$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0276322-5c62-450c-9379-22ba77895050.roa File: c0276322-5c62-450c-9379-22ba77895050.roa (raw, json) Hash identifier: zWdGE748fOpfKXLv7ci8eDLfBWCqz4qMb0FOkE17QkY= Subject key identifier: E5:05:BE:8B:E7:9D:66:71:BB:34:0B:06:19:34:B9:7D:6F:96:88:73 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 38DD4BF05DCC1F7486A7CC72E4EEC4B9556EC66D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0276322-5c62-450c-9379-22ba77895050.roa Signing time: Sun 09 Nov 2025 00:10:46 +0000 ROA not before: Sun 09 Nov 2025 00:10:46 +0000 ROA not after: Sun 14 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1f::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Nov 2025 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:dd:4b:f0:5d:cc:1f:74:86:a7:cc:72:e4:ee:c4:b9:55:6e:c6:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 9 00:10:46 2025 GMT Not After : Dec 14 23:59:59 2025 GMT Subject: serialNumber=ca1c768a932ed1de297008b1d240fda4a116a65e5f2e44a2f284f517f3d83c63, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:25:bf:32:61:78:bc:b5:ab:fc:a6:75:af:ba: 4f:62:d0:2f:75:04:dc:5e:20:62:b0:68:2d:bc:fe: 28:9b:17:5f:3d:c3:e1:de:c9:e1:17:d6:23:8a:64: a6:48:63:d2:bf:f8:19:5b:0e:5c:f2:b9:70:c8:b1: 8a:e4:f7:5d:4a:4d:ac:4d:9e:2d:2c:8b:9c:ae:fc: ac:66:e4:d4:64:4c:16:d0:77:ae:0c:bd:8d:f2:ac: f0:e0:e8:61:2d:50:b1:a4:4c:b7:3f:e1:c3:17:d8: 65:f6:64:d1:bd:fe:77:18:e0:76:b5:17:a8:56:ee: b2:f1:7c:ea:1b:2f:19:f2:cc:87:29:b2:2f:d8:44: ed:d9:bc:40:92:43:d1:0c:9e:4f:69:d7:55:54:32: 5d:a2:fd:20:5b:59:36:d5:f5:95:b9:0c:e8:00:24: 0f:27:42:89:0d:51:61:b3:6b:f4:69:55:3e:0e:9e: 69:d2:b1:9b:32:04:33:b6:5e:21:92:8c:95:ea:4c: 48:f1:1d:3a:63:45:ba:28:74:e3:50:a4:1d:94:3a: f4:85:87:7d:84:b8:17:be:83:35:5b:d5:84:bc:a6: e1:42:e2:ad:3a:56:9c:21:22:e7:f0:58:8c:13:93: 01:10:7d:50:ec:76:ec:93:7d:8e:46:c3:87:75:b9: e3:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:05:BE:8B:E7:9D:66:71:BB:34:0B:06:19:34:B9:7D:6F:96:88:73 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0276322-5c62-450c-9379-22ba77895050.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1f::/38 Signature Algorithm: sha256WithRSAEncryption a9:96:c2:b2:97:73:e9:2f:00:ef:7a:8b:ff:a9:eb:3b:b5:2f: 42:b5:57:89:18:da:72:7b:f1:c6:52:c8:44:61:00:ec:6f:b1: e9:bd:d3:03:95:ab:9b:2f:87:27:93:0e:ca:f0:ac:be:ca:e2: 78:e2:cd:8b:76:5b:c1:34:98:5b:de:79:a7:89:b4:7c:40:24: 80:a2:da:c4:d9:72:5e:b1:18:ea:f3:fd:f5:ed:3e:f4:23:aa: 79:c9:c0:bd:10:e9:5b:07:df:10:35:c0:75:ea:ae:38:56:35: 0d:7b:07:62:ec:6d:a0:90:4b:62:60:74:ba:72:69:ac:a4:d5: 9e:e8:61:05:07:12:b0:a1:62:ff:3c:9d:53:01:ee:02:9a:9f: c9:c3:71:13:fb:36:08:79:85:94:4e:73:6c:e5:c6:01:1d:73: 98:f7:92:17:c3:60:6a:96:24:c4:36:32:0e:8d:d8:bf:f0:59: de:f8:b7:dc:67:85:05:fa:df:7b:e5:6e:da:90:28:78:fb:1b: 34:23:9c:42:58:c3:79:64:3d:a9:b0:7f:8d:9c:84:04:c4:68: 4f:aa:c7:eb:d3:11:74:bf:ac:ce:38:0e:1e:60:bc:f2:ba:55: e5:5a:aa:fe:a2:51:ac:5b:fa:a0:60:e3:a5:01:65:82:3c:41: fb:19:a1:1c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUON1L8F3MH3SGp8xy5O7EuVVuxm0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTEwOTAwMTA0NloX DTI1MTIxNDIzNTk1OVowejFJMEcGA1UEBRNAY2ExYzc2OGE5MzJlZDFkZTI5NzAw OGIxZDI0MGZkYTRhMTE2YTY1ZTVmMmU0NGEyZjI4NGY1MTdmM2Q4M2M2MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCW/MmF4vLWr/KZ1r7pPYtAvdQTc XiBisGgtvP4omxdfPcPh3snhF9YjimSmSGPSv/gZWw5c8rlwyLGK5PddSk2sTZ4t LIucrvysZuTUZEwW0HeuDL2N8qzw4OhhLVCxpEy3P+HDF9hl9mTRvf53GOB2tReo Vu6y8XzqGy8Z8syHKbIv2ETt2bxAkkPRDJ5PaddVVDJdov0gW1k21fWVuQzoACQP J0KJDVFhs2v0aVU+Dp5p0rGbMgQztl4hkoyV6kxI8R06Y0W6KHTjUKQdlDr0hYd9 hLgXvoM1W9WEvKbhQuKtOlacISLn8FiME5MBEH1Q7Hbsk32ORsOHdbnjfwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOUFvovnnWZxuzQLBhk0uX1vlohzMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MwMjc2MzIyLTVjNjItNDUwYy05Mzc5LTIyYmE3Nzg5NTA1MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaHwAwDQYJKoZIhvcNAQELBQADggEBAKmWwrKXc+kvAO96i/+p 6zu1L0K1V4kY2nJ78cZSyERhAOxvsem90wOVq5svhyeTDsrwrL7K4njizYt2W8E0 mFveeaeJtHxAJICi2sTZcl6xGOrz/fXtPvQjqnnJwL0Q6VsH3xA1wHXqrjhWNQ17 B2LsbaCQS2JgdLpyaayk1Z7oYQUHErChYv88nVMB7gKan8nDcRP7Ngh5hZROc2zl xgEdc5j3khfDYGqWJMQ2Mg6N2L/wWd74t9xnhQX633vlbtqQKHj7GzQjnEJYw3lk Pamwf42chATEaE+qx+vTEXS/rM44Dh5gvPK6VeVaqv6iUaxb+qBg46UBZYI8QfsZ oRw= -----END CERTIFICATE-----Generated at Tue Nov 18 05:41:04 2025 by rpki-client