5:e8:69:48: a5:79:56:ce:6e:6d:6a:85:3a:29:3f:73:d1:50:20:cb:2d:76: 8a:76:92:65:99:17:50:5c:fa:ba:d0:8d:db:0f:6a:3f:aa:77: e8:07:73:61:f1:cb:aa:1e:a8:6c:94:8b:aa:66:99:5e:70:6a: a7:9e:77:88:b4:c3:9d:fe:30:61:31:f0:aa:52:da:34:e1:05: 24:7a:20:10:4e:de:8d:ed:49:8b:d9:84:28:2c:51:5d:c7:99: 8a:90:e2:ea:9b:69:35:5e:92:16:0e:d6:39:e2:44:4b:d5:92: 10:0d:01:8c:4f:70:ae:e5:b2:7e:ba:24:c0:72:3a:5a:ce:d9: 57:d4:ed:b7:1a:6a:9e:45:24:c9:60:fe:38:80:d6:e7:3d:16: 98:87:94:c3:0f:f9:01:8f:b3:9a:e2:b3:2f:b8:72:71:e6:ae: 28:72:a6:cd:0c:c4:ba:52:cf:3a:56:2a:b0:50:9b:fc:53:f8: 0a:d5:a0:8b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUXpY8ehvUyUblhIh+AK6cxFLoJiUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwNzAwNDEwMloX DTI1MTIxMjIzNTk1OVowejFJMEcGA1UEBRNAZjMwOWJjNTM3MDU0MWM0MDQ3MDgy MWY3YzE3ZDM0MzVmMWUzNmI5ZDkyOGQ0NTJiY2M1ZWEzOGM4Y2ExYTQ4NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWRDNqdM4iUR8EczSvjDncYyNzTE iSdEnoGv/botk5SzKfHOLp/McUckS8AzcHWM5ISkNe8Wua83PE4Gft4gFXZcdZio zSj2b9c01qJHpCZWnZebpScQ3xT0tk7MMjHwZ3QkJ5FX1ROImhbLrVLDS8Wew7gv OuuH30yTbZuSbfMINGEuACYNfqJ1qTnQdfsW+MRF4S0qjvuWWuQgafg/DNgsIOD4 T36ISLxWcoCvGv4OZUlmPjpVNLQk+AekC5GJO4FdbawG0ww5bRJqnFssvXqrofHW iCVtAo3s4VDJD2zterSFTahjSzwnel2NUzMD4tpGdQB5PnBq7PgsgMnvmwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKpkO6Ca5g3yS51shp9zNv2i9rz0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg0Y2UxNGQ1LTdiZjgtNDYxMC04ZGFlLTBmMmVhNGNlODJiZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8oDAMA0GCSqGSIb3DQEBCwUAA4IBAQBIii+oNhw2tunb3TVN n9+x/5IqwcERagzPE4qZNEqVt7LEEHUYYfbSa4dFoe8eEoVRFoW6yAAFeTSkc9ZA x7Ou5aaZvqXoaUileVbObm1qhTopP3PRUCDLLXaKdpJlmRdQXPq60I3bD2o/qnfo B3Nh8cuqHqhslIuqZplecGqnnneItMOd/jBhMfCqUto04QUkeiAQTt6N7UmL2YQo LFFdx5mKkOLqm2k1XpIWDtY54kRL1ZIQDQGMT3Cu5bJ+uiTAcjpaztlX1O23Gmqe RSTJYP44gNbnPRaYh5TDD/kBj7Oa4rMvuHJx5q4ocqbNDMS6Us86ViqwUJv8U/gK 1aCL -----END CERTIFICATE-----Generated at Tue Nov 18 09:37:11 2025 by rpki-client