$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a21dee66-37c0-469d-8b01-08b0f731a865.roa File: a21dee66-37c0-469d-8b01-08b0f731a865.roa (raw, json) Hash identifier: uZX5l9jq9Q6wU17VGvBYm0ePYEEavg0a0rfrpDdF5WA= Subject key identifier: 7F:B0:A6:43:BA:E2:ED:35:C1:81:A3:0F:23:2F:2F:F4:35:61:E0:3A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 79679D81E98FFF5DAF6EBE313B07F82AC00E50EF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a21dee66-37c0-469d-8b01-08b0f731a865.roa Signing time: Sun 09 Nov 2025 00:10:43 +0000 ROA not before: Sun 09 Nov 2025 00:10:43 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:67:9d:81:e9:8f:ff:5d:af:6e:be:31:3b:07:f8:2a:c0:0e:50:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:10:43 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=b3929ad2f1aee044f15a1a1ae13db23340cd9347e3bd7768dbdc3e85f177266c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:15:fc:02:c4:c6:56:f1:ea:5e:12:3d:35:fb: 3e:a6:65:a3:38:d7:56:30:f5:64:8c:f8:8f:45:be: 08:24:9e:b2:31:2c:75:3e:3c:86:3a:ca:ad:6e:18: 59:3c:cf:74:d3:3c:28:70:af:aa:8a:1f:db:6e:61: b7:43:a0:2f:2a:ba:41:de:48:19:1e:07:e8:4f:17: 54:05:e5:9e:c2:93:a8:92:1d:8d:7a:3e:ce:60:fa: 47:d3:a2:e8:04:a0:2c:b0:ab:1d:49:cd:65:39:39: 80:47:05:09:fc:58:46:1c:f2:9a:7d:63:ca:b0:9c: e2:31:59:9e:4f:9c:4f:33:d0:a4:48:a7:48:ae:e8: d7:a8:37:bb:66:76:42:a5:92:5f:f7:6f:7e:aa:fa: 69:58:c0:f8:31:9d:2e:bd:7a:5d:7b:19:db:88:cd: 72:1b:7b:2d:e9:24:d3:ed:97:96:13:7f:0d:76:71: 99:48:bf:6a:d7:de:10:52:eb:b1:88:13:e7:ac:65: e8:c9:67:31:8e:2d:79:6d:72:22:51:58:26:95:81: 49:0d:a5:b8:6c:f0:fa:52:a5:31:67:c8:22:f1:99: 85:27:6e:c1:75:fb:5c:2f:d8:f6:f4:5e:cf:2f:9e: bc:c3:d2:af:72:9a:03:a8:c0:84:d1:78:2f:a0:fd: 60:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:B0:A6:43:BA:E2:ED:35:C1:81:A3:0F:23:2F:2F:F4:35:61:E0:3A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a21dee66-37c0-469d-8b01-08b0f731a865.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:b000::/40 Signature Algorithm: sha256WithRSAEncryption 56:cf:57:69:1e:bd:25:b4:4b:9b:8b:e2:e7:35:31:58:28:5e: 42:c1:38:5f:d5:fe:e7:4e:94:c9:3c:1c:09:97:b4:be:5f:a3: ea:ff:e6:60:c7:76:38:1d:1e:7d:4c:0a:10:dc:3b:26:fa:be: 2a:a0:45:ff:ab:f6:3a:9b:c3:b0:b1:7b:d8:05:8d:a4:27:c7: 4c:8e:c8:b1:7f:0d:48:48:0a:99:00:62:f1:cc:ae:21:0c:76: 8e:a8:72:3e:e4:ca:f8:99:bc:4c:c2:50:d7:cc:6e:f1:c1:0b: f3:03:cd:18:90:0c:6c:d2:f7:f2:a1:91:be:3e:9d:6a:d6:8a: ca:08:56:22:04:57:22:e4:ae:cb:d0:79:07:a7:27:0d:55:80: 5c:dc:20:ea:8a:c8:12:28:9f:73:f8:d7:2d:bd:7a:b9:13:d0: 71:f0:e4:f6:52:e0:b4:40:dc:f2:42:c3:74:71:04:34:b2:f3: 3b:28:89:1a:61:44:51:98:d7:4f:3b:78:dc:47:10:9b:92:2c: b6:31:d0:61:a5:fe:fc:f7:eb:c3:01:b1:ea:d2:6a:8d:d6:b4: 1d:fe:b7:65:aa:86:59:87:99:8a:0d:a0:86:42:06:43:b0:d9: e1:76:29:1b:9e:4a:ae:e0:b2:ff:e6:ce:6b:de:9e:60:7c:bf: 51:5e:0a:ac -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeWedgemP/12vbr4xOwf4KsAOUO8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwMTA0M1oX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAYjM5MjlhZDJmMWFlZTA0NGYxNWEx YTFhZTEzZGIyMzM0MGNkOTM0N2UzYmQ3NzY4ZGJkYzNlODVmMTc3MjY2YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRX8AsTGVvHqXhI9Nfs+pmWjONdW MPVkjPiPRb4IJJ6yMSx1PjyGOsqtbhhZPM900zwocK+qih/bbmG3Q6AvKrpB3kgZ HgfoTxdUBeWewpOokh2Nej7OYPpH06LoBKAssKsdSc1lOTmARwUJ/FhGHPKafWPK sJziMVmeT5xPM9CkSKdIrujXqDe7ZnZCpZJf929+qvppWMD4MZ0uvXpdexnbiM1y G3st6STT7ZeWE38NdnGZSL9q194QUuuxiBPnrGXoyWcxji15bXIiUVgmlYFJDaW4 bPD6UqUxZ8gi8ZmFJ27BdftcL9j29F7PL568w9KvcpoDqMCE0XgvoP1goQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFH+wpkO64u01wYGjDyMvL/Q1YeA6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EyMWRlZTY2LTM3YzAtNDY5ZC04YjAxLTA4YjBmNzMxYTg2NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNrAwDQYJKoZIhvcNAQELBQADggEBAFbPV2kevSW0S5uL4uc1 MVgoXkLBOF/V/udOlMk8HAmXtL5fo+r/5mDHdjgdHn1MChDcOyb6viqgRf+r9jqb w7Cxe9gFjaQnx0yOyLF/DUhICpkAYvHMriEMdo6ocj7kyviZvEzCUNfMbvHBC/MD zRiQDGzS9/Khkb4+nWrWisoIViIEVyLkrsvQeQenJw1VgFzcIOqKyBIon3P41y29 erkT0HHw5PZS4LRA3PJCw3RxBDSy8zsoiRphRFGY1087eNxHEJuSLLYx0GGl/vz3 68MBserSao3WtB3+t2WqhlmHmYoNoIZCBkOw2eF2KRueSq7gsv/mzmvenmB8v1Fe Cqw= -----END CERTIFICATE-----Generated at Tue Nov 18 10:39:28 2025 by rpki-client