$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a75b2a7-15e5-4501-aaaf-4737a678d996.roa File: 4a75b2a7-15e5-4501-aaaf-4737a678d996.roa (raw, json) Hash identifier: mwfT7yj5crkMtT79OH8YDnSOPakmG9zum9kRpATrh8k= Subject key identifier: 23:C5:DD:41:55:8D:1A:5D:3B:99:6E:2E:34:F0:A3:8A:4B:F6:AF:2E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5F207C9FBED4D060A1B035F6E2E2AAFCAC92E89A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a75b2a7-15e5-4501-aaaf-4737a678d996.roa Signing time: Tue 11 Nov 2025 00:00:37 +0000 ROA not before: Tue 11 Nov 2025 00:00:37 +0000 ROA not after: Tue 16 Dec 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 15 Nov 2025 00:10:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:20:7c:9f:be:d4:d0:60:a1:b0:35:f6:e2:e2:aa:fc:ac:92:e8:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 11 00:00:37 2025 GMT Not After : Dec 16 23:59:59 2025 GMT Subject: serialNumber=5a64e35b1a34e3a6f5cc92c0f98f767ee4a7f58b6bfd55d87033da85c6345766, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:eb:89:bb:96:1e:8b:d2:a2:1c:30:0f:89:b2: e9:8c:70:49:68:0b:f1:ba:84:a3:4f:2f:a5:c8:c5: ca:df:97:0b:84:ea:2a:1f:94:32:25:79:4f:e8:f9: ac:85:3b:52:4d:b0:0d:b9:bf:d9:9f:53:55:02:6c: 89:b0:52:b3:89:f0:35:e3:07:e4:65:35:65:26:64: dd:f8:9e:0f:b0:ea:14:63:c9:14:bf:0c:54:f1:90: 5d:5f:89:bf:f5:d7:e5:65:53:42:c1:54:9b:15:2c: 84:99:52:c0:e4:a9:bb:be:33:4d:4c:77:f5:4f:62: 08:ed:b8:21:b2:00:f3:73:cf:7b:cd:22:8d:71:4d: cd:c5:c5:fa:92:d6:3f:f4:53:63:58:3b:94:f5:26: 3e:92:b2:2a:9a:74:26:4a:5f:fe:d3:62:01:50:ab: f6:f7:e3:26:ad:6a:bd:a3:dd:dc:29:1d:c0:38:47: 6e:10:9a:97:85:29:83:75:89:c2:f4:e7:50:0e:b9: 48:60:5a:e8:1c:c0:12:77:cc:c5:eb:90:b6:1d:94: b7:99:e3:4c:4b:eb:55:eb:2a:7c:ea:50:69:8e:82: be:3d:42:5f:a6:e1:df:1e:21:37:2a:d2:a5:a3:6b: 86:e7:ce:e0:23:fd:d8:95:32:85:3e:7a:cb:31:d2: 44:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:C5:DD:41:55:8D:1A:5D:3B:99:6E:2E:34:F0:A3:8A:4B:F6:AF:2E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a75b2a7-15e5-4501-aaaf-4737a678d996.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:7000::/40 Signature Algorithm: sha256WithRSAEncryption 1b:2f:2b:02:77:a0:34:c9:a4:13:79:08:13:8a:1d:74:36:34: df:f7:67:31:fd:ff:ef:83:07:7c:c2:d2:43:50:55:c3:e1:4e: ba:37:32:0f:26:a0:52:ca:3c:d4:23:be:31:e1:22:7b:a8:e9: b3:7a:1b:63:f7:6d:73:d3:32:3c:a8:c5:94:7b:61:76:1b:ab: 0e:8d:ef:8a:ca:44:02:1b:2e:68:db:2b:94:da:74:cd:ac:15: 00:3d:e9:74:b6:f8:f0:7e:e4:91:66:ae:89:e4:30:8d:df:7a: eb:02:f2:79:71:21:cb:d5:c6:b0:20:58:e3:34:4d:c3:db:a8: af:0c:9a:c1:54:bc:0d:57:6f:27:72:83:4f:93:04:7b:1d:3b: 02:1c:2d:bd:4f:dd:20:06:47:6a:43:5e:9d:7b:39:76:56:32: 62:b8:74:ff:5c:08:20:04:cc:c6:cb:8f:1c:9a:87:90:f7:ce: fe:2d:01:8b:e5:aa:c4:5a:48:27:af:d6:97:8f:50:df:fc:dd: 89:7e:08:58:f4:0a:2d:94:55:83:d0:9e:0f:19:e2:cc:9e:b0: bd:aa:18:79:d0:07:c1:95:26:d1:90:a9:23:45:34:81:2c:2d: 7a:a8:46:57:6f:ab:37:ae:5e:a1:4f:d6:c5:e9:d4:ca:4b:98: 8f:42:b6:47 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXyB8n77U0GChsDX24uKq/KyS6JowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MTExMTAwMDAzN1oX DTI1MTIxNjIzNTk1OVowejFJMEcGA1UEBRNANWE2NGUzNWIxYTM0ZTNhNmY1Y2M5 MmMwZjk4Zjc2N2VlNGE3ZjU4YjZiZmQ1NWQ4NzAzM2RhODVjNjM0NTc2NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuuJu5Yei9KiHDAPibLpjHBJaAvx uoSjTy+lyMXK35cLhOoqH5QyJXlP6PmshTtSTbANub/Zn1NVAmyJsFKzifA14wfk ZTVlJmTd+J4PsOoUY8kUvwxU8ZBdX4m/9dflZVNCwVSbFSyEmVLA5Km7vjNNTHf1 T2II7bghsgDzc897zSKNcU3NxcX6ktY/9FNjWDuU9SY+krIqmnQmSl/+02IBUKv2 9+MmrWq9o93cKR3AOEduEJqXhSmDdYnC9OdQDrlIYFroHMASd8zF65C2HZS3meNM S+tV6yp86lBpjoK+PUJfpuHfHiE3KtKlo2uG587gI/3YlTKFPnrLMdJE3QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCPF3UFVjRpdO5luLjTwo4pL9q8uMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRhNzViMmE3LTE1ZTUtNDUwMS1hYWFmLTQ3MzdhNjc4ZDk5Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaHAwDQYJKoZIhvcNAQELBQADggEBABsvKwJ3oDTJpBN5CBOK HXQ2NN/3ZzH9/++DB3zC0kNQVcPhTro3Mg8moFLKPNQjvjHhInuo6bN6G2P3bXPT MjyoxZR7YXYbqw6N74rKRAIbLmjbK5TadM2sFQA96XS2+PB+5JFmronkMI3feusC 8nlxIcvVxrAgWOM0TcPbqK8MmsFUvA1Xbydyg0+TBHsdOwIcLb1P3SAGR2pDXp17 OXZWMmK4dP9cCCAEzMbLjxyah5D3zv4tAYvlqsRaSCev1pePUN/83Yl+CFj0Ci2U VYPQng8Z4syesL2qGHnQB8GVJtGQqSNFNIEsLXqoRldvqzeuXqFP1sXp1MpLmI9C tkc= -----END CERTIFICATE-----Generated at Tue Nov 11 10:23:46 2025 by rpki-client